Security scientists have uncovered various new phishing strategies applying the collapse of Silicon Valley Lender (SVB) as a entice to steal cryptocurrency.
Proofpoint explained it spotted lures related to USD Coin (USDC), a digital stablecoin tied to the dollar, that was impacted by the SVB collapse.
“This campaign utilized messages that impersonated many cryptocurrency brands, which ended up despatched by way of malicious SendGrid accounts and containing SendGrid URLs. The URLs redirected to a number of different domains that requested the target to assert their crypto/redeem to USD,” it tweeted yesterday.
“Clicking the button would test to open a DeFi URL, so the target would will need to have a DeFi handler put in, these types of as MetaMask wallet. The target would then be lured to install a good contract that would transfer the contents of the victim’s wallet to the attacker.”
Examine far more on crypto phishing frauds right here: Major Phishing Marketing campaign Targets Trezor Crypto Wallets.
P2P payments tech business Circle, which was uncovered by the failure of SVB, declared that USDC would remain redeemable at a 1:1 fee with the dollar, sparking added phishing campaigns.
Scientists at Cyble stated they spotted a number of phishing websites impersonating Circle advertising the 1:1 offer. Some request users scan a QR code to proceed, which results in their crypto wallet remaining compromised, the vendor claimed.
Cyble reported it noticed a equivalent tactic at work in a individual phishing marketing campaign featuring internet sites impersonating SVB and endorsing a bogus USDC reward plan.
“A QR code will be shown if a user clicks on the ‘Click here to claim’ button to acquire the promised USDC on the phishing site,” stated Cyble.
“The sufferer is instructed to scan this QR code working with any cryptocurrency wallet, these as Believe in, MetaMask or Exodus. However, scanning the code will final result in the compromise of the user’s wallet account.”
Some parts of this article are sourced from:
www.infosecurity-magazine.com