Spammers cash in on blockchain euphoria

November 13th, 2017, Published in Articles: EngineerIT


Darya Gudkova, spam analyst expert at Kaspersky Lab.

While cryptocurrency holders search for new investment opportunities and ways to increase their savings, this new tends has not passed by the cyber criminals. Multiple blockchain-themed fraud schemes exploiting the hype around the technology have been spotted recently, according to Kaspersky Lab’s “Spam and Phishing in Q3 2017” report.

For several months, spammers have been showing increased ingenuity, with their activities proving that they are monitoring the latest trends and global developments in cryptocurrencies. Based on blockchain technology, cryptocurrencies have become an attractive target for cybercriminals, who have been successfully targeting their victims through web-mining. Alongside this, during the past three months, Kaspersky Lab researchers have also detected an increase in spam activities related to cryptocurrency. Criminals have been using several successful tricks to fool users and steal their money.

Fraud schemes, based on cryptocurrency trading, have been prevalent over the last quarter. In one such scenario users receive an email invitation to install special software for trading in the cryptocurrency market, but when they click on the link, they are redirected to different websites promoting investments options, including binary options trading. By doing this, cybercriminals hope that users will be enticed to invest more and more money, and transfer currency to a trading account which they own. However, for the victim there is no guarantee that it will lead to anything, or that they will get their money back. This type of fraud scheme is similar to a casino set-up, and aims to provoke users to bid until they have nothing left, leaving the cybercriminal with everything.

More primitive, but no less effective, tactics used to exploit victims include the distribution of emails offering to transfer money to a specific cryptowallet, where the user receives their money back with interest. But of course, that never happens. Users initially transfer money to an unknown wallet and the cybercriminal cashes in.

Another fraud scheme, discovered by Kaspersky Lab researchers in Q3, was in the form of offering to help users learn more about cryptocurrencies and how they could benefit from them. This underhand tactic aimed to exploit a lack of understanding about blockchain technology and how cryptocurrencies work. Criminals advertised educational workshops via email that would help users enhance their knowledge and skills around cryptocurrency and learn about investment opportunities. With a high price tag, users were duped into paying and believing this was a legitimate advert. However, the money paid to receive such advice would only end up enriching someone else’s wallet, not the user’s knowledge. Because usually such workshops promoted via spam are quite expensive, and consist of mainly of advertising than real knowledge.

“While in the second quarter of the year we observed the WannaCry spam and phishing attacks, in the past three months we have witnessed criminals actively exploiting the popularity of and interest around cryptocurrency. This once again shows that the most reliable way to target victims is by utilising current trends and cashing in on an emerging market which users are still getting to grips with and are keen to explore. There is no doubt that attacks in this form will continue, so it is extremely important for users to pay careful attention, be vigilant and keep up to date when it comes to global phenomenon”, said Darya Gudkova, spam analyst expert at Kaspersky Lab.

Along with the growth of blockchain scams, the average amount of spam has increased to 58,02%, which is 1,05 percentage points higher than in Q2. According to the report, peak spam activity in September was at 59,56%.

In addition, during the third quarter of the year researchers detected an increase in phishing attacks by 13-million – the Kaspersky Lab Anti-Phishing system was triggered 59,569,508 times on the computers of Kaspersky Lab users. At the same time, criminals have been focusing more on using messenger applications on mobile devices to carry out online scams.

Send your comments to