Surge in Cryptocurrency Scams – My information Resource (blog.mir.net)

The NJCCIC received reports of a surge in cryptocurrency scams in the past month. These scams aim to steal personally identifiable information (PII), private keys, wallet addresses, and funds. In fraudulent investment schemes, threat actors impersonate legitimate organizations, experienced investment advisors, or registered professionals as part of an investment group. They send unsolicited requests to convince their targets to deposit funds on fraudulent platforms with lures of high-yield, quick-return investments, gold trading, mining, and electric scooter rentals. Weeks or months later, the targets cannot withdraw funds from the fraudulent platforms, or they do not receive the promised payment on their investments. The reported losses from these fraudulent investment schemes ranged from approximately $2,500 to $310,000.

Threat actors also impersonate cryptocurrency platforms, such as Coinbase, in unsolicited emails, text messages, and phone calls. These scams create urgency with claims of compromised accounts, security concerns, and suspicious logins or account activity. Also, unsuspecting targets may search for legitimate customer service phone numbers, potentially revealing “poisoned” search results . If they take further action to “resolve” the urgent issue, the threat actors claim to require account verification or authentication. Once the targets divulge sensitive information and their private keys, funds are transferred to threat actor-controlled cryptocurrency wallets. The reported losses from these scams ranged from approximately $1,300 to $274,000.

Recommendations

Do your research when purchasing cryptocurrency and look for reputable sources. Check for reviews and performance history.
Never invest more than you can afford to lose.
Avoid clicking links, opening attachments, responding to, or acting on unsolicited communications.
Independently verify unsolicited offers and do not release any personally identifying information, financial details, or funds until you have confirmed the legitimacy of the offer.
Always refrain from sharing your private key or seed phrase with anyone. Keep systems and apps up to date.
Report these scams and malicious cyber activity to the NJCCIC, the FBI’s IC3, and the FTC.
If victimized, monitor bank accounts, credit profiles, and other online accounts for any irregularities or suspicious behavior.
Review the Identity Theft and Compromised PII
NJCCIC Informational Report for additional recommendations and resources, including credit freezes and enabling MFA on accounts.
Review the NJCCIC Cryptocurrency Scams webpage for additional information, recommendations, and resources.