A newly-detected scam has been luring users into a Bitcoin scam, Abnormal Security reports. The cybersecurity firm informs that cybercriminals have been impersonating the popular Bitcoin Era trading platform to attract investors, while actually infecting their online devices with malware.
Emails, Mimicking BTC Era Platform
The automated scam emails, which many users have reportedly received, were intended to deceive them through a visual similarity to the leading cryptocurrency platform BTC Era.
As Abnormal Security reports, the messages address the user by name, making it easy to believe that they are approved to execute a BTC transaction that requires a minimum deposit of $250 as a starting sum.
The emails reportedly included a hidden URL under the text “create an account”. Users are urged to click on it, after which multiple redirects are activated before the actual landing on a malicious webpage. After this, a pop-up announcement asks the user for permission to show notifications from the particular website.
Since the user has clicked on the “allow” button, the command allows Adware to run on their device, while users believe they are making an investment. The website is actually “running Malwarebytes. This way, it’s rendering their devices as tools to monitor user behavior, and launch ads and spam targeting the user.”
Attacks Impersonating Bitcoin Platforms Remain Relatively Constant
As per the report, the attack is highly effective against recipients, because of the good impersonation of the BTC Era platform.
“The included URL is hosted through the email marketing provider Constant Contact”, says the Abnormal Security report.
As the security firm explains, such email services are an easy method to execute a widespread attack simultaneously on multiple users.
“It takes less effort than spoofing emails and is more effective in casting a wide net to catch unsuspecting recipients.” – The report reads.
Specialists advise users and organizations to ensure that the emails they receive are from legitimate senders and addresses, no matter the seemingly reliable display name and to double-check the URL as well.
“We have seen that over the last few months, the weekly volume of attacks impersonating Bitcoin platforms has remained relatively constant”, Ken Liao, vice-president of cybersecurity at Abnormal Security said on the matter. He added that there is an increased rate of these impersonations between the end of March and the beginning of May.