Rise in Phishing Attacks Targeting Cryptocurrency Buyers

With the price of Bitcoin on the rise, cybercriminals are targeting these users for their own financial gain. According to a study by Barracuda, the price of Bitcoin increased by 400% between October 2020 and May 2021 while the rise of cyberattacks grew by 192% in the same period. These attackers are using cryptocurrency to carry out spear-phishing attacks, business email compromise(BEC) attacks, and ransomware attacks.

As of late, many businesses are starting to shift into the world of cryptocurrency and beginning to accept it as a form of payment. This is where the attackers are shifting their attention. Due to the increase in value of Bitcoin and other cryptocurrencies, attackers are seeing this as a viable extortion opportunity as there are fewer regulations surrounding cryptocurrency, therefore, making it harder to trace back to the user. We saw this happen as recently as a few months ago with the Colonial Pipeline attack where they had to spend millions of dollars worth of Bitcoin due to a ransomware attack that compromised the functioning of their pipelines.

Barracuda mentions that these attackers are using malicious tactics such as sending fake emails notifying users of a “security breach” to obtain their Bitcoin login credentials, creating fake charities to persuade victims to purchase or donate Bitcoin, and targeting employees with personalized emails. Chainalysis lists third-party providers that can be used to carry out attacks through penetration testing services(used to probe for potential weaknesses), exploit sellers(the selling of access to certain vulnerabilities), and bulletproof hosting providers(allows users to host any website and complete purchases anonymously). Hackers are also using Bitcoin to get paid in extortion and ransomware attacks where they target victims claiming to have obtained compromising videos or photos of them and then threatening to release them if they do not pay the ransom in Bitcoin. This tactic has been around for a while but the use of Bitcoin has increased their monetary gain in these schemes. According to Chainalysis, there was about 5 billion dollars worth of cryptocurrency used in illicit activities in 2020 with 350 million dollars being obtained specifically from ransomware attacks. This was a 311% increase in cryptocurrency-related ransomware attacks compared to 2019. No other category rose as dramatically in 2020, which may have been caused by the massive influx of people working from home due to the Covid-19 pandemic which caused major vulnerabilities for many organizations.

Cryptocurrency-based-crimes

The future of cryptocurrency will change as cybercriminals are using this digital currency to their advantage. With the recent successful attacks on the Colonial Pipeline and JBS, Barracuda mentions, it is clear these criminals are aiming for large targets. They will most likely attempt to hit other critical industries such as water or energy. Chainalysis notes that ransomware is incredibly destructive as it has the potential to cripple local governments and businesses for weeks with there being 62 attacks on healthcare-related facilities in 2020. Some experts have estimated as much as 20 billion dollars in economic losses due to these attacks in 2020. As these attacks increase in frequency and with the use of cryptocurrency for ransom payments, the government will most likely have to get involved in the regulation of this digital currency.

Here are some helpful tips to protect yourself against cryptocurrency-related threats according to Barracuda and SIW:

  1. Invest in 24/7 monitoring
    1. Holidays and early morning hours are the popular times for cybercriminals to attack so it would be best to invest in a SOC(security operations center) or work with a partner that has one
  2. Endpoint Detection and Response Solution
    1. With so many individuals still working from home, having an EDR can be helpful as they use behavior-based algorithms to detect ransomware. The IT team can then work on remediation once there is a detection.
  3. Incorporate phishing training into your organization and stay on top of the latest email attacks
    1. Companies can benefit from training their employees on phishing and the proper things to look out for to establish whether the email is safe or not, such as checking for spelling errors, checking the senders’ email address, etc.
  4. Make sure your web applications are secure
    1. Online applications can be used for ransomware attacks so it is best for organizations to invest in API Security and software that protects against DDoS attacks and bot mitigation.
  5. Back up your data
    1. If a ransomware attack were to happen, having your data backed up can help to prevent losing recent files/data and aid in getting your system restored faster. This can be backed up on the cloud or a physical device, either way, it helps!

With these cybercriminals becoming more intelligent with their attacks every day, we need to try to stay one step ahead and protect our employees and our companies. Together we can use these precautionary measures in an attempt to stay safe and secure!

Leave a Reply

PUBLISHED BY Josie Witaschek

View all posts by Josie Witaschek

Related Posts

CISO

Botnet Attacks on the Rise: Companies to Invest Heavily in API Security

Recently, companies are beginning to shift to the use of the cloud and expose functionality via Application Programming Interfaces (APIs). Cybercriminals have been taking this new exposed entry to their advantage as new technologies often lack the proper security. With APIs becoming more commonly used in companies, cybercriminals have been using Botnets to carry out […]

CMO , Retail

How Businesses Can Begin to Change the Conversation

Contributed by [24]7.ai Over the years, we’ve spoken with countless businesses across multiple industries. And every time we strike up a conversation, we ask a lot of questions, because we’re constantly on the lookout for new ways we can use technology to improve the customer experience. During these conversations, however, we began to notice a […]

CISO

Cybersecurity Leader, John Felker, Keynotes Our August Assembly!

On August 17th, The Millennium Alliance Transformational CISO Virtual Assembly kicks off with a keynote address from John Felker, Former Assistant Director for Integrated Operations, Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security. Felker is a proven innovator in the cybersecurity space and is notably recognized for his work leading the […]

#MillenniumLive , Healthcare

#MillenniumLive The COVID-19 Shift to Telehealth

Our thought leader, Michele Chulick, the former President & CEO of Wyoming Medical Center, talks about her career journey, leading the successful affiliation between WMC and Banner Health, and the challenges leading a major health system during the pandemic in this weeks #MillenniumLive. Chulick touches on the rapid shift from in-person healthcare to telehealth during […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.