Kaspersky, a cybersecurity solution company, reported that scams involving cryptocurrencies are being reported on Discord, a communication platform usually aimed at gamers. The system allows you to create subject-based communities that even include digital currencies. Thus, multiple users gathered in a single virtual space caught the attention of criminals.
Discord (Image: Toshiyuki IMAI/Flickr)
The company denounced on its official blog a fake prizes and sweepstakes scheme for cryptocurrencies such as bitcoin (BTC) and ethereum (ETH) that is being disseminated through private messages on the platform.
“Scammers look for victims on cryptocurrency servers on Discord and send private messages that appear to come from a promising trading platform that distributes digital currencies,” the company explains.
Scammers’ dissemination strategies
Example of a private message sent by scammers on Discord (Image: reproduction/Kaspersky)
Each message seems to use a different persuasion strategy to supposedly legitimize the fraudulent offer, but the basis is always the same. The user would have been randomly chosen to receive an impressive payout in bitcoin (BTC) or ethereum (ETH).
The justification used by the scammers is that the alleged cryptocurrency company is promoting a publicity campaign with free prizes in digital assets. Whether as a marketing strategy to publicize the ghost platform, attract more users or even more generously support the community in times of the COVID-19 pandemic.
Scheme creates complex and compelling platform
Fake platform created by criminals (Image: reproduction/Kaspersky)
Targeted messages instruct targets on how to accept the prize. The victimized user must register on the platform through the link sent. Until then, the site visually convinces as a legitimate cryptocurrency exchange.
Kaspersky points out that “someone clearly went to a lot of trouble to make the site look legit.” There are multiple functions built into the fraudulent platform. Exchange rate information, charts, order books, trading history and even support services in multiple language options are present. Finally, there is also a two-factor authentication system for the “protection” of the victim’s account.
how the blow occurs
After all this convincing work, the coup actually starts to happen. In order for users to validate their accounts and complete the registration to receive their supposed prize, a small deposit must be made in cryptocurrencies and a verification procedure needs to be completed.
“The procedure is similar to what you might find on a legitimate bag, requiring contact details, a photo of an ID and a selfie taken with ID and a sheet of paper with the bag’s address, registration date, and signature.” , explains to Kaspersky. According to the company, the scammers appear to be collecting a database to sell “at a good price on the dark web”.
Finally, users must activate the prize key they received through Discord to receive their “free” amount of cryptocurrencies. Digital currencies actually appear in the accounts, but the victim is unable to redeem them. For this, a top-up of 0.02 BTC (or the equivalent in ETH or dollars) must be made to “legitimize” the account. This money is then pocketed by the criminals and the supposed prize is never redeemed.