3 min read

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Alina BÎZGĂ

May 24, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Digital currencies are galvanizing social engineering scams and hacks across the online world. Bitdefender’s latest analysis of crypto-based spam once again reveals the creative side of digital pick pockets as they try to trick internet users.

Scam emails announcing you’ve been transferred a hefty sum in bitcoin on a shady crypto investment platform have been popping up in users’ inboxes across the globe. The email subject and body are poorly redacted but pique the readers’ interest by mentioning a large crypto deposit ranging from 19 to 35 bitcoin that can be accessed via a sketchy domain [coinment.net] registered on May 5.

Distribution-wise, the scam emails have reached users in the US, Canada, UK, South Africa and Australia.

Subject lines include:

· Payment Done

· Coinment Investent

· details please

· Your BTC Has Been Transfar ($ 19.4 BTC)

The body of the scam emails contain a numerical ID and password recipients need to use to log in to the so-called crypto investment platform.

As mentioned, the domain name is very recent, and despite the detection of HTTPS protocol, the webpage delivery is at best superficial.

Now, let’s take a closer look at this fake website. As you can see in the screenshots below, the sketchy façade of the website is apparently linked to the blockchain industry. It’s poorly designed and requires various user interactions to get into the sign-in menu.

Once users reach the Sign-in page, they are prompted to fill in the ID and password from the initial email. And here’s where it gets a bit more interesting, with a popup message appearing on the screen citing a Critical Update:

“Your account balance is currently 802.7 BTC (€22,889,448.04). For your security, you are now required to protect your account by choosing a more secure password and enabling OTP.
You can no longer skip this requirement as the maximum number of skips has been reached.”

Sound too good to be true? That’s because it is. Although the apparent concern for account security may provide peace of mind to users, don’t be fooled. After changing the password to their multi-million dollar crypto account, users need to fill in their phone number to receive a secure PIN code to access the account.

We weren’t lucky enough to get our hands on 22 million in euros – since no OTP was received - and we don’t recommend you try either.

The promise of free money is compelling. However, free cash or cryptocurrency always comes with a price including your privacy, data and money. Offers such as this are always fake, and users risk losing much more than they bargained for.

This type of swindle closely resembles an advance-fee scam, which usually requires users to provide financial data or pay large sums to receive the ‘prize’.

Are you stuck in a digital limbo not knowing what platforms to trust. Particularly interested in securing your identity from digital thieves? Look at our Ultimate Security pack to benefit from advance malware protection, anti-phishing, and anti-fraud filters, ongoing identity monitoring, a fast VPN, and a cross-platform Password Manager for the most comprehensive security and privacy pack to guard your data and ensure your financial wellbeing.

Find out more here

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Cyberattack Disrupts 7-Eleven Stores in Denmark Cyberattack Disrupts 7-Eleven Stores in Denmark
Alina BÎZGĂ

August 10, 2022

1 min read
Leaky platform at Chinese adult platform exposed sensitive info of 14 million users Leaky platform at Chinese adult platform exposed sensitive info of 14 million users
Alina BÎZGĂ

August 08, 2022

1 min read
America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns
Filip TRUȚĂ

August 05, 2022

2 min read