Crypto investors in India have lost over $128 million (nearly Rs 1,000 crore) due to a sophisticated phishing scam that includes fake cryptocurrency exchanges. This scheme was uncovered by cybersecurity firm CloudSEK who said the operation involved malicious domains and Android applications.
CEO of CloudSEK, Rahul Sasi said, “We estimate that threat actors have defrauded victims of up to $128 million (about Rs 1,000 crore) via such crypto scams,”
According to the report, many of the fake websites were impersonating CoinEgg, a UK-based crypto exchange:
“This large-scale campaign entices unwary individuals into a huge gambling scam. Many of these bogus websites impersonate “CoinEgg”, a legitimate UK-based cryptocurrency trading platform,”.
The scam works by the fraudsters buying domain names that are very similar to the websites they want to impersonate. They then go on to build websites that look visually similar to the target website, from the frontend design to the user dashboard.
Potential victims are found via social media where the fraudsters create fake accounts with female names and profile pictures. They use these accounts to convince unsuspecting users into trading and investing in cryptocurrency via the fake exchanges. $100 dollar credits are offered in an attempt to entice the users into joining the fake trading platforms:
“The profile also shares $100-dollar credit, as a gift to a particular crypto exchange, which in this case is a duplicate of a legitimate crypto exchange,” the report mentioned.
The report claims that victims usually make a profit from the free credit which then convinces them to trade larger amounts of their own money using the platform. This is done with the expectation of making even higher returns.
As soon as the victim deposits their own funds into the fake exchange, their account is frozen and the money is withdrawn from the platform by the scammer. The fraudsters even take it a step further by impersonating investigators when victims complain about losing access to their accounts. By posing as investigators, the scammers are able to profit even more by asking the victim for their personal and bank details:
“To retrieve the frozen assets, they request victims to provide confidential information such as ID cards and bank details, via email. These details are then used to perpetrate other nefarious activities,” the report warned.
Crypto scams have been plaguing the industry for years and fraudsters have been very active this year. In April over $114 million was stolen from Axie Infinity’s Ronin bridge by hackers and last month over $1.5 million worth of Moonbirds NFTs were stolen via phishing attacks.