MARKETING SPECIALIST

The past year has been a significant one for cryptocurrencies and blockchain. In the face of such extremity and economic meltdowns, cryptocurrencies have proven to be remarkably resilient. Fortunately, the rapid increase in accessibility of global high-speed Internet and digitization has created a ripe environment for digital currency.

On the other side, it started a new source of income for the scammers. Fraudsters target Social Media and Messaging platforms users with a scam centered on a fake cryptocurrency exchange and using the lure of free Bitcoin or Ethereum cryptocurrency to steal money and personal data.

We have previously warned our readers about cryptocurrency scams and advised them on how to safely invest in cryptocurrency from a security standpoint.

New Cryptocurrency Scam Campaign Detected

After successfully discovering a complex phishing cryptocurrency scam campaign last month, this time around Heimdal™ Security tracked down a cryptocurrency scam campaign that started 4 months ago. Since then, our algorithms and analysts have studied and found new infected domains from the same campaign.

cryptocurrency scam image heimdal security

The domains are hosted on the following IP addresses:

  • 111.174.155 – UA
  • 214.124.44 – RU
  • 121.14.70 – UA

Our team was able to track them in Seychelles, Iceland, Ukraine, and Russia.

How It Works

This type of cryptocurrency scam lures victims on Discord’s cryptocurrency servers by sending a private message that looks like an ad for a genuine up-and-coming trading platform giving away cryptocurrency. In reality, it deploys social engineering tactics to drive sign-ups.

Once you click on the phishing link they provide, you will be redirected to a website and asked to enter personal information, such as passwords, credit card numbers, or bank account details. In worse situations, malware will start to download as soon as the link is clicked.

cryptocurrency scam unique image heimdal security

Although these types of websites look genuine, and appear fully operational, in reality, scammers are buying already implemented templates from professional web designers. You can add the promo codes, transfer fake balances to other users, reset your password, etc.

The tricky part comes when you want to withdraw your money to your personal wallet. It would say that you need to deposit a certain amount of BTC/ETH to verify your account. The amount asked will be very little compared to the fake prize.

cryptocurrency scam image heimdal security

How to Stay Safe

Is your business running cryptocurrency transactions? Here’s some advice on how to improve overall security:

  1. Check data breach websites to see if your data has been leaked. You can do so at https://haveibeenpwned.com/
  2. Always keep your software updated;
  3. Don’t download files from unknown sources;
  4. Keep your seed phrase safe;
  5. Activate two-factor authentication (2FA).

While it’s always a good idea to beef up your online security, now more than ever you should take the time to review your cybersecurity habits. I know it’s convenient to trade or buy crypto on the fly, but sloppy practices usually result in compromised personal data.

To his end, I would advise you to conduct every transaction from a secured endpoint. Endpoint security solutions can help prevent data leaks associated with crypto-specific malware. Heimdal™ Security Threat Prevention Endpoint can sanitize your workstations, clear out malicious packets that may be hidden in DNS traffic, detect processes associated with crypto-mining operations, and much more.

Heimdal Official Logo
Antivirus is no longer enough to keep an organization’s systems secure.

Heimdal™ Threat Prevention - Endpoint

Is our next gen proactive shield that stops unknown threats before they reach your system.
  • Machine learning powered scans for all incoming online traffic;
  • Stops data breaches before sensitive info can be exposed to the outside;
  • Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
  • Protection against data leakage, APTs, ransomware and exploits;
Try it for FREE today Offer valid only for companies.

On that note, you should definitely consider running a quick scan of your system in order to root out lingering bitcoin miners.

Below you can find a list of all the scam URLs detected by Heimdal™:

