Because cryptocurrency is accessible, easily verifiable, and publicly documented in the blockchain, it's become the cybercriminals' currency of choice and a major player in recent phishing and cyber-extortion activities. Learn how to protect your organization.
Cryptocurrency is accessible, easily verifiable, and publicly documented in the blockchain. For these reasons, it has become the cybercriminals' currency of choice and a major player in recent phishing and cyber-extortion activities.
Researchers analyzing phishing and business email compromise incidents between October 2020 and May 2021 identified that attacks related to cryptocurrency were on the rise - particularly around the time that certain organizations announced that they would start accepting Bitcoin payments and interest in crypto soared. The growing interest in cryptocurrency's potential to make an investor rich has allowed cybercriminals to exploit the trend and prey on people's lack of knowledge about this relatively new form of currency.
In the past, crypto-related attacks were mainly linked to extortion and ransomware attacks. However, threat actors have started to incorporate cryptocurrency into email threats, specifically impersonation, business email compromise attacks, and spear phishing impersonation. Here are some of the most common types of crypto-related scams to look out for:
In crypto-related ransomware attacks, cybercriminals steal credentials and lock the organization's data with encryption until a ransom paid in Bitcoin is met. These attacks have been on the rise since early 2020, with ransom payments increasing by 60% and Bitcoin accounting for almost 98% of ransom payments.
Bitcoin blackmail is a type of extortion where the perpetrator threatens to release stolen or sensitive data unless a ransom is paid in crypto. In most Bitcoin blackmail cases, targets receive an email claiming their computers have been hacked and their webcams were taken control of to record videos of them in private. If you don't send funds to their Bitcoin account, the attacker will threaten to distribute your compromising videos to family, friends, and colleagues.
Bitcoin sextortion scams
Sextortion scams are phishing attacks threatening the victim that they will release videos of them visiting adult websites or performing sexual acts that were captured by remotely turning on their webcam. The cybercriminal coerces the victim into paying a Bitcoin ransom. To make the scam more believable, the attacker may provide private information about the victim or go into the technical detail of how they captured the video proof, including the name of the adult sites visited.
Cyber incident response planning for crypto-related attacks
Experts advise targets never to pay the ransom as most incidents involve threat actors bluffing that they have compromised your private computer and accessed your webcam. However, it's hard to tell if the attacker got your email from a data breach and may also have access to your other confidential data.
If your organization fears it can't take any risks and may have no choice but to pay the ransom, your best defense is to fortify your email security. Remember, Bitcoin blackmailers and sextortion scammers often use spoofed email addresses and get the email addresses of their targets from data breaches. Therefore, preventing email threats from reaching your inbox is as critical to avoid scams related to crypto as defending your organization from a data breach.
To learn more about what organizations can do before, during, and after a crypto-related email threat, contact us for a robust email security solution with a high operationalisation level.