Rise in Phishing Attacks Targeting Cryptocurrency Buyers

With the price of Bitcoin on the rise, cybercriminals are targeting these users for their own financial gain. According to a study by Barracuda, the price of Bitcoin increased by 400% between October 2020 and May 2021 while the rise of cyberattacks grew by 192% in the same period. These attackers are using cryptocurrency to carry out spear-phishing attacks, business email compromise(BEC) attacks, and ransomware attacks.

As of late, many businesses are starting to shift into the world of cryptocurrency and beginning to accept it as a form of payment. This is where the attackers are shifting their attention. Due to the increase in value of Bitcoin and other cryptocurrencies, attackers are seeing this as a viable extortion opportunity as there are fewer regulations surrounding cryptocurrency, therefore, making it harder to trace back to the user. We saw this happen as recently as a few months ago with the Colonial Pipeline attack where they had to spend millions of dollars worth of Bitcoin due to a ransomware attack that compromised the functioning of their pipelines.

Barracuda mentions that these attackers are using malicious tactics such as sending fake emails notifying users of a “security breach” to obtain their Bitcoin login credentials, creating fake charities to persuade victims to purchase or donate Bitcoin, and targeting employees with personalized emails. Chainalysis lists third-party providers that can be used to carry out attacks through penetration testing services(used to probe for potential weaknesses), exploit sellers(the selling of access to certain vulnerabilities), and bulletproof hosting providers(allows users to host any website and complete purchases anonymously). Hackers are also using Bitcoin to get paid in extortion and ransomware attacks where they target victims claiming to have obtained compromising videos or photos of them and then threatening to release them if they do not pay the ransom in Bitcoin. This tactic has been around for a while but the use of Bitcoin has increased their monetary gain in these schemes. According to Chainalysis, there was about 5 billion dollars worth of cryptocurrency used in illicit activities in 2020 with 350 million dollars being obtained specifically from ransomware attacks. This was a 311% increase in cryptocurrency-related ransomware attacks compared to 2019. No other category rose as dramatically in 2020, which may have been caused by the massive influx of people working from home due to the Covid-19 pandemic which caused major vulnerabilities for many organizations.

Cryptocurrency-based-crimes

The future of cryptocurrency will change as cybercriminals are using this digital currency to their advantage. With the recent successful attacks on the Colonial Pipeline and JBS, Barracuda mentions, it is clear these criminals are aiming for large targets. They will most likely attempt to hit other critical industries such as water or energy. Chainalysis notes that ransomware is incredibly destructive as it has the potential to cripple local governments and businesses for weeks with there being 62 attacks on healthcare-related facilities in 2020. Some experts have estimated as much as 20 billion dollars in economic losses due to these attacks in 2020. As these attacks increase in frequency and with the use of cryptocurrency for ransom payments, the government will most likely have to get involved in the regulation of this digital currency.

Here are some helpful tips to protect yourself against cryptocurrency-related threats according to Barracuda and SIW:

  1. Invest in 24/7 monitoring
    1. Holidays and early morning hours are the popular times for cybercriminals to attack so it would be best to invest in a SOC(security operations center) or work with a partner that has one
  2. Endpoint Detection and Response Solution
    1. With so many individuals still working from home, having an EDR can be helpful as they use behavior-based algorithms to detect ransomware. The IT team can then work on remediation once there is a detection.
  3. Incorporate phishing training into your organization and stay on top of the latest email attacks
    1. Companies can benefit from training their employees on phishing and the proper things to look out for to establish whether the email is safe or not, such as checking for spelling errors, checking the senders’ email address, etc.
  4. Make sure your web applications are secure
    1. Online applications can be used for ransomware attacks so it is best for organizations to invest in API Security and software that protects against DDoS attacks and bot mitigation.
  5. Back up your data
    1. If a ransomware attack were to happen, having your data backed up can help to prevent losing recent files/data and aid in getting your system restored faster. This can be backed up on the cloud or a physical device, either way, it helps!

With these cybercriminals becoming more intelligent with their attacks every day, we need to try to stay one step ahead and protect our employees and our companies. Together we can use these precautionary measures in an attempt to stay safe and secure!

Leave a Reply

PUBLISHED BY Josie Witaschek

View all posts by Josie Witaschek

Related Posts

CMO , Retail

Partner Success Story: AnyRoad x Fleetwood Paints

Contributed by AnyRoad Our partners at AnyRoad help companies create brand loyalty, change consumer behavior, and better understand their brand associations by providing them with data intelligence sourced from experience-based marketing. AnyRoad recently collaborated with Fleetwood Paints in 2021 to streamline the latter company’s appointment process, scale their omnichannel presence, and glean more insights. These […]

#MillenniumLive , Podcast

#MillenniumLive on Leveraging Social Media To Solve Problems

#MillenniumLive welcomes Danny Flamberg, Vice President, Strategy – HCP at LiveWorld. Danny is a pioneer in crafting compelling strategies, devising breakthrough messaging, and embracing omnichannel thinking. He joins #MillenniumLive to share how LiveWorld helps hospitals and health systems through engagement at the intersection of social & digital. Danny talks about how LiveWorld addresses patient & […]

#MillenniumLive , Data , Healthcare , Podcast

#MillenniumLive on Accelerating The Consumer Experience with Data with Informatica

#MillenniumLive welcomes the team at Informatica: Chuck Hayes, Customer Insights & Master Data Management Account Executive, Healthcare & Life Sciences and Richard Cramer, Chief Strategist, Healthcare & Life Sciences. Chuck and Richard share their thoughts on the trending topic: healthcare consumer experience, and how Informatica makes moving to “the cloud” an easy experience. Together, Informatica […]

#MillenniumLive , Healthcare , Podcast

#MillenniumLive on Igniting a Digital Health Revolution with Validic

#MillenniumLive welcomes Drew Schiller, CEO & Co-Founder at Validic, the healthcare industry’s premier technology platform for convenient, easy access to digital health data from best-in-class clinical and remote-monitoring devices, sensors, fitness equipment, wearables and patient wellness applications. Drew discusses Validic’s unique perspective on the role remote patient monitoring plays as part of an organization’s digital […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.