Bitcoin is the most popular crypto-currency today with more than 2 million crypto currency wallet holders and almost 7 billion worth in US dollars. For a period of one year only the wallet users have risen in number by 500 percent while the daily transactions with Bitcoins amount to more than 30 000 a day, all this explaining the increased number of cyber-attacks. Currently, one Bitcoin is worth 519 USD, which is very tempting to the cyber criminals.
Who Is Under Attack by the Bitcoin Phishing Campaign
Leading companies working in the media, education, finance, high-tech and manufacturing industries have been recently approached in a Bitcoin phishing campaign, aiming to steal the users’ crypto currency wallet passwords. In a recent blog post the security company Proofpoint, based in California, informed its readers that the phishing campaign has irregular nature.
How Does the Bitcoin Phishing Campaign Work
Today the most well-known Bitcoin wallet website is Blockchain.info. The phishing emails in the Bitcoin campaign come from a source that pretends to be Blockchain, and they come in the form of a template for account warning. The message in the email states that there was an attempt for entering the user’s account from China. The cyber criminals even use:
- an ID that looks unique
- a date of the infiltration attempt
- location from where it was made
In fact, even experienced PC users find the entire email information looking legitimate.
The Bitcoin credential phishing campaign aims to get sums from more than 400 organizations that come from various industry spheres. Proofpoint security company estimated that more than 12 000 messages were sent in two waves, all with a link that the users can try for resetting the password. The users are advised to clock on the link and change their password; however this will lead them to a malicious website that imitates Blockchain.info, which is designed to record the information provided by the victims. Then, when the users decide to change the wallet password, they get a login error message, and the cybercriminals get access to the account information and Bitcoin wallets.
Currently, the Bitcoin phishing campaign has received 2.7 percent click rate.