Cryptocurrency Wallets Targeted in Sophisticated Email Attacks


Cryptocurrency storage, like hot and cold wallets, has become a prime target for cyber-criminals. As such, Kaspersky researchers recently discovered a malicious email attack that delivered 85,000 scam emails in the Spring of 2023, with 34,000 of those emails intercepted in March alone.

These kinds of attacks exploit the fact that hot wallets are easy to access, with over 400 million users worldwide. The tactics used by scammers are usually simple, as they impersonate well-known crypto exchanges through fraudulent emails.

This malicious campaign was then extended to cold wallets, which are entirely offline storage systems. The campaign involved an email impersonating the prominent cryptocurrency exchange Ripple, promising victims a token giveaway. The link led to a fake Ripple page, written in Punycode, and prompting users to connect their hardware wallets.

To ensure the safety of crypto assets, Kaspersky experts recommend purchasing hardware wallets only from official and trusted sources, inspecting new hardware wallets for signs of tampering, verifying the legitimacy and updating firmware, securely storing the seed phrase and using strong and unique passwords.

For more information regarding similar attacks, see Crypto-Exchange Used to Launder Ransomware Transactions Dismantled.

Related articles

Recent articles