Rise in Phishing Attacks Targeting Cryptocurrency Buyers

With the price of Bitcoin on the rise, cybercriminals are targeting these users for their own financial gain. According to a study by Barracuda, the price of Bitcoin increased by 400% between October 2020 and May 2021 while the rise of cyberattacks grew by 192% in the same period. These attackers are using cryptocurrency to carry out spear-phishing attacks, business email compromise(BEC) attacks, and ransomware attacks.

As of late, many businesses are starting to shift into the world of cryptocurrency and beginning to accept it as a form of payment. This is where the attackers are shifting their attention. Due to the increase in value of Bitcoin and other cryptocurrencies, attackers are seeing this as a viable extortion opportunity as there are fewer regulations surrounding cryptocurrency, therefore, making it harder to trace back to the user. We saw this happen as recently as a few months ago with the Colonial Pipeline attack where they had to spend millions of dollars worth of Bitcoin due to a ransomware attack that compromised the functioning of their pipelines.

Barracuda mentions that these attackers are using malicious tactics such as sending fake emails notifying users of a “security breach” to obtain their Bitcoin login credentials, creating fake charities to persuade victims to purchase or donate Bitcoin, and targeting employees with personalized emails. Chainalysis lists third-party providers that can be used to carry out attacks through penetration testing services(used to probe for potential weaknesses), exploit sellers(the selling of access to certain vulnerabilities), and bulletproof hosting providers(allows users to host any website and complete purchases anonymously). Hackers are also using Bitcoin to get paid in extortion and ransomware attacks where they target victims claiming to have obtained compromising videos or photos of them and then threatening to release them if they do not pay the ransom in Bitcoin. This tactic has been around for a while but the use of Bitcoin has increased their monetary gain in these schemes. According to Chainalysis, there was about 5 billion dollars worth of cryptocurrency used in illicit activities in 2020 with 350 million dollars being obtained specifically from ransomware attacks. This was a 311% increase in cryptocurrency-related ransomware attacks compared to 2019. No other category rose as dramatically in 2020, which may have been caused by the massive influx of people working from home due to the Covid-19 pandemic which caused major vulnerabilities for many organizations.

Cryptocurrency-based-crimes

The future of cryptocurrency will change as cybercriminals are using this digital currency to their advantage. With the recent successful attacks on the Colonial Pipeline and JBS, Barracuda mentions, it is clear these criminals are aiming for large targets. They will most likely attempt to hit other critical industries such as water or energy. Chainalysis notes that ransomware is incredibly destructive as it has the potential to cripple local governments and businesses for weeks with there being 62 attacks on healthcare-related facilities in 2020. Some experts have estimated as much as 20 billion dollars in economic losses due to these attacks in 2020. As these attacks increase in frequency and with the use of cryptocurrency for ransom payments, the government will most likely have to get involved in the regulation of this digital currency.

Here are some helpful tips to protect yourself against cryptocurrency-related threats according to Barracuda and SIW:

  1. Invest in 24/7 monitoring
    1. Holidays and early morning hours are the popular times for cybercriminals to attack so it would be best to invest in a SOC(security operations center) or work with a partner that has one
  2. Endpoint Detection and Response Solution
    1. With so many individuals still working from home, having an EDR can be helpful as they use behavior-based algorithms to detect ransomware. The IT team can then work on remediation once there is a detection.
  3. Incorporate phishing training into your organization and stay on top of the latest email attacks
    1. Companies can benefit from training their employees on phishing and the proper things to look out for to establish whether the email is safe or not, such as checking for spelling errors, checking the senders’ email address, etc.
  4. Make sure your web applications are secure
    1. Online applications can be used for ransomware attacks so it is best for organizations to invest in API Security and software that protects against DDoS attacks and bot mitigation.
  5. Back up your data
    1. If a ransomware attack were to happen, having your data backed up can help to prevent losing recent files/data and aid in getting your system restored faster. This can be backed up on the cloud or a physical device, either way, it helps!

With these cybercriminals becoming more intelligent with their attacks every day, we need to try to stay one step ahead and protect our employees and our companies. Together we can use these precautionary measures in an attempt to stay safe and secure!

Leave a Reply

PUBLISHED BY Josie Witaschek

View all posts by Josie Witaschek

Related Posts

#MillenniumLive , CMO , Retail

Research Analyst Ian Bruce Joins Our CMO & Retail Assembly!

We have big news to share – our final Transformational CMO & Retail Virtual Assembly for 2021 will feature Forrester Research! Ian Bruce, Vice President & Principal Analyst at the leading global research and advisory firm will share his exclusive insights gained over the course of 2021. His research has a special focus on how […]

#MillenniumLive , Healthcare

#MillenniumLive with Paul Ginsburg on Consumer-driven Healthcare

This week on #MillenniumLive, our Co-Founder Alex Sobol sits down with Paul Ginsburg, PhD, Professor and Director of Public Policy at USC Schaeffer Center. Ginsburg explores his roots: from growing up in New York City, to discovering his passion for academia, and his special interests in health policy, healthcare financing, and delivery. Ginsburg also shares […]

CIO , Data , Retail

Jose Arrieta Keynotes Our Digital Enterprise and Data Transformation Assembly!

Our Digital Enterprise and Data Transformation Virtual Assembly in November will feature Jose Arrieta, Former Chief Information Officer and Chief Data Officer at HHS as our keynote speaker! In his last three years at HHS, he oversaw $6.3B in IT investments, $800B in grants, and $26B in Federal contracts while providing cybersecurity solutions for 174,000 […]

CMO

Is Remote Work Killing Creativity and Innovation? David Sable Shares His Thoughts

As originally published by David Sable on LinkedIn. Subscribe to the newsletter! Last week I sat in a room with a few young entrepreneurs and brainstormed. It was the first time we had all been together, in person, ever. After an hour of incredible creative productivity….sharing ideas….building on them….evaluating and starting again….the unanimous decision was […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.