Fake cryptocurrency exchanges have duped Indian investors of more than $128 million (nearly Rs 1,000 crore) as the global crypto market tanks, a new report claimed on Tuesday. Cyber-security company CloudSEK said it has uncovered an ongoing operation involving several phishing domains and Android-based fake crypto applications.
“This large-scale campaign entices unwary individuals into a huge gambling scam. Many of these bogus websites impersonate “CoinEgg”, a legitimate UK-based cryptocurrency trading platform,” according to the report. CloudSEK was approached by a victim who allegedly lost Rs 50 lakh ($64,000) to such a cryptocurrency scam, in addition to other costs such as deposit amount, tax, etc.
“We estimate that threat actors have defrauded victims of up to $128 million (about Rs 1,000 crore) via such crypto scams,” said Rahul Sasi, Founder and CEO of CloudSEK. “As investors shift their focus on the cryptocurrency markets, scammers and cheats turn their attention to them as well,” Sasi added. Threat actors first create fake domains that impersonate legitimate crypto trading platforms. The sites are designed to replicate the official website’s dashboard and user experience.
The attackers then create a female profile on social media to approach the potential victim and establish a friendship. The profile influences the victim to invest in cryptocurrency and start trading. “The profile also shares $100-dollar credit, as a gift to a particular crypto exchange, which in this case is a duplicate of a legitimate crypto exchange,” the report mentioned. The victim initially makes a significant profit, which bolsters their trust in the platform and the threat actor.
After the victim seemingly makes a profit, the scammer convinces them to invest a higher amount, promising better returns. Once the victim adds their own money to the fake exchange, the threat actor freezes their account, ensuring the victim can’t withdraw their investment, and disappears with the victim’s money. When victims take to various platforms to complain about losing access to their accounts, the same, or new, threat actors reach out to them in the guise of investigators.
“To retrieve the frozen assets, they request victims to provide confidential information such as ID cards and bank details, via email. These details are then used to perpetrate other nefarious activities,” the report warned. In the long-term, it is imperative for the collaboration between crypto exchanges, Internet service providers (ISPs), and cyber crime cells to raise awareness and take action against threat groups,” said Sasi.