{"id":110136,"date":"2023-07-05T10:00:09","date_gmt":"2023-07-05T10:00:09","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/securelist\/?p=110136"},"modified":"2023-07-03T11:49:25","modified_gmt":"2023-07-03T11:49:25","slug":"hot-and-cold-cryptowallet-phishing","status":"publish","type":"post","link":"https:\/\/securelist.com\/hot-and-cold-cryptowallet-phishing\/110136\/","title":{"rendered":"Email crypto phishing scams: stealing from hot and cold crypto wallets"},"content":{"rendered":"
The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. Scammers tailor the complexity of technology they use and the thoroughness of their efforts to imitate legitimate websites to how well the target is protected and how large the amount is that they can steal if successful. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.<\/p>\n
A hot wallet is a cryptocurrency wallet with permanent access to the internet. This is essentially any online service that provides cryptocurrency storage, ranging from crypto exchanges to specialized apps.<\/p>\n
Hot wallets are a highly popular crypto storage option. This can be explained by the simplicity of creating one (registering with a wallet service is all you need to do) and the ease of withdrawing and converting funds. The popularity and simplicity of hot wallets makes them cybercriminals’ main target. However, for this reason, and due to the fact that hot wallets are always online, they are rarely used for storing large amounts. Hence, cybercriminals have little motivation to invest heavily into phishing campaigns, and so, techniques used in email attacks on hot wallets are hardly ever original or complex. In fact, they look rather primitive and target mostly unsophisticated users.<\/p>\n
A typical phishing scam aimed at a hot wallet user works as follows: hackers send email messages addressed as coming from a well-known crypto exchange and requesting the user to confirm a transaction or verify their wallet again.<\/p>\n