Begin typing your search...

Crypto hackers using fake Amazon digital token as bait to lure victims

Amid the crypto buzz, cyber-criminals are leveraging Amazon's name to promote a fraudulent scheme called 'Amazon to create its own digital token' -- leading victims to give away their credentials in the first phase of the fraud campaign, cyber-security researchers have warned.

Crypto hackers using fake Amazon digital token as bait to lure victims
Representative image (Source: IANS)

New Delhi

The researchers from cyber-security firm Akamai said that they have been able to track continuous cyberattack campaigns that took advantage of the crypto fever, including fraudsters who introduced a variety of phishing schemes built on fake rumours, such as "Amazon to create its own digital token".

"This particular scam played directly into victims' fear of missing out on a limited-time offer to invest in a new (albeit fake) cryptocurrency 'opportunity'," they said.

A closer look at victims who visited the fake token landing pages showed that 98 per cent of the victims were mobile users, with 56 per cent using Android and 42 per cent using iPhone devices.

"Looking into the geographic breakdown for campaign victims shows that 29 per cent were located within North America, 35 per cent in South America, and 27 per cent in Asia," the report said.

Akamai reported its findings to Amazon.

Once the targets were engaged, victims were led to a well-designed and functional fake website, where they in turn, paid for the fake cryptocurrency.

The scam required the targets to use cryptocurrency -- in this instance, Bitcoin -- as the method of payment for the fake tokens.

The ultimate goal of the scam was to lead victims into believing the fake cryptocurrency was real and pay for it with their own cryptocurrency (bitcoin).

"To drive victim engagement and trust, attackers created a fully functional website that required registration, account confirmation using email, and a user account profile," said the researchers.

Additionally, the website included social engineering techniques that presented a fake progress bar, indicating tokens were about to sell out, adding pressure to the victim's purchasing decision.

Chainalysis estimates that fraudsters received approximately $14 billion in deposits in 2021.

Visit to explore our interactive epaper!

Download the DT Next app for more exciting features!

Click here for iOS

Click here for Android

Next Story