PHISHING
HKMA Warns Public of Fraudulent Social Media Account and Phishing Messages Related to Royal Bank of Canada
The Hong Kong Monetary Authority alerts the public about fraudulent social media accounts and phishing messages related to the Royal Bank of Canada.
HKMA Issues Alert on Phishing Messages Related to Ant Bank (Hong Kong) Limited
HKMA warns the public about phishing messages impersonating Ant Bank (Hong Kong) Limited, urging caution and immediate reporting of suspicious activities.
Hong Kong Monetary Authority Warns About Phishing Messages Targeting China Construction Bank (Asia)
HKMA issues alert on phishing instant messages involving China Construction Bank (Asia).
HKMA Warns Public About Phishing Messages Linked to ICBC (Asia)
HKMA alerts public to phishing messages related to ICBC (Asia).
Singapore Authorities Issue Warning Against Rising Cryptocurrency Malware Threats
Singapore's Police Force and Cyber Security Agency have jointly issued an advisory warning about the increased risk of cryptocurrency drainers, urging users to adopt stringent security measures.
Trezor Strengthens Security Measures Amid Phishing Concerns
Trezor recently faced a security breach in its third-party support ticketing portal, potentially affecting 66,000 users. While user funds and device security remain secure, the incident raises concerns over increased phishing risks.
KuCoin User Linked to Memecoin Scams
Crypto exchange KuCoin confirms a user's address is responsible for launching thousands of memecoin scams but will not freeze assets without official notice from law enforcement. The wallet address has been marked as a fake phishing wallet by blockchain explorer Etherscan.
Google Ads Used in $4M Crypto Phishing Scam
Scammers have stolen over $4 million in cryptocurrency from users falling for phishing websites promoted on Google Ads, according to blockchain analytics by ScamSniffer. The fraudulent websites prompt wallet login signature requests that compromise users’ addresses, and have targeted decentralized finance protocols, websites and brands. Metadata from some of the phishing websites has been linked to advertisers in Ukraine and Canada, who bypass Google’s ad review process by manipulating the Google Click ID parameter and using anti-debugging methods. ScamSniffer estimates that scammers spent around $15,000 on advertising which provided a return on their investments of 276%, given the $4 million stolen to date.
Cryptocurrency Phishing Attacks Rise by 40% Year-on-Year in 2022
Kaspersky, a Russian cybersecurity and anti-virus provider, has reported a 40% year-on-year increase in cryptocurrency phishing attacks in 2022. The attacks involve reaching out to investors through fake websites and communication channels that mimic official companies, prompting users to share personal information such as private keys. Attackers are evolving their strategies to lure unwary crypto investors. Recently, hardware cryptocurrency wallet provider Trezor warned against attempts to steal users' crypto through fake Trezor sites. In a survey, one out of seven respondents admitted to being affected by cryptocurrency phishing.
MetaMask Users Email Addresses Exposed in Cybersecurity Incident
MetaMask, the popular Ethereum wallet, experienced a cybersecurity incident that exposed the email addresses of some of its users who submitted a customer support ticket between August 1, 2021 and February 10, 2023. The breach may have affected up to 7,000 users and some of the customer support tickets included a free text field where users may have submitted personally identifying information. The company has taken steps to eliminate unauthorized access in the future and is working with a cybersecurity and forensics team to investigate the incident.
Cryptocurrency Phishing Attacks Surge in 2022
Kaspersky reports a 40% YoY increase in cryptocurrency phishing attacks in 2022. These attacks involve fake websites and communication channels that mimic official companies to trick users into sharing private information such as private keys. Kaspersky warns that scammers continue to evolve their techniques and stories to lure in unsuspecting crypto investors.
Arbitrum Discord Server Hacked for Phishing Attack
Hackers dropped a phishing link on Arbitrum's official Discord server, prompting users to enter personal information. The link misspelled the name of the platform as "Arbtirum." Investors are advised to be cautious of unrealistic claims and deceptions.
Fake Arbitrum Airdrop Scam Circulated on Discord
Hackers dropped a phishing link into Arbitrum's Discord server, offering the opportunity to re-claim additional stake in Arbitrum DAO Governance. The link prompted unsuspecting victims to enter personal information, leading to a potential scam. Investors are advised against interacting with the announcement until further clarification from Arbitrum.
MetaMask Warns Investors Against Phishing Attempts by Scammers
MetaMask informed customers that it never emails account data or collects KYC information.
Webaverse Co-Founder Reveals $4 Million Crypto Hack
Webaverse co-founder Ahad Shams sent a public statement about being hacked for $4 million in a hotel lobby.