Cryptocurrency and blockchain-focused news site CoinDesk issued a warning to the public about scammers who are trying to use the publication's name when sending fake emails. The warning comes after hackers hijacked Twitter accounts of famous people such as Joe Biden, Jeff Bezos, and Bill Gates and used them to spread a crypto scam.
It turns out that CoinDesk’s Twitter account was one of those hacked by the scammers. “CoinDesk was one of the hijacked accounts, too (our handle is all better now, thanks), and it was far from the first time our brand was exploited by crooks looking to make a quick buck. Nor has it been the last,” CoinDesk wrote.
Coindesk also revealed that scammers previously promised news coverage in exchange for money after they impersonated CoinDesk reporters. The website warned that the hackers seem to have found another scheme in mind.
“Over the past few weeks, CoinDesk has seen evidence scammers are copying our newsletters in their entirety, adding a malicious link at the top and changing the subject line to emphasize that link,” the publication wrote. “They then send the email to a list of active and perhaps crypto-curious email addresses likely acquired from privacy-ignoring data brokers or the dark web, completing the phishing scheme.”
CoinDesk users, who never signed up for mailings, would usually unsubscribe from the service upon receiving the fake emails. However, they’ll either be redirected to a non-working link or to another phishing attempt.
CoinDesk noted that the fonts of the fake emails used in the phishing scam are not the same as the fonts used in the publication’s newsletters. But for those who have not subscribed to the site’s mailings, the publication also offered a few tips on how to spot a fake email.
“There is a giveaway but you need to be paying attention: The malicious link is always in a short ‘news’ item that comes right after the byline, usually touting a company you’ve never heard of,” CoinDesk wrote. “None of our newsletters begin this way, so if you see one of these, flag it right away by forwarding the email to [email protected].”
The site promised that it is working to track down the scammers. In the meantime, users should be wary of “wary of suspicious-looking links.” Instead of clicking on the unsubscribed button on the fake emails, users should just block or filter the senders’ addresses.