With cryptocurrency prices on the rise, fraudsters are even more incentivized to conduct their operations. The latest in their activities appears to be impersonating one of the most revered platforms in the blockchain and crypto industry.
Yesterday, the Financial Conduct Authority (FCA) announced in a report that phony actors had impersonated Blockchain.com, a notable trading and wallet provider.
The report drew attention to one Blockchain Ltd., a firm which claims to be affiliated with the trading service,
The FCA explained that Blockchain.com operates under the umbrella of Blockchain Access U.K. Ltd and Modulr FS Limited, its principal entity. The firm had gotten approval to work in the United Kingdom, making the phony actors in direct violation of British financial law.
“Fraudsters are using the details of firms we authorise to try to convince people that they work for a genuine, authorised firm. This firm is not authorised or registered by us but has been targeting people in the U.K., claiming to be an authorised firm.”
Along with the details of the real Blockchain.com’s parent companies, the FCA also added some available contact details of the phony actors. The agency also warns investors to be careful of anyone who contacts them and claims to be from Blockchain.com.
Electrum’s Phishing Problem
Phony actors aren’t a novelty in the crypto space for sure. For as long as the industry has gained mainstream adoption, several criminals have sought to impersonate top blockchain and crypto firms to steal funds from unsuspecting customers.
One of the most prominent impersonation forms has been phishing, where copycat sites attempt to lure victims into dropping their information. These attacks are most prominent with exchanges and wallet applications, and they have been on the rise in 2020.
Electrum, a wallet service like Blockchain.com, has been plagued with several phishing attacks. The issues have dated back to 2018, with accounts confirming that hackers had stolen almost $1 million in cryptocurrencies from users.
At the time of reports, the wallet address linked with the scam reportedly held 243 BTC. Since then, over 500 BTC tokens have moved in and out of it. The wallet is also empty.
Even after the news broke, Electrum continued to suffer several security issues. There was a distributed denial of service (DDoS) attack that had significant similarities to the 2018 phishing scam as it also misled victims using fake software updates.
In August, a GitHub user published a post claiming that they had lost 1,400 BTC (about $16 million at the time) to a malware-infested version of the Electrum wallet. The user explained that he had downloaded the wallet and immediately got a message asking him to update his security settings.
The user claimed that the update was a prerequisite for making any transfers, so he had to do it. Sadly, once he installed the update, his funds got diverted almost instantly. Attempts to retrieve his funds proved abortive.