Investment scams come in different forms but in the end, they all try to ask you to “invest” money in crypto and earn huge returns, sometimes promising guaranteed returns, with little to no risk. If a stranger DMs you about a new cryptocurrency or crypto project, assume it’s a scam. These fake accounts are simply trying to steal your crypto. These messages include offers of “early access” and “alpha” and provide a link(s) on how to get in on the action. Direct Message (DM) Scamsīeware of scammers sending you a “DM” (direct message) on Telegram, Discord, Instagram, Twitter, and other social media apps. Even if you receive an email from someone you know but it seems suspicious, contact that person using a different method (like a text message), rather than replying to the email. Don’t be surprised if all your holdings are immediately transferred to the scammer’s wallet(s).īeware of strangers randomly contacting you, especially with email. If you enter your login information, you’ve actually given this information to the scammer who can now access your real account and steal your crypto. If you’re gullible enough to click the link, you’re sent to a fake website that looks identical to the crypto exchange or wallet app you use, but it’s actually a trap. You will be asked to click a link (or download an attachment). It could be an individual, like a friend or family member, or a representative from a large company. The scammer will pretend (or “ spoof”) to be someone that you will likely know and trust. Phishing can take on many different forms but in general, a phishing attack begins with the scammer contacting you via email, text, phone, social media post, or DM. With social engineering, cybercrimiinals connect with users while pretending to represent atrusted individual or legitimate organization and seek to acquire critical information such as account numbers or passwords. “Social engineering” is a method used to extract sensitive details by way of human manipulation. In the context of crypto, phishing scams try to get access to your crypto exchange account or crypto wallet. Phishing is a type of social engineering attack that uses email, phone, or text to entice individuals into providing sensitive information, ranging from passwords, credit card information, and other confidential details about a person or company. You’ll then be provided a link to click on to download the latest version. Using phishing attacks (explained below), scammers will text or email you telling you that the current version of your crypto wallet app is out of date and needs to be updated. The goal is to get you to enter your seed phrase (or “recovery phrase”). Scammers have been able to create fake crypto wallet apps that mimic real ones such as Trust Wallet and MetaMask. Not only can websites be faked, but mobile apps as well. Basically, once they have your money, it’s gone forever. Once you sign up and make an initial deposit, you won’t be able to withdraw, or worse, the website shuts down. These websites will entice you with promotional offers such as “free bitcoin” or “deposit bonuses” if you deposit a certain amount. Postal Inspection Service rolled out a smishing awareness campaign on its public website.Īlerting customers to potential fraud helps protect their personal information and preserves the Postal Service’s brand, reputation, and customer loyalty.Even the website address will be similar, with just a slight change in the spelling. We reviewed Postal Service social media channels as well as and found that at the time the Postal Service had not provided any public notification of this campaign. Postal Service, OIG auditors examined the Postal Service’s response to the attack. In our recent Management Alert, Active Smishing Campaign Masquerading as the U.S. Usually the message tries to get the target to reveal personal information, such as passwords or credit card numbers, or to convince the recipient to click on a link that installs malware.ĭuring an audit of the Postal Service’s social media activity, the OIG uncovered a smishing campaign which involved a third party posing as USPS, claiming to have a link to information about a package. What’s smishing? A fraudulent text message pretending to be from a reputable source – your bank, for example, or the U.S. Telemarketing brought robocall scams, the growth of email brought about phishing, and now, as more companies communicate with customers through text messages, comes… smishing. New types of communication channels bring new types of deception.
0 Comments
Leave a Reply. |