Despite the growing popularity of cryptocurrencies, big technology firms have largely kept away from the industry. However, that doesn’t seem to have deterred scammers from exploiting consumer interest around both to steal from unsuspecting users.
Just last week, on January 20, security researchers at Akamai flagged a scam where fraudsters spread misinformation that Amazon is launching its own crypto token.
The researchers pointed out that the scam “played directly into” the victims’ “fear of missing out” (FOMO) on what could be a limited-time opportunity to make money quickly.
“The scam played upon the latest sentiments and increasing risk tolerance for crypto investing, leading victims to give away their credentials in the first phase of the fraud campaign.”
Excerpt from Akamai blog post on Amazon cryptocurrency scam
In the Amazon scam, hackers led targets to fake websites, which asked them to pay for fake cryptocurrency. Paying for this fake token requires something like Bitcoin, which would instead be syphoned off to the scammers’ own accounts. While one would likely ascertain the scam eventually, the anonymity attached to crypto usage and crypto wallets would mean that victims will be left with no recourse after the transactions went through.
Big tech firms, big scams
While the Amazon scam doesn’t seem to have done considerable damage yet, there have been multiple instances of big tech firms featuring in big crypto scams.
In November 2021, security firm Checkpoint Research estimated that $500,000 worth of crypto had been stolen in a “matter of days” by hackers who exploited Google Ads. “Scammers are placing ads at the top of Google Search that imitate popular wallet brands, such as Phantom and MetaMask, to trick users into giving up their wallet passphrase and private key,” researchers at Checkpoint said at the time.
But perhaps the biggest instance of crypto scammers making off with big money came from scammers exploiting the most trusted tech firm when it comes to security — Apple. A month before the Google Ads scam reported by Checkpoint, security firm Sophos reported that scammers had exploited the trust people place in Apple’s App Store in order to make away with as much as $1.4 million, or possibly more.
This scam involved dating sites and taking advantage of Apple’s Enterprise Developer program. “They strike up a friendship, using the dating game as a ruse, but then quickly move to money, this time in the guise of them doing you a big favour by offering you a chance to join an ‘unbeatable’ investment opportunity,” the Sophos report pointed out.
The dating apps and sites, being approved by Apple, drew a level of trust from users. Hackers took advantage of this to find victims who would then be tricked out of transferring crypto to illicit wallets.
Crypto scams on the rise
To be sure, scams like this are part of a bigger and burgeoning crypto scam industry. Earlier this month, blockchain tracking firm Chainalysis reported that crypto scammers had made as much as $14 billion in 2021 through various scams. This includes hacks of decentralised finance (DeFi) platforms, rug pulls and more.
A December 16 report from Chainalysis had noted that rug pulls, which are scams where the creators of a project make away with deposits and abandon the project, accounted for about $7.7 billion worth of stolen crypto.
The article originally published on Business Insider.