Crypto investors in India have lost more than $128 million (nearly Rs 1 billion rupees) due to a sophisticated phishing scam involving fake cryptocurrency exchanges. This scheme was discovered by cybersecurity firm CloudSEK, who said the operation involved malicious domains and Android apps.
CloudSEK CEO Rahul Sasi said: “We estimate that threat actors have defrauded victims of up to $128 million (around Rs 1,000 crore) through these types of crypto scams.”
According to the report, many of the fake websites were posing as CoinEgg, a UK-based crypto exchange:
“This large-scale campaign lures unsuspecting people into a huge gambling scam. Many of these fake websites are posing as “CoinEgg”, a legitimate UK-based cryptocurrency trading platform.”
The scam works when scammers buy domain names that are very similar to the websites they want to impersonate. They then go on to create websites that look visually similar to the target website, from the interface design to the user control panel.
Potential victims are found through social media, where scammers create fake accounts with female names and profile photos. They use these accounts to convince unsuspecting users to trade and invest in cryptocurrencies through fake exchanges. $100 dollar credits are being offered in an attempt to entice users to join fake trading platforms:
“The profile also shares a $100 credit, as a gift to a particular cryptocurrency exchange, which in this case is a duplicate of a legitimate cryptocurrency exchange,” the report mentions.
The report claims that the victims usually profit from the free credit, which then convinces them to exchange large amounts of their own money using the platform. This is done with the expectation of even higher returns.
As soon as the victim deposits their own funds on the fake exchange, their account is frozen and the scammer withdraws the money from the platform. Scammers even go a step further by posing as investigators when victims complain about losing access to their accounts. By posing as investigators, scammers can make even more profit by asking the victim for their personal and bank details:
“To recover frozen assets, they ask victims to provide sensitive information, such as ID cards and bank details, via email. These details are then used to perpetrate other nefarious activities,” the report warned.
Crypto scams have been plaguing the industry for years and scammers have been very active this year. Last April $114 million was stolen of Axie Infinity’s Ronin Bridge by hackers and last month over $1.5 million in Moonbirds NFTs were stolen through phishing attacks.