Cybercriminals made away with $2.3 million worth of cryptocurrencies in the second quarter of 2018, a Kaspersky Lab report indicates.
The report indicates that the scammers exploited the World Cup and GPDR issue to send links to phishing websites which they then used to steal the virtual assets.
The attackers mainly used giveaways and new ICO projects in addition to classic phishing scams to entice unsuspecting victims to give away their coins, the “Spam and Phishing Report Q2 2018” report indicates.
“Using these two tricks, Kaspersky Lab estimates that intruders earned more than $2.3 million, even without taking into account any revenues from classic phishing schemes,” the report notes.
In another finding, Ethereum seems to be the most favoured cryptocurrency for phishers. This is not entirely surprising. Most ICO projects are built on the back of the Ethereum with Ether tokens often used as payment in exchange for new tokens.
While more and more people are now using electronic money, a good number of them are still not aware of the risks involved. Nadezhda Demidova, a web content analyst at Kaspersky Lab said.
“Not all of them are sufficiently aware of the possible risks, so intruders are actively trying to steal sensitive information through phishing,” Demidova said.
60,000 Attacks Prevented
On the other hand, Kaspersky says it has prevented almost 60,000 instances where users tried to visit the malicious websites.
According to the report, most of these attacks are concentrated in Asia and South America. Brazil for example accounted for about 15% of the attacks while China came in second position with about 14% of the attacks concentrated there. Russia comes fourth after Kyrgyzstan.
The report also shows that WhatsApp is increasingly being used to distribute some of the content.
“Most of these messages contain information about fictional lotteries or giveaways, the report says.
“This quarter in Russia, for instance, they used names of popular retailers such as Pyaterochka and Leroy Merlin, and also McDonald’s. Some fake messages come from popular sportswear brands, as well as certain stores and coffee shops.”