Every day, inboxes are flooded with an array of unsolicited emails, ranging from promotions and irrelevant messages to traditional phishing emails and malicious spam.
Here are Bitdefender Antispam Lab’s pick for the week’s spam trends that threaten your wallet and data:
$20 bucks for verifying your Blockchain.com wallet
Digital thieves are once again targeting crypto investors with phishing emails impersonating the popular crypto wallet service Blockchain.com. Scammers sent thousands of phony emails asking recipients to verify their identity by March 31 in order to continue using the blockchain explorer.
They even offer two monetary rewards for doing so:
- $5 dollars in Bitcoin for successfully verifying your account by March 31
- $20 dollars in Bitcoin for successfully verifying your account and making a purchase or swap of at least $100 before April 1
Rewards will be cashed in by April 14, according to the bogus letter.
Users who interact with this phishing email and click on the Verify Now button are directed to a Blockchain phishing page where they are asked to enter their email address and wallet secret phrase to complete verification. Of course, entering sensitive details on this webpage could lead to account hijacking and financial loss.
German users are also targeted with a similar ruse. Recipients are lulled into believing they’ve received 2 BTC in their crypto wallet – that’s over $90,000.
You have received 2 BTC. Please enter your wallet ID to receive it
Click here to fill out the receipt details
it will only be available for 24 hours.”
The embedded link takes users to a phishing webpage, asking them to enter personal information including their name, email address and phone number.
Phony notifications phish for login credentials
Internet users this week were also targeted with phony email termination notices. The message says the account holder recently made an account termination request that will be processed in the next 2 hours.
This particular phishing scam appears to target employee email accounts, based on an analysis of the recipients’ email address domain.
The Stop Termination button takes users to a phishing page asking them to enter their account password. The email address is already pre-filled.
In this next attempt to hijack user email passwords, attackers impersonate the popular internet-based file transfer service WeTransfer. Recipients are made to believe they were transferred a file containing a purchase order.
To view the file, users need to enter their email address and password into a fake WeTransfer login page.
How to protect your account and data:
- Check the sender’s email address and email body for typos
- Instead of clicking any embedded links, head to the official website to check if your accounts are active or if any additional security or data verification processes are required
- Hover over links and verify the URLs whenever you receive any suspicious emails that urge you to update your info or sensitive information
- Enable two-factor authentication on all accounts
- Report phishing attempts to the company
- Install a security solution on your devices to block any fraudulent links posing as legitimate websites
Bitdefender to the rescue
Bitdefender protects your household devices from malicious and fraudulent activity of all kinds. To fend off phishing and nasty internet threats and benefit from unlimited VPN traffic alongside a cross-platform Password Manager, check out our latest 3-in-1 full security suite called Bitdefender Premium Security.
To prioritize your digital safety and check if your personal information was stolen or made public, add Bitdefender’s Digital Identity Protection to your digital security toolkit. The digital identity and privacy-focused service offers a complete view of your online presence, data breach exposure and privacy risks. On top of a full mapping of your digital footprint, including publicly available data (email address, phone numbers, links to your social media accounts), you also benefit from 24/7 breach monitoring, a bunch of educational materials and easy to use one-click action items to secure any privacy loopholes.