Showing posts with label crypto scam. Show all posts
Showing posts with label crypto scam. Show all posts

Coronavirus Has More People At Home, Online, And Targeted By Crypto Scammers...

Coronavirus Crypto
The coronavirus situation has more people at home, meaning more targets for scammers.

You know how it goes, if you're in crypto circles on Twitter there's no way you haven't seen it dozens of times before - "Send in $100 worth of <whatever coin> and recieve 10X that amount back!" coming from accounts that look like those of CoinBase, Vitalik, CZ, even Elon Musk famously had to speak up because so many scammers pretended to be him doing an ETH giveaway.

Sadly, when we covered the story of Elon Musk we discovered the scammers wallet address had a shocking  $179,284 worth of ETH sitting in it.

Just out of curiosity, within the last 3 months I checked the wallet addresses given out by scammers on Twitter a couple times - both were empty, it seems Twitter was drying up for scammers.  They needed something new, and it seems they found it.

Old scam finds new victims at YouTube...

YouTube gives live streams priority on search results, so there's a good chance you'll see these scams running right now by searching for bitcoin, cryptocurrency, etc. This also sends newbies searching for videos to learn more about crypto right into scammers hands.

Here they’re able to add one extra twist that makes things a bit more believable - when you click on the live stream you'll see a real (old, recorded) interview with a well known crypto personality, and text on the screen makes victims think they just missed the announcement of a giveway.

Here's some streams that were live at the time of writing this: 

Featuring Binance CEO, CZ
  
crypto scam on youtube with Vitalik Buterin
Vitalik Buterin streaming from a fake Ethereum Foundation account.

Crypto scam with Ripple's CEO Bradley Garlinghouse
Ripple's CEO Brad Garlinghouse
Fake Satoshi... fake giveaway.


There's a good chance they're using bots to inflate the numbers, but seeing 1000-10,000 people 'watching now' adds even another layer of believeability.

What can we do about it?

Typically, articles like this need to end with some rambling where I tell people to 'be smart' and to verify things before they do it, etc. 

But let's be honest here, the scam makes no sense from the start, no matter how flashy the packaging. It's not like they're saying it's a lotto and they need to send money to get their ticket for a chance to win - they say everyone who sends money will get more money back. If everyone gets free money there's no logical reason why that requires anyone sending anything.

The people falling for this are the kind who have to learn the hard way.  The only advice I can give is to warn any friends who fit this description.

-------
Author: Ross Davis
E-Mail: Ross@GlobalCryptoPress.com Twitter:@RossFM

San Francisco News Desk




Crypto Thief Arrested in US After Stealing $1M+ From 75 Victims in 20 States...

Crypto news
While mainstream media reports are making this kid sound like a mastermind, the truth is, this trick takes virtually no skills whatsoever.

That's why it's so disturbing.

19 year old Yousef Selassie was arrested and charged with first-degree grand larceny and identity theft when authorities traced 75 victims back to him as he began to spend his earnings.

“He sought them out based on the industries they were involved in” said Brooklyn Assistant DA James Vinocur, explaining how Yousef targeted people in tech believing they were more likely to own high amounts of cryptocurrency.

A search of his residents found 9 phones, 3 flash drives, and 2 laptops - all containing evidence against him.  He plead not guilty.

Shockingly simple...

Authorities say he used a "SIM swap" to pull it off, and when you hear how easily this is done, it will shock you.
  • Get a blank SIM card (available on Ebay and hundreds of other sites) 
  • Put it into a cellphone.
  • Call the target's cellphone provider.
  • Pretending to be the target or someone close to them, say you recently lost your phone, you ordered a new one, and need it activated.
  • They will ask for the SIM card's ID number.
  • If everything went correctly, your phone is now on the victims account, you control their phone number, you receive their calls and texts.
  • Using the 'I lost my password' feature everything from crypto exchanges to online banking has, have them text a code to reset it.
  • Since the text messages now go to you, you're now able to reset the passwords to whatever you wish.
  • That's it, you have full access to everything. 
Some tricks used to get the customer service rep from the cell phone company to comply include pretending to be someones personal assistant, which would explain why you may not be able to answer every question they ask you.

Or, pretend to be elderly, make every step take way longer than usual, make the customer service rep frustrated and by the time they figure out what you need them to do, they'll rush to get you off the line.

Who's to blame?
Absolutely, it's the cellphone providers.  In almost every case a rep from the company doesn't go through the process of verifying they are talking to the true account owner, or, as mentioned above when they believe they're speaking with someone's personal assistant, they will forgive not knowing things like the mothers maiden name.

The solution? This can be tough, because sometimes we forget what we chose as our passwords or pins. I've never had to do this process myself, and I have no idea what answers I gave to the security questions when I signed up... 8 years ago now.

But frankly, if I forgot, it's my fault.  So perhaps a foolproof system where the customer service reps cannot change SIM information without first entering information given by the customer is the way to go. 

If they forgot, a verification code will have to be mailed to the customer's home address. It could be sent overnight (for a fee) and people will have to accept this is being done in the name of protecting their data.

These days, so much of our lives are on our phones.  It's a change that happened without much thought behind it, but most people don't feel like losing their phone is the same as losing their wallet with their credit cards in it.  But really, it's exactly like that.

Could someone call a bank and get someone else's login information by saying they are their personal assistant? Would the bank reps forgive not knowing a few pieces of personal information? Hell no.

Now keep in mind, through someones cellphone you can access that same account! That's why cellphone providers need to operate with the same security standards as the bank. 

-------
Author: Ross Davis
E-Mail: Ross@GlobalCryptoPress.com Twitter:@RossFM

San Francisco News Desk