Phishing impersonations and business email compromise attacks designed to steal victims’ bitcoin surged by 192% between October 2020 and May 2021, closely following the rising demand and increasing price of bitcoin over the last eight months [FIGURE 1], according to new analysis by Barracuda Networks, the trusted partner and leading provider for cloud-enabled security solutions, in their most recent Threat Spotlight research.
Bitcoin themed cyber attacks have typically been used in extortion and ransomware attacks in the past, but hackers have now started to incorporate cryptocurrency into spear phishing, impersonation, and business email compromise attacks, the analysis revealed.
The Threat Spotlight shows that this is because of rising demand, increasing price valuations and more holders of the cryptocurrency than ever before. What’s more, cryptocurrency payments are decentralised and unregulated, giving cyber criminals the means to extort victims’ bitcoin whilst remaining completely anonymous.
Barracuda researchers observed and intercepted multiple attack campaigns which saw hackers impersonate digital wallets and other cryptocurrency related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting your banking credentials, today they are using the same tactics to steal valuable bitcoin [FIGURE 2].
Barracuda’s analysis also observed that cybercriminals have included bitcoin as part of their business email compromise attacks impersonating employees within an organisation. They target and personalise these emails to get their victims to purchase bitcoin, donate them to fake charities or even pay a fake vendor invoice using crypto currency [FIGURE 3].
Additionally, Barracuda identified the most commonly used key phrases in bitcoin-inspired email attacks – typically, cybercriminals will create a sense of urgency, with the phrases ‘urgently today’, ‘day runs’ and ‘nearest bitcoin machine’ coming out on top, followed by terms that play on victims’ sentiment, such as ‘charity donation’.
Fleming Chi, CTO for Barracuda Networks comments:
“Accelerating interest and demand for bitcoin has provided cyber criminals with a payments method which is virtually untraceable, enabling a multi-billion pound economy of ransomware, cyber-extortion and impersonation attacks, primarily targeting individual investors and private companies.
“Thus, it’s more important than ever for organisations, workers, and investors to keep their data and financial assets completely secure. Continuing to train users and employees to recognise the latest tactics used by hackers is imperative to maintaining blanket security for any given organisation, and all businesses and potential victims are heavily encouraged to back-up their data with a third party cloud-based data backup solution to prevent data loss, reduce downtime in the event of a cyber attack, and insure themselves against surging ransomware threat levels.”