Action Fraud, UK’s cyber crime watchdog has warned cryptocurrency users to be watchful of phishing emails which use Ransomware WannaCry.
Issuing the red alert, the regulator said, “The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry Ransomware,” and users have to be careful not to succumb to the phishing trigger.
Phishing Fraud for Bitcoin
Beginning this Monday, Action Fraud received over 300 reports complaining about the scam email. The modus operandi of the scam is simple. Users receive a spam claiming files on their now hacked device will be deleted unless ransom is paid in Bitcoin. The expectation of a ransom is the only truth in the mail and there is no actual hacking of the device.
“In reality the emails are just a phishing exercise to try and extort money. The emails claim that all of your devices were hacked and your files will be deleted unless you pay a fine to the fraudsters in Bitcoin,” add Action Fraud office bearers. However, the main aim of the ransomware is to spread panic among users.
WannaCry’s infection most reported cases were from the United Kingdom. In May, it was found that about 1/3rd of the National Health Services (NHS) Trusts were infected along with some 600 independent practitioners. The result of the cyber epidemic was a country-wide cancellation of over 19,000 appointments as well as operations. The entire infection was spread around 250,000 computers in over 150 countries.
Apart from WannaCry, another phishing campaign used British Telecom, calling users to update security features. One of the users was tricked, when he called a ‘help’ number pop-up on the screen. It refused to close and the user found that his system was infected.
By clicking on the pop-up, explains Action Fraud, “The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.”
For crypto users there was more crime awaiting, according to Carbon Black a cyber security firm, with nearly 27-percent of the attacks on cryptocurrency at the Exchange-level.
The security firm found that nearly 21-percent of the total crimes occurred on businesses and regular people. Heading the list of cybercrimes is ransomware like WannaCry, followed closely by crypto-jacking.
Other industry members also concur with these statistics. Malwarebytes , an internet security firm’s product manager, Helge Husemann, says, “The illicit gains from illegal crypto-mining contribute to financing the criminal ecosystem, costing billions of dollars in losses and disruption of business services from compromised assets.”
Husemann says that several reputed businesses and government websites in the United Kingdom have been targeted for illegal mining scams. Use of malware protection software, such as Malwarebytes products apparently blocked over eight million attempts in malicious mining in a day. Cybercrimes, according to industry analysts have increased lately due to profits illegal mining is netting such crimes.