The US Federal Bureau of Investigation (FBI) has warned about the spread of fraudulent applications for investing in cryptocurrencies and their subsequent theft from US investors.
The FBI reported that cybercriminals are contacting American investors, offering them supposedly legitimate services for investing in cryptocurrencies. Then they convince people to install fraudulent mobile applications and deposit funds, which are subsequently not returned to investors. According to the FBI, cybercriminals have already managed to steal about $42.7 million from 244 victims in this way.
Typically, attackers pose as legitimate financial institutions in order to gain the trust of potential victims. For example, between October 4, 2021 and May 13, 2022, scammers acting on behalf of the YiBit exchange that closed in 2018 defrauded at least four investors for a total of $5.5 million. After convincing people to download the fraudulent YiBit app, they sent them emails with requiring them to pay taxes on their investments before withdrawing funds, but the victims were never able to get their money back.
The FBI report also mentions other fraudulent organizations operating between November 1 and 26, 2021 on behalf of the Australian currency exchange Supay. They instructed two users to download a fake app and make multiple deposits in cryptocurrencies. The attackers told one of the investors that he was enrolled in an investment program with a minimum balance of $900,000 without his consent, and to cancel the subscription, the victim was asked to make a deposit or put up with a freeze of funds.
The agency recommended that cryptocurrency owners enable multi-factor authentication for all their accounts, reject requests to install suspicious applications, and verify phone numbers and email addresses on official websites of companies.
In June, the FBI warned of a rise in cryptocurrency crimes on social media. At the beginning of the year, the FBI opened a unit to analyze suspicious transactions in the blockchain, which also includes the confiscation of digital assets.
