Cyber criminals are avid fans of current news and keep up with the latest topic to create and launch the newest ripoffs.
Security analysts have already seen fake or fraudulent crypto tokens and non-fungible tokens or NFTs named after Queen Elizabeth II being sold in the marketplace in an attempt to lure unsuspecting investors.
The NFTs and tokens that have claims that they are “paying tribute to Her Majesty” could pose security risks, said Kaspersky, a privately held vendor of Internet security solutions for businesses and consumers.
Crypto and NFTs Could Be Scams
Fraudsters follow newsworthy events, especially high profile global events and develop scams that resemble investments, including crypto and NFTs.
“Crypto and NFT scams are so widespread on the Internet that consumers should expect these anytime there is a significant news event, whether it has to do with the passing of a high-profile figure or a major sporting event,” Karim Hijazi, CEO of Prevailion, a Houston-based cyber intelligence company, told TheStreet.
Consumers can be exploited by crypto token and NFT scams through two different strategies. One method involves fraudsters selling real tokens or NFTs that are spoofed on malicious websites.
“These fake sites will steal the person’s money and/or information,” he said. “It can be difficult to determine the legitimacy of a new crypto token or NFT, so consumers need to be careful.”
Investors should stick to using trusted crypto and NFT exchanges for conducting transactions and never click on an unsolicited link sent over social media, messaging apps or other digital platforms, Hijaz said.
Another commonly used method uses outright fakes where the consumer is tricked into sending money and receives nothing. Cyber criminals can simply use fake sites to buy or download these products to steal a consumer’s financial data and also infect their devices with malware at the same time.
“This malware could likewise steal information, record future logins and online transactions, or bot the device to be used for illegal crypto-mining, DDoS attacks or other nefarious purposes,” he said.
There has been an increase in crypto scams during the past year because of both the digital nature and growing interest in crypto tokens and NFTs, Monnia Deng, director of product marketing at Bolster, a Los Altos, Calif.-based provider of automated digital risk protection, told TheStreet
“Before clicking on any link sent to you, use a link-checking website such as https://checkphish.ai/, a free phishing URL scanner to detect online scams in real time,” she said. “If you come across a suspicious link, scan it there before accessing it. You can look up the owner of a website by using tools like https://www.whois.com/whois/.”
People who use Chrome, a widely popular browser, can add a layer of security by turning on “enhanced safe browsing,” Deng said. “Don’t feel pressured to buy and take the time to do that extra research. If you do decide to purchase, use a credit card over debit or PayPal as it affords you more protection.”
Scroll to Continue
NFT scams are very popular, Patrick Harr, CEO at SlashNext, a Pleasanton, Calif.-based anti phishing company, told TheStreet.
“SlashNext’s Threat Labs sees hundreds of these type of phishing sites each day that use celebrity or artist names to conduct similar scams,” he said. “This is an easy way to make money and steal bank information and user credentials to use or sell on the dark web for future use.”
Queen Elizabeth II Websites Are Likely Fake
The pretext that scammers use to get your information changes, but they will “use whatever is in the news to get people to click,” Alex Hamerstone, advisory solutions director at TrustedSec, a Fairlawn, Ohio-based ethical hacking and cyber incident response company, told TheStreet.
Since the Queen’s funeral is dominating the news, scammers will take advantage of it to get people to click on links.
“The types of scams we see are pretty consistent in their methodology and their goals,” he said. “Scammers, in the end, are ultimately focused on making money.”
Websites that are developed quickly often are not secure, so investors could become victims easily. The sale of other memorabilia such as gold coins, t-shirts and coffee mugs commemorating Queen Elizabeth II on new brand new websites likely lack any security protocols.
“When buying from such sites, remember that many of them are not secure and the data entered on such pages are likely to be at risk of leakage, so remember to use a robust secure solution to protect yourselves,” said Olga Svistunova, a security expert at Kaspersky.
Cyber thieves create retail websites to obtain your payment data, so stick to buying only from trusted stores and “be suspicious of super low prices on goods” because they are conducting create phishing pages that resemble the original famous brands, she said.
Pop-up websites are a common trick used by scammers since they may be too recent to “undergo reputation analysis by search engines or anti-malware solutions,” Hijaz said.
“As with any online deal or unsolicited offer, use common sense and don’t be lured in by the urgency of the offer or the fear of missing out on a one-time deal,” he said.
Cybercriminals are also increasingly manipulating search engine ads and other online ad networks to place fake sites in the ad that will phish the information of users, Hijaz said.
“Just because a website is featured in an ad on a well-known search engine, that doesn’t mean the site is legitimate,” he said. “These fake websites are usually distributed via bots on social media, but they can also manipulate SEO tactics to appear in the first few pages of search results for a specific term or phrase.”