Phishing impersonations and business email compromise attacks surged by 192% between October 2020 and May 2021. Such attacks are typically designed to steal victims’ bitcoin.
According to research recently published by the cloud-enabled security solutions provider Barracuda Networks, the rise in attack closely correlates with an equal rise in both the demand and price of bitcoin over the last 8 months.
This relationship is detailed in the figure below:
Bitcoin-themed cyber-attacks have historically been utilised in extortion and ransomware attacks, but hackers have now started to incorporate cryptocurrency into spear-phishing attacks, the analysis revealed.
As described in the Threat Spotlight, such a rise is expected with an increase in both demand and digital ledger valuations. Additionally, it’s also worth considering that the ‘pool’ of crypto consumers around the world is larger than it’s ever before. What’s more, cryptocurrency payments are decentralised and unregulated, giving cybercriminals the means to extort victims’ bitcoin whilst remaining completely anonymous.
Barracuda researchers observed and intercepted multiple attack campaigns, which saw hackers impersonate digital wallets and other cryptocurrency-related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting your banking credentials, today they are using the same tactics to steal valuable bitcoin.
A real-world example of this type of attack can be seen below:
Barracuda’s analysis also observed that cybercriminals have included bitcoin as part of their business email compromise attacks impersonating employees within an organisation. They target and personalise these emails to get their victims to purchase bitcoin, donate them to fake charities, or even pay a fake vendor invoice using cryptocurrency.
Additionally, Barracuda identified the most commonly used key phrases in bitcoin-inspired email attacks – typically, cybercriminals will create a sense of urgency, with the phrases ‘urgently today’, ‘day runs’ and ‘nearest bitcoin machine’ coming out on top, followed by terms that play on victims’ sentiment, such as ‘charity donation’.
“Accelerating interest and demand for bitcoin has provided cybercriminals with a payments method which is virtually untraceable, enabling a multi-billion pound economy of ransomware, cyber-extortion, and impersonation attacks, primarily targeting individual investors and private companies,” comments Fleming Shi, CTO for Barracuda Networks.
“Thus, it’s more important than ever for organisations, workers, and investors to keep their data and financial assets completely secure. Continuing to train users and employees to recognise the latest tactics used by hackers is imperative to maintaining blanket security for any given organisation, and all businesses and potential victims are heavily encouraged to back up their data with a third-party cloud-based data backup solution to prevent data loss, reduce downtime in the event of a cyberattack, and insure themselves against surging ransomware threat levels.”