Crypto fraud uncovered by Group IB

The fraudulent scheme relies on a deceptive three-step process designed to extract cryptocurrency from unsuspecting targets. It begins with an unsolicited text message that impersonates a recognized news organization, featuring claims from a public figure promoting an attractive financial opportunity. Clicking the embedded link directs victims to a counterfeit webpage that displays their own personal details, including phone numbers, names, and email addresses.

Group IB's investigation revealed that perpetrators then funnel these individuals toward a third fraudulent domain, again pre-populated with their stolen information. To proceed, victims are pressured into transferring 0.03 BTC to establish and unlock an account supposedly linked to the investment platform.

The source of the personal data remains unclear, though Group IB suggests it either originated from separate fraudulent operations or was purchased through services specializing in such information trafficking. "Criminals have refined their methods to amplify conversion rates," Group IB noted in their report. "Weaponizing personal information enables them to execute precision-targeted attacks and streamline the victim experience, substantially boosting scheme profitability."

Protecting yourself requires vigilance at each step. Scrutinize any chain of website redirects with skepticism. Verify domain authenticity and check registration dates before inputting sensitive information or payment details. Singapore residents should enroll in the national Do Not Call registry as an additional safeguard against malicious contact attempts.