FBI Issues A Warning To Users Of Crypto Currency Apps

Cyber criminals are creating fake crypto currency investment apps designed to defraud US investors and exploit investment firms, says the FBI in a warning.

The criminals, who present themselves as legitimate investment firms and crypto currency exchanges, have stolen tens of millions of dollars from more than 200 people by convincing them to download mobile apps and deposit crypto currency into wallets owned by the perpetrators.

The FBI advisory says that these cyber criminals have been convincing US investors to download fake apps, thus leading to financial losses of $42.7 million from 244 victims. “The FBI encourages financial institutions and their customers who suspect they have been defrauded through fake cryptocurrency investment apps to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.”

Some of the apps copy the names, logos, and information of legitimate crypto currency trading and investing platforms. Criminals are both targeting investors and the reputations of the legitimate firms themselves. and were successful in scamming 28 investors out of a combined $3.7 million by using an app to masquerade as a legitimate financial institution. 

When some of the targeted individuals tried to withdraw funds that had previously been deposited into wallets located in the app, an email notice told them that they had to pay taxes on the investments. Even after completing the required payment, the funds were still not available.

In another series of scams that occurred between October 2021 and May 2022, cyber criminals used a company named YiBit1 to steal around $5.5 million from at least four people. The victims were instructed to download a YiBit app and deposit crypto currency into wallets associated with their accounts. Several of the investors received an email telling them that they had to pay taxes on their investments before they could withdraw any funds. The four victims who did so were unable to withdraw funds using the app.

While cyber criminals have long relied on crypto currency as a means of financial extortion, they are increasingly turning their attention to targeting crypto wallets and Blockchain bridges, tools that enable users to transfer their crypto assets from one blockchain to another. The FBI recommends investors take the following precautions: 

  • Be wary of unsolicited requests to download investment applications, especially from individuals you have not met in person or whose identity you have not verified. Take steps to verify an individual’s identity before providing them with personal information or relying on their investment advice. 
  • Verify an app is legitimate before downloading it by confirming the company offering the app actually exists, identifying whether the company or app has a website, and ensuring any financial disclosures or documents are tailored to the app’s purpose and the proposed financial activity. 
  • Treat applications with limited and/or broken functionality with skepticism. 

Investors should be careful about which platforms they trust with their funds, and ensure that the sites and apps they use are legitimate.

IC3:   Techrepublic:    The Hacker News:   The Record:   Techcrunch:   The Register:   TechcrunchOodlaoop:

You Might Also Read: 

Chainalysis Crypto Theft Hotline:

 

« Google & Oracle Turn Off Servers In The Heatwave
Lives Are At Stake As More US Hospitals Are Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Rapid7

Rapid7

Rapid7 unites cloud risk management and threat detection to deliver results that secure your business and ensure you’re always ready for what comes next.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

BDO Global

BDO Global

BDO is an international network of public accounting, tax and advisory firms which perform professional services under the name of BDO.

AFRY

AFRY

AFRY is a world leading engineering company, trusted as a supplier of services and solutions within the industry, energy, and infrastructure sectors as well as for authorities.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.

Vonahi Security

Vonahi Security

Vonahi Security is a cybersecurity SaaS company that pioneered automated network penetration testing.

DeepSurface Security

DeepSurface Security

DeepSurface is the first risk-based vulnerability management platform that allows cybersecurity teams to automate the process of analyzing and prioritizing vulnerabilities.