Bitcoin SMS scams on the rise

In January this year, a text message from an unidentified sender informed Mr James Quak, 41, that he had one bitcoin waiting to be redeemed in his account.

All he had to do was click on the link forwarded and he would instantly be $18,000 "richer", based on the market value of the cryptocurrency that day.

Instead of succumbing to greed, Mr Quak, who is self-employed, ignored the message. He said: "There is no such thing as a free lunch. No one will give you free money. The minute I saw the message, I knew it was a scam and ignored it ."

In doing so, Mr Quak not only avoided being phished for personal information and passwords, but he also prevented his phone from being hijacked to mine for cryptocurrency.

MALWARE

Cyber security firm Palo Alto Networks released data last week that shows globally, cyber criminals have turned sharply from disseminating ransomware to spreading cryptocurrency-mining malware.

In January this year, 65,512 samples of this particular form of malware was discovered, an increase from the 2,368 samples found in January last year.

Singapore

This is no smiley faced robot, but it should make you smile

Jul 27, 2022

Related Stories

SafeTravel website crashes due to surge in travel pass applications

5.9 million customers hit by RedDoorz data breach

All government agencies to accept digital ICs from next week

This is in "response to the surging value of cryptocurrencies", noted the report.

Prices of bitcoin rose to an all-time high of $26,125.71 last December before dipping. It currently hovers around $14,000.

Bitcoin-related SMS scams have also popped up globally, with the Australian media reporting that many Australians have been receiving messages instructing them to click on links to confirm their accounts and claim bitcoins.

A report in local media cited a handful of people here who have received similar texts.

The Cyber Security Agency of Singapore (CSA) has yet to receive reports of such scams here, but Mr Douglas Mun, deputy director of CSA's National Cyber Incident Response Centre, said the website link in the SMS received by Mr Quak redirects to a phishing website.

When users click on the link, it redirects them to a website called The Bitcoin Code, which asks for personal information, including full name, e-mail address and phone number.

According to Mr Mun, this modus operandi is similar to other phishing scams.

Beyond phishing, there may be something more insidious at play here.

A spokesman for cyber security firm Check Point Software Technologies said: "By just inputting your e-mail address on the website, users potentially expose themselves to a drive-by download."

Drive-by downloads happen without a person's knowledge, and the spokesman said they could potentially contain cryptocurrency-mining capabilities.

These tap into mobile phones' computational power for cryptocurrency-mining purposes.

Cryptocurrencies such as bitcoin have to be mined virtually, as they do not have a physical representation.

This is done by using a computer's processing power to solve complex mathematical algorithms. The more algorithms solved, the more cryptocurrency is earned.

Mr Matthias Yeo, chief technology officer of Symantec Asia Pacific, noted that there has been an upward trend in cases of malware mining.

He added: "The widespread popularity of mobile phones has given unsavoury characters a larger pool of computational power to tap on.

"What is more, mobile phones are highly advanced nowadays, with them being more akin to mini computers. As such, they are more than capable of mining cryptocurrencies."

While cyber security experts said security apps from reputable security vendors can identify and remove such malware, the best course of action would be to ignore unfamiliar links.

According to the CSA, users who have provided their personal information should monitor their phones and e-mail accounts for unusual activities.

They can also go to www.csa.gov.sg/gosafeonline to learn about how to defend themselves against phishing scams.