It seems that criminals now seek to steal cryptocurrencies from people in Venezuela, for which they would be viralizing messages via WhatsApp with alleged campaigns that seek to capture the attention of unknowing motivated by ambition.
ANDl Corps of Criminal and Criminal Investigations of Venezuela, CICPC, invited the residents of the country to be very attentive to a series of messages that would be circulating via WhatsApp, in which data and links would be spreading to defraud people through phishing-type campaigns (data theft).
Phishing campaigns through WhatsApp
The information in question was published by the CICPC this week through his Instagram account, where he warns citizens about a series of messages that are reaching residents of the country, in which they are offered a series of data (username and password) to enter a account on a platform where there would be a significant amount of money in cryptocurrencies, just as if it were a communication that arrived by mistake. The idea is that motivated by greed or curiosity, the victims access the link provided and provide the information that is requested to access the funds.
In this regard, the CICPC warns:
“Cybercriminals, from different phone numbers, are sending messages reporting an apparent username and password. This new modality is emerging and is called a mirror page, where the Cracker manages to have your data when entering that page (usdtconin.com)”.
The security body warns all those who receive the message to block the number in question and proceed to delete it, in order to prevent further communications from the scammers.
Links: risks of mirror pages and malware
As indicated by the CICPC, the link provided in this type of message leads the victims to a “mirror page“, that is, a site that pretends to be another in image and appearance, which has the sole purpose of taking user data to later use them in authentic services and access their accounts.
Although the CICPC warns about this type of scam after the proliferation of these messages, the truth is that it is a well-known strategy in various ecosystems (crypto and traditional). Fraudsters can try to send emails and even contact the potential victim privately, pretending to belong to the customer service of a service they use (Exchange or bank), to later indicate that their accounts have been compromised and/or make special campaigns with the intention of collecting access data to the accounts, in order to enter and empty the funds contained therein.
In other cases, this type of communication could also contain links that lead to download sites, where the victim could get hold of some type of malware that serves to access the private information stored on their computer, which would also be delicate since they can access to all kinds of personal data stored on the compromised device.
Now “Maria” is interested in cryptocurrencies
Those who have heard of this new wave of cases assure that this is a variant of what usually happens with the popular “Maria”, which is nothing more than attempts by scammers using one of the most common names in the South American country to pretend to be known to the victim, and thus supposedly offer dollars for sale asking the victim to make a bank transaction to a number provided.
According to experts and analysts, those responsible for this type of scam apparently are people confined in the country’s penitentiary centers, who use the generic name of María, or even go further by investigating potential victims on social networks, taking photos of acquaintances to pretend to be them and try to swindle the victims.
Given the diversity of currencies that circulate in Venezuela at this time, added to the boom that the main cryptocurrencies are having as a means of payment for products and services, analysts say that it is not surprising that criminals are now behind these assets, trying their luck with this fraud mode.
Avoid being the victim
In response to the proliferation of this type of case, below we share some recommendations to avoid being a victim of phishing campaigns that arrive through emails and/or telephone numbers:
1.-First of all: be discreet with your financial affairs
In some cases, scammers target potential victims because they know they deal in some degree with cryptocurrency. The solution to this is simply to be discreet and avoid disclosing information about your financial activities, thereby reducing the likelihood of being targeted by malicious individuals.
2.-If you do not know the number / email of the sender, ignore
Many times those who try to scam you do not write to you from numbers or institutional accounts. This is the easiest flag to spot, so if this condition is true, simply ignore the message and block the sender.
3.- Do not fall victim to panic or greed:
Many times people fall because the messages report that the security of their accounts has been compromised, or because they are offering something that seems too good to be true. The invitation is to remain calm and not believe in this kind of thing.
5.-Do not open links or offer private information
Combined with the above, many times the communications include links and/or download links to verify what they are apparently informing you of. DO NOT OPEN ANY OF THESE LINKSas they will probably take you to a clone site from where you have to enter username and password, or worse, it could contain a download link for malware.
6.- Always refer to the official sites
Let’s say you operate from a exchange and you have concerns that the security of your account has been compromised. Take into account what was said in the previous point and only access the service through its official website / app.
With account information Instagram of the CICPC
Article by Angel Di Matteo / DailyBitcoin
Picture of unsplash
WARNING: This is an informative article. DiarioBitcoin is a means of communication, it does not promote, endorse or recommend any investment in particular. It is worth noting that investments in crypto assets are not regulated in some countries. May not be suitable for retail investors as the full amount invested could be lost. Check the laws of your country before investing.