The New Jersey Cybersecurity & Communications Integration Cell received several incident reports over the last few weeks regarding schemes targeting cryptocurrency holders and potential purchasers.
These incidents include the compromise of cryptocurrency wallet accounts, even those protected with multi-factor authentication (MFA). After acquiring a user’s compromised password, threat actors use SIM swapping* or other social engineering attacks to obtain the user’s second factor authentication code and access the user’s cryptocurrency exchange account.
After gaining unauthorized access, they can transfer money out of the account.
In separate scams, threat actors establish online connections with their target and convince them to purchase cryptocurrency via a fraudulent online exchange. Once the user provides their payment for purchase, they are informed they need to pay taxes and other fees totaling thousands of dollars in order to withdraw their funds.
* SIM-swapping attacks happen when employees at US cellular providers are tricked or sometimes even bribed to make changes to your account. The hackers will pretend to be you, and they’ll convince your carrier to transfer your mobile phone number to their own smartphone.To pull this off, the hacker can rely on information exposed in past data breaches, which can reveal your birth date, residential address, and—in the worst cases—your Social Security number. If the cellular provider falls for the scheme, the company will transfer your phone number to a new SIM card that the hackers can plug into their device.
The hacker can then use your mobile phone number to break into your internet accounts because cell numbers are often used to receive password reset codes.