Cryptocurrency exchanges are platforms that allow you to buy and sell cryptocurrencies, such as Bitcoin. When you buy cryptocurrency, it’s stored in a digital wallet. Most cryptocurrency exchanges require that you use an additional authentication method, such as a recovery phrase, to access your wallet. Cybercriminals use social engineering to try to bypass this added authentication and steal your currency.
In a new scam, cybercriminals send you an email pretending to be a cryptocurrency exchange representative. This email states that you need to provide information to receive a refund due to an issue with your account. To receive this refund, this email asks you to click a link and enter your recovery phrase. If you click the link and provide this information, cybercriminals can use it to reset your password and prevent you from accessing your account. Then, they can transfer your currency to their own accounts.
Follow the tips below to stay safe from similar scams:
- Always be cautious of unexpected emails. While this attack targets cryptocurrency wallets, similar emails could be used to gain access to any account that uses additional authentication methods.
- Watch out for messages that offer refunds or special promotions that seem too good to be true. Phishing attacks rely on impulsive actions, so always think before you click.
Never provide sensitive information through email. If you receive an email claiming that you have an account issue, always log in to the organization’s website directly to verify the claim.
Stop, Look, and Think. Don’t be fooled.
Protect your network! Learn more about security awareness training for your team.