• unexbit.com
• news.quicklybtc.com
• quicklybtc.com
• news.coinseon.com
• coinseon.com
• news.coinzetta.com
• coinzetta.com
• news.quckbit.com
• quckbit.com
• news.btchull.com
• btchull.com
• news.eoncoins.com
• eoncoins.com
• bomscoin.com
• news.bomscoin.com
• broskobit.com
• news.coinsfv.com
• news.broskobit.com
• coinsfv.com
• immortalex.com
• news.immortalex.com
• bitruner.com
• news.bitruner.com
• zirocoin.com
• news.zirocoin.com
• news.protradearea.com
• news.phemexbtc.com
• phemexbtc.com
• protradearea.com
• news.pencebit.com
• pencebit.com
• news.gparhgarden.com
• gparhgarden.com
• trustpoolex.com
• news.trustpoolex.com
• respacex.com
• news.respacex.com
• news.btctruck.com
• btctruck.com
• news.fvcoins.com
• fvcoins.com
• news.pickobit.com
• pickobit.com
• exhodl.com
• news.exhodl.com
• omexbit.com
• news.omexbit.com
• news.cryptoxfactory.com
• cryptoxfactory.com
• boracrypto.com
• news.essencebtc.com
• essencebtc.com
• news.bitxcub.com
• tupbit.com
• coinxhash.com
• news.saberbtc.com
• btcrune.com
• saberbtc.com
• news.btcrune.com
• news.tupbit.com
• news.cryptoroz.com
• coinupwallet.com
• ozoncrypto.com
• news.coinxhash.com
• bitxcub.com
• news.coinupwallet.com
• news.ozoncrypto.com
• cryptoroz.com
• coinrau.com
• news.coinrau.com
• binoix.com
• news.wortexbit.com
• wortexbit.com
• news.binoix.com
• news.unexbit.com
• news.cryptobora.com
• cryptobora.com
• news.cryptolau.com
• news.betradebit.com
• bitraced.com
• raucoin.com
• cryptolau.com
• betradebit.com
• news.rocketpoolex.com
• rocketpoolex.com
• news.bitraced.com
• news.raucoin.com
• news.jolobit.com
• jolobit.com
• news.wallet-coin.com
• wallet-coin.com
• news.thortrading.com
• thortrading.com
• news.cryptoxhash.com
• cryptoxhash.com
• news.cryptoholl.com
• news.glowexcoin.com
• glowexcoin.com
• cryptoholl.com
• zaucoin.com
• news.zaucoin.com
• zaucoin.com
• news.zaucoin.com
• news.cryptobora.com
• cryptobora.com
• binoix.com
• news.binoix.com
• unexbit.com
• news.unexbit.com
• coinupwallet.com
• news.coinupwallet.com
• news.cryptoxhash.com
• cryptoxhash.com
• news.glowexcoin.com
• glowexcoin.com
• betradebit.com
• ozoncrypto.com
• news.ozoncrypto.com
• news.jolobit.com
• jolobit.com
• news.cryptoroz.com
• cryptoroz.com
• wortexbit.com
• news.wortexbit.com
• thortrading.com
• news.bitxcub.com
• news.thortrading.com
• cryptoholl.com
• news.coinxhash.com
• coinxhash.com
• news.cryptoholl.com
• saberbtc.com
• news.saberbtc.com
• news.nexonbtc.com
• nexonbtc.com
• news.betradebit.com
• news.bitcoin-ltd.com
• bitcoin-ltd.com
• bitcoinxls.com
• news.bitcoinxls.com
• bitxcub.com
• news.tupbit.com
• tupbit.com
• news.coinrau.com
• coinrau.com
• bitraced.com
• news.bitraced.com
• wallet-coin.com
• news.wallet-coin.com
• cryptolau.com
• news.cryptolau.com
• news.rocketpoolex.com
• rocketpoolex.com
• btcrune.com
• news.btcrune.com
• capitalmarts.com
• news.capitalmarts.com
• raucoin.com
• news.raucoin.com
• news.cryptoholl.com
• cryptoholl.com
• news.bullschain.com
• bullschain.com
• thortrading.com
• news.thortrading.com
• news.coinxhash.com
• coinxhash.com
• news.saberbtc.com
• saberbtc.com
• news.nexonbtc.com
• nexonbtc.com
• news.bitcoinxls.com
• coinrau.com
• bitcoinxls.com
• news.coinrau.com
• news.betradebit.com
• betradebit.com
• royalebitex.com
• news.royalebitex.com
• bitcoin-ltd.com
• news.bitcoin-ltd.com
• news.wallet-coin.com
• wallet-coin.com
• synthetixcoin.com
• news.synthetixcoin.com
• glavebtc.com
• news.glavebtc.com
• oraclebtc.com
• news.oraclebtc.com
• news.rocketpoolex.com
• rocketpoolex.com
• news.frostbtc.com
• frostbtc.com
• tupbit.com
• news.tupbit.com
• news.jolobit.com
• jolobit.com
• moonlitex.com
• news.moonlitex.com
• news.bitfug.com
• bitfug.com
• cryptolau.com
• news.cryptolau.com
• news.bitfug.com
• bitfug.com
• cryptolau.com
• news.cryptolau.com
• news.bitpleiad.com
• bitpleiad.com
• news.bitpleiad.com
• bitpleiad.com
• news.btcrune.com
• btcrune.com
• news.btcrune.com
• btcrune.com
• news.capitalmarts.com
• capitalmarts.com
• news.capitalmarts.com
• capitalmarts.com
• bitraced.com
• news.bitraced.com
• foabit.com
• news.foabit.com
• news.cryptoroz.com
• cryptoroz.com
• gleefin.com
• news.gleefin.com
• buncebit.com
• news.buncebit.com
• news.geckcoin.com
• geckcoin.com
• news.mobitpro.com
• mobitpro.com
• wavebtc.com
• news.wavebtc.com
• news.cryptopye.com
• cryptopye.com
• cryptorozi.com
• news.cryptorozi.com
• 91-214-124-44.plesk.page
• amazing-lalande.91-214-124-44.plesk.page
• news.cosmochange.com
• cosmochange.com
• news.btclam.com
• btclam.com
• news.dogmabit.com
• dogmabit.com
• news.solanabit.com
• solanabit.com
• news.btcsam.com
• btcsam.com
• more-deals.com
• stchevuestas.net

Over $80 Million Lost Due to Cryptocurrency Scams

Heimdal™ AI Discovers a Complex Phishing Cryptocurrency Scam Campaign

10+ Cryptocurrency Fraud and Scams You Need to Pay Attention to

Comments

I confirm I received a Discord message with a code which amounts to 9 ETH for trustpoolex.com. I tested it and was asked to deposit before I can withdraw the 9 ETH.

Confirmed. Just got the message on discord from qwerty21 that I won .497 $BTC luls

very good info

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP