Russia-based antivirus provider and cyber security firm Kaspersky Lab, has released a report that claims that over $10 million in Ethereum have been stolen via social engineering scams such as phishing, and phony Twitter giveaways.
The report states that crypto-focused cyber criminals have made off with more than 21,000 Ethereum (ETH) tokens, worth well over $9 million, according to current the current price of Ethereum trading at $430 at the time of this writing. The figure doesn’t include all Ethereum stolen - only theft that involved phishing attempts, DNS redirects, and other scams where users initiate the transaction.
Kaspersky also says they were able to successfully block over 100,000 crypto theft attempts for the users of their premium protection services.
The report calls out initial coin offerings as among the most prominent avenues for crypto theft. Kaspersky doesn’t call out the ICOs themselves, but instead that criminals are posing as ICOs and are luring investors to send funds to wallets not associated with the real ICO team. For example, the report uses the Switcheo ICO as an example – an instance where $25,000 in crypto was stolen through a fake Twitter account.
Twitter is among the riskiest places for cryptocurrency investors, particularly due to the prevalence of phony cryptocurrency giveaway scams. These scams often use an imposter account designed to look like someone in the crypto space such as Binance CEO Changpeng Zhao, or possibly a celebrity such as William Shatner or Elon Musk. The imposter account then ‘announces’ a giveaway, where unsuspecting users must send a sum of crypto – usually ETH – to a wallet in exchange for a larger sum of cryptocurrency in return. The scammers never send the larger sum of crypto as promised, and make off with investor’s assets.