The National Fraud Intelligence Bureau (NFIB), a police unit in the United Kingdom dedicated to analyzing and gathering fraud and finance-related cybercrime intelligence, has blocked 43 web domains linked to fraudulent activities.
According to an update from the temporary commissioner of the City of London Police, Pete O’Doherty, the NFIB discovered a spoof email address purporting to be from the crypto site blockchain.com. The authorities found that 42 more web domains have been registered, including “actionfraud.info” and “department-fraud.com.” The authorities blocked the addresses as soon as they were discovered.
The NFIB urged people who fall victim to cybercrimes to report it throug their official channels and hotline. The police unit said that as of December 2023, it had removed almost 300,000 malicious websites due to the reports. Some phishing attempts include claiming that the email recipient won a Tupperware set.
Watch out for these fake emails claiming you’ve won a “36-piece Tupperware set”.
— Action Fraud (@actionfrauduk) February 7, 2024
⚠️The emails lead to websites designed to steal your personal information.
Your reports have led to the removal of 295,300 malicious websites as of December 2023.
If you receive a… pic.twitter.com/S9RxQwaWF3
Phishing continues to be a prevalent issue within the crypto community. On Jan. 20, hardware wallet manufacturer Trezor flagged a breach in its security that compromised the data of 66,000 users. After the incident, at least 41 users reported receiving phishing emails requesting sensitive information to access their crypto wallets.
Meanwhile, a widescale phishing campaign flooded the email addresses of many crypto investors. On Jan. 23, a phishing attack from fraudsters pretending to be from major Web3 companies was detected by the crypto community. Hackers sent an email campaign promoting fake token airdrops while purporting to be from companies like Cointelegraph, WalletConnect, Token Terminal and others.
Related: Unwanted emails from Patreon? Crypto users say it might be a phishing scam
The phishing attack was later confirmed to be caused by a breach experienced by email marketing firm MailerLite. On Jan. 24, the company revealed that hackers were able to gain control over Web3 accounts using a social engineering attack. According to MailerLite, a team member responding to a customer inquiry clicked on a link redirected to a fraudulent Google sign-in page.
The employee signed in, unknowingly giving the attackers access to MailerLite’s admin panel. Blockchain analytics firm Nansen said that the attackers’ main wallet had at least $3.3 million in total inflows since the attack.
Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story