MQS: New scam to steal crypto wallet credentials is circulating on Internet

Relying on a social engineering method, cyberattackers seek to obtain the attention and enthusiasm of the victim, explains MásQueSeguridad

Through various publications on social networks, it has been possible to appreciate the capture of a WhatsApp text message or direct message in which a username and password of a supposed Exchange site (cryptocurrency exchange page) where it says there is a large sum of USDT or Tether, which is known as a stablecoin and whose value is equal to the US dollar in a 1:1 ratio.

MásQueSeguridad (MQS) warns through a statement that, in the message, a text is observed where the user is asked not to “share with anyone” said information. Thus, trying to get the person to enter the website, with the data provided. By doing so, the victim arrives at a false page in which there is a balance with a high sum of USDT. This is a well-known method of social engineering that seeks to gain the attention and enthusiasm of the victim.

Now, if the victims want to transfer said fake balance to their cryptocurrency wallet, the website created by the cybercriminals will request their access credentials, taking control of their account and allowing the attackers to keep their funds.

This deception was observed circulating with different domain names, but g structurally it is the same. Among the domains detected by the MásQueSeguridad team, usdtbonim.com, usdtcoindc.com, usdtethon.com, usdtlonim.com are mentioned, which have a creation date between April 20 and 24, 2022, which is an indication alert.

Similarly, the messages are sent from numbers of national operators in countries such as Colombia and Venezuela, which have already been duly reported as spam on various verification platforms, adds MQD in its preventive document.

That is why MáQueSeguridad recommends verifying through search engines, such as Google or databases like es.trustpilot.com, the reliability of any website that could be doubtful. In the same way, to check unknown telephone numbers on sites such as www.truecaller.com, www.listaspam.com, www.spamcalls.net, among others. Additionally, sharing this information on social networks, with friends and family, for preventive purposes, to limit the efficiency of such attacks.

With information from MásQueSeguridad

Comments are closed.