Scammers are impersonating cryptocurrency exchanges, FBI warns

The Federal Bureau of Investigation (FBI) issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds.

There are many types of crypto related scams, but in this case, the FBI provided an advisory about scammers that contact the target and pretend to be employees of a cryptocurrency exchange.

As scammers almost always do, they try to impose a feeling of urgency on the target, making potential victims feel as though they must act quickly because of, say, an acute problem with their account. Such an account may be allegedly compromised, or scammers could trick a victim into thinking that a third party is trying to gain access and withdraw funds from the account.

The scammer then offers to help the target to secure their funds, but to do so, the scammer—posing as a legitimate employee of the cryptocurrency exchange—first needs the victim’s log in credentials. Sometimes, scammers also send a malicious link to the victim which takes the victim to a illegitimate site that can collect identification information.

Armed with the information the target provided, the scammer drains the account. In a sense, the false warning that first came from the scammer was true—someone was after their account, it’s just that this specific someone was the person talking to the victim themselves.

Very similar scams exist that involve bank accounts, but most people are aware of how they can check and verify that the person they are in contact with actually works for their bank. With cryptocurrency exchanges, this is often not true.

Also, we see a lot of scary stories in the news about exchanges getting robbed or even disappearing with their customer’s money. Some crypto-related scams often deploy imposter websites which are hard to discern from the real ones.

Recovery services are another successful avenue for scammers. In June, the FBI warned of fraudsters posing as lawyers representing fictitious law firms that contact scam victims and offer their services, claiming to have the authorization to investigate fund recovery cases.

These scammers are usually after more money or personal information that could lead to identity theft.

The California Department of Financial Protection & Innovation (DFPI) has a very useful crypto scam tracker that allows visitors to read and search through hundreds of different real-life scenarios of crypto-related scams.

The most important ground rule when it comes to cryptocurrency or financial scams of any kind is: if it sounds too good to be true, it likely is.

Besides that, there are a few other guidelines that can keep you out of trouble.

  • Don’t respond to messages, emails or other communications that arrive unexpectedly or from strange senders/phone numbers.
  • First verify that the person you are communicating with represents the company they claim to work for. Do this using another channel. A call to a number you know to be legitimate, for example.
  • Don’t let scammers rush you into decisions or actions. They try to make you feel a sense of urgency, so you don’t take the necessary time to think things through.
  • Always research whether the cryptowallet, cryptoexchange, or app they are sending you to is trustworthy before signing up for it or installing something.
  • Use multi-factor authentication (MFA) for existing accounts which makes it harder for anyone to take over your account.
  • Never give out more information than absolutely necessary. A legitimate company will not ask for more information.

The FBI requests victims report activity associated with this scam to the FBI IC3 at www.ic3.gov.

The FBI also requests victims provide any transaction information associated with the scam. For more information on what to provide the FBI, see prior IC3 PSA Alert Number I-082423-PSA.


We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

https://blog.malwarebytes.com/feed/