Crypto scammers are always looking for new ways to dupe investors and steal their digital assets. This includes phishing scams, pump and dump schemes and designing malicious crypto exchanges. Indian investors have been duped of more than Rs 1,000 crore to a fake crypto exchange scam, reveals a new report by cyber security company CloudSEK.
CloudSEK said it has uncovered an ongoing operation involving several phishing domains and Android-based fake crypto applications. “This large-scale campaign entices unwary individuals into a huge gambling scam. Many of these bogus websites impersonate “CoinEgg”, a legitimate UK-based cryptocurrency trading platform,” according to the report.
The company said that it was approached by a victim who allegedly lost Rs 50 lakh ($64,000) to a fake cryptocurrency exchange scam, in addition to other costs such as deposit amount, tax, etc.
How the CoinEgg scam works
CloudSEK researchers’ investigation discovered that the CoinEgg cryptocurrency scam was conducted by threat actors in multiple phases. “They’re masquerading as the legitimate CoinEgg crypto trading platform by replicating the dashboard and user interface of the official website,” the company said.
The premise is simple: a fake website that looks exactly like CoinEgg is being promoted via social media channels like Facebook and Telegram. Users are lured under the pretext of a $100 gift voucher, which will be deposited when they invest in certain crypto. Upon registering and depositing funds on the exchange, threat actors freeze the amount in the CoinEgg VIP wallet and prohibit users from retrieving it.
Users who go to other platforms to complain about losing their assets are contacted by hackers to provide their bank ID cards and details via email. These details are then used to perpetrate other nefarious activities. It should be noted that multiple fake phishing applications are also being propagated on the web, claiming to be CoinEgg.
Researchers note that these applications, on installation, require unwanted permissions and are reported as malicious on various platforms. “Threat actors have created several fake CoinEgg domains so far so that taking down any of these domains does not affect their malicious campaign,” researchers added. When the threat actors get caught, they switch domains so that the scam goes undetected.
CloudSEK advises that identifying phishing websites and subsequently suspending them is the quickest way to mitigate the threat of such scams. “Report the phishing campaign to the Cyber Crime Cell and provide them with the necessary details to curb the continuous attempts of threat actors. Run aggressive awareness campaigns to educate users/ customers about ongoing scams. This will lead to fewer people falling for these scams,” the company added.