Phishing Scams in Crypto: How Scammers Operate
Crypto phishing scams are running amok in the industry, where attackers reportedly yield five-figure weekly incomes from targeting high-ranking executives and software engineers. Nick Neuman, CEO of Casa, recently shared a shocking encounter with a scammer impersonating Coinbase support, offering rare insight into their operations.
In a video that he posted on X on Nov. 20, Neuman explained how the scammer tried to trick him by faking an alert for a password change, complete with a phony link. Instead of falling victim, Neuman pressured the scammer to disclose how they pulled off the tactic.
Scamming a Scammer
He brazenly admitted that he makes at least $10,000 every week, sometimes $35,000 in just two days. “We target people like you,” the scammer said, adding that their victims typically include chief executives, chief financial officers, and engineers. Their selection relies heavily on leaked data to ensure that the targets at least have $50,000 in assets.
The scheme operator’s confidence revealed the scope of their operation, emphasizing that crypto’s unregulated nature made it a lucrative frontier. They further shared their goal of reaching $100,000 monthly.
Leaked Databases: A Gateway for Scams
Key to these attacks is access to leaked databases, such as those from Bitcoin financial services firm Unchained Capital. In this, he said, the lists included people with large crypto holdings. With tools such as “auto-doxxers,” the attackers pick up more information on their targets, including personal and financial data, to fine-tune the phishing.
Ways of Phishing: From Spoofed Emails to Wallet Draining
The phishing scams depend on sophisticated methods, including spoofed emails that appear to originate from trusted platforms like Coinbase. He even admitted that the game wasn’t about stealing passwords but to get victims to send funds to phony wallets.
Once stolen, the funds are laundered into Monero (XMR) for anonymizing. He added that they do not use KYC exchanges at all, relying on hardware wallets like Ledger-ironically also one of the most common targets for phishing attacks.
The Bigger Picture: Crypto Security in Jeopardy
According to the Web3 security firm Scam Sniffer, more than $127 million was lost to crypto phishing attacks in Q3 alone. Since the scammers continually improve their methods, the crypto community has to undertake more serious security practices and be alert to emerging threats.