By Staff Writer
In April, cryptocurrencies were riding high, benefitting from a bull run that saw bitcoin peak at more than US$62,700 and other cryptocurrencies soaring in value. Then, in May, the market crashed, losing $1.2 trillion in the space of a week. It was the worst crash in nearly a decade.
Among the cohort hardest hit were inexperienced investors. Often highly leveraged and unafraid of risk, such investors were highly exposed as the cryptocurrency market fell.
As many cryptocurrency investors look to exit the market in the washup, cybercriminals are now targeting inexperienced investors via sophisticated scams using financial trading, banking, or cryptocurrency apps.
UK based cybersecurity firm Sophos have identified 167 counterfeit Android and iOS apps masquerading as trading, banking, or cryptocurrency apps from reputable financial organisations.
“People trust the brands and people they know or think they know, and the operators behind these fake trading and cryptocurrency scams ruthlessly take advantage of that,” said Jagadeesh Chandraiah, a senior threat researcher at Sophos.
In some cases, cybercriminals set up a fake iOS App Store download page to convince potential victims they were downloading a genuine app.
Research from the United States-based Federal Trade Commission indicates that cryptocurrency scams increased 1000% last year, reaping cybercriminals $80 million. The median value of a cryptocurrency scam is around $1900.
This relatively low median value supports the view it is inexperienced investors looking to quickly bolster their wealth most at risk.
Elsewhere, major banks such as the UK’s NatWest are actively trying to educate their 7.5 million account holders about cybercriminals lurking around cryptocurrency markets.
Among the high-profile financial institutions and cryptocurrency brokerages Sophos uncovered counterfeit apps impersonating were Barclays, Gemini, Bitwala, Kraken, Binance, BitcoinHK, Bittrex, BitFlyer, and TDBank. All the counterfeit apps try to steal money from people who download them.
“These fraudulent applications are aimed at exploiting the increased interest in trading apps, driven by the recent significant rise in the value of cryptocurrencies and interest in low-cost or free stock trading,” says Chandraiah.
Frequently, the cybercriminals behind the counterfeit apps encourage users to deposit funds and buy into a cryptocurrency. The recent bull market has fuelled interest in cryptocurrency markets, particularly from inexperienced investors. Generous and frequently misunderstood leverage opportunities further lower barriers to entry.
When the user attempts to sell the cryptocurrency and withdraw their funds, as many inexperienced investors are now doing, the cybercriminals frequently block the accounts and keep the cryptocurrency.
Sophos warns the cybercriminals behind most counterfeit cryptocurrency apps are highly sophisticated and plausible. Usually, users do not know they have been scammed until they attempt to exit their investment.
The cybersecurity firm warns the unregulated and volatile cryptocurrency environment offers easy pickings for cybercriminals. They encourage potential users of any trading app to do their due diligence before handing over any funds.