We'll tell you what bitcoin fraud is and what exactly it involves

Cryptocurrency has become increasingly popular in recent years. However, cybercriminals have also been able to make a lot of money out of this system, with many cyber attacks centred around Bitcoin. Find out how they can attack you and get into your computer system or steal your money.

What is Bitcoin and how does it work?

Bitcoin is a virtual currency which uses cryptography to ensure that your transactions are secure and anonymous. In order to run this cryptography, a network of computers that verify these transactions using very complex mathematical calculations is needed.
The individuals or companies operating the computers used for these calculations are known as "miners", as, in exchange for their processing power, they are given payment in Bitcoin for blocks of verified transactions. The infrastructure involved is known as Blockchain.

Cryptocurrency such as Bitcoin have become increasingly popular in recent years due to the increase in its value, its lack of regulation by any governments or financial institutions and the very secure nature of Blockchain infrastructure, as falsification is practically impossible. In addition, as mentioned above, this system does not use names, meaning that it gives users anonymity.

However, these characteristics also make it very appealing to cybercriminals, meaning that many cyber attacks and a large amount of cryptocurrency fraud aim to obtain Bitcoin. This could be done by deceiving users and companies, or transforming computers into miner zombies.

Types of Bitcoin

Cybercriminals don't have a real preference about when they make cyberattacks. They mostly use mass approaches, working under the principle that if they target more users, more will bite. Therefore, the most used attack is Phishing, a mass email which acts as bait and contains some kind of malicious element, such as an infected link or attachment.

Using Phishing, cybercriminals looking to obtain Bitcoin or cryptocurrency will try to infect individual users' or companies' computers, either by launching malware which hijacks information (Ransomware) and asks for a ransom, or by running a malicious code which transforms the computer into a mining machine, where users will only notice their machine slowing down and will not be notified of any attack.

However, Phishing is not the only method that these cybercriminals use, as social engineering can take many forms. Through this approach, cybercriminals will try to deceive their victims using different excuses, across a range of media. One of the most common methods is blackmail on social media, where attackers make users believe that they have gained access to their webcam and ask for Bitcoins in exchange for not distributing certain images.

Cryptocurrency fraud: how can you protect yourself against these cyberattacks?

The number one thing that you can do to protect yourself both against Phishing and any other social engineering attack is use your common sense and try to keep a cool head. This type of fraud tends to activate areas in our brain which drive fear and reward, which is why they make us act without thinking. It is important to fight this initial urge and stop to take the time to analyse the message or call that you are receiving.

Here are some examples of features of malicious messages that should cause alarm:

  • An unknown sender and a similar address (but not the same) as the official one.
  • It conveys a sense of urgency, such as an offer that will expire within a specific period of time, a security problem or an unauthorised bank transaction.
  • It is usually an attack not just aimed at you, so the greeting will be generic.
  • If the message seems to have been put together just for you, as it contains personal information, please check whether this information can be obtained easily online (such as through photographs that you have uploaded or posts on social media).
  • A link to a web page that is not secure (http) or a file that must be downloaded, such as an invoice, receipt or payslip.

Therefore, in order to protect yourself against social engineering, you need to be proactive:

  • Review the sender.
  • Do not follow links or download attachments.
  • If you are unsure about whether the message is authentic, check with the person or organisation via official channels.
  • Be careful what information and photographs you post on social media.

In addition, in order to protect yourself against malware such as Ransomware or Criptojacking (mining malware), you should follow a number of security recommendations:

  • Keep the operating system and browser on your device up to date.
  • Have an antivirus installed and always up to date.
  • Make back-up copies of important information, so that you can format your device if necessary.
  • Prioritise saving files in the cloud rather than on local hard drives in order to prevent information being lost or stolen due to cyberattacks.

You might be interested in