FBI Issues A Warning To Users Of Crypto Currency Apps

Cyber criminals are creating fake crypto currency investment apps designed to defraud US investors and exploit investment firms, says the FBI in a warning.

The criminals, who present themselves as legitimate investment firms and crypto currency exchanges, have stolen tens of millions of dollars from more than 200 people by convincing them to download mobile apps and deposit crypto currency into wallets owned by the perpetrators.

The FBI advisory says that these cyber criminals have been convincing US investors to download fake apps, thus leading to financial losses of $42.7 million from 244 victims. “The FBI encourages financial institutions and their customers who suspect they have been defrauded through fake cryptocurrency investment apps to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.”

Some of the apps copy the names, logos, and information of legitimate crypto currency trading and investing platforms. Criminals are both targeting investors and the reputations of the legitimate firms themselves. and were successful in scamming 28 investors out of a combined $3.7 million by using an app to masquerade as a legitimate financial institution. 

When some of the targeted individuals tried to withdraw funds that had previously been deposited into wallets located in the app, an email notice told them that they had to pay taxes on the investments. Even after completing the required payment, the funds were still not available.

In another series of scams that occurred between October 2021 and May 2022, cyber criminals used a company named YiBit1 to steal around $5.5 million from at least four people. The victims were instructed to download a YiBit app and deposit crypto currency into wallets associated with their accounts. Several of the investors received an email telling them that they had to pay taxes on their investments before they could withdraw any funds. The four victims who did so were unable to withdraw funds using the app.

While cyber criminals have long relied on crypto currency as a means of financial extortion, they are increasingly turning their attention to targeting crypto wallets and Blockchain bridges, tools that enable users to transfer their crypto assets from one blockchain to another. The FBI recommends investors take the following precautions: 

  • Be wary of unsolicited requests to download investment applications, especially from individuals you have not met in person or whose identity you have not verified. Take steps to verify an individual’s identity before providing them with personal information or relying on their investment advice. 
  • Verify an app is legitimate before downloading it by confirming the company offering the app actually exists, identifying whether the company or app has a website, and ensuring any financial disclosures or documents are tailored to the app’s purpose and the proposed financial activity. 
  • Treat applications with limited and/or broken functionality with skepticism. 

Investors should be careful about which platforms they trust with their funds, and ensure that the sites and apps they use are legitimate.

IC3:   Techrepublic:    The Hacker News:   The Record:   Techcrunch:   The Register:   TechcrunchOodlaoop:

You Might Also Read: 

Chainalysis Crypto Theft Hotline:

 

« Google & Oracle Turn Off Servers In The Heatwave
Lives Are At Stake As More US Hospitals Are Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Council of Europe Convention on Cybercrime

Council of Europe Convention on Cybercrime

The Council of Europe helps to protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

SOFTwarfare

SOFTwarfare

SOFTwarfare deliver high-quality, reliable and secure enterprise application integrations through RESTful APIs for Cyber, Ops & Dev.

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security provides Professional Training Courses and Programmes in Cyber Security.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.

Inroad Technologies

Inroad Technologies

Inroad Technologies provide IT services that help keep your business computers, servers and networks secure and trouble-free.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.