Authorities in London have intercepted a significant crypto phishing scheme, blocking 43 fraudulent web domains associated with cybercriminal activities.
The operation, spearheaded by the National Fraud Intelligence Bureau (NFIB), comes as part of ongoing efforts to combat financial cybercrime in the digital asset sphere.
London Police Uncover Crypto Phishing Scam
London’s City Police, under the leadership of temporary commissioner Pete O’Doherty, recently uncovered a spoofed email address masquerading as the legitimate crypto platform blockchain.com.
This discovery prompted a thorough investigation, leading to the identification of 42 additional phishing domains, including “actionfraud.info” and “department-fraud.com.” Swift action was taken to neutralize these fraudulent addresses as soon as they were detected.
NFIB’s vigilance and response
The NFIB, dedicated to analyzing and gathering intelligence on fraud and finance-related cybercrimes, emphasized the importance of reporting cybercrimes promptly through official channels and hotlines.
As of December 2023, the unit has taken down nearly 300,000 malicious websites based on reports received. Phishing attempts, ranging from fake crypto giveaways to deceptive emails claiming various prizes, continue to plague unsuspecting victims within the crypto community.
Trezor security breach and subsequent phishing attempts
hardware wallet manufacturer Trezor reported a security breach compromising the data of 66,000 users. Following this breach, at least 41 users reported receiving phishing emails requesting sensitive information to access their crypto wallets. This incident underscores the persistent threat posed by cybercriminals seeking to exploit vulnerabilities in crypto infrastructure for illicit gains.
MailerLite breach exposes vulnerabilities
The phishing attack was traced back to a breach experienced by email marketing firm MailerLite, which inadvertently facilitated unauthorized access to Web3 accounts. Hackers exploited a social engineering attack, tricking a MailerLite employee into clicking on a malicious link that redirected to a fraudulent Google sign-in page.
This inadvertent action granted attackers access to MailerLite’s admin panel, enabling them to orchestrate the phishing campaign targeting crypto investors.
Financial impact of the attack
Blockchain analytics firm Nansen reported that the attackers’ primary wallet amassed at least $3.3 million in total inflows following the phishing attack.
This significant financial impact underscores the severity of the incident and highlights the importance of robust cybersecurity measures within the crypto ecosystem.