Kraken warns against scam attempts from punycode lookalike domains

Kraken has issued a warning against phishing attempts by punycode lookalike domains. The exchange took to Twitter to alert its users of the new attempts by cybercriminals who are circulating emails purporting to be from the exchange.

The exchange stated, “Phishing/scam attempts by email from punycode lookalike Kraken domains are being reported by token founders/teams. Check full headers. Do not follow links, do not view attachments, do not provide requested information. Kraken does NOT charge listing fees.”

Kraken declined to reveal any further details. It remains unclear if any client fell victim to the phishing attack. The exchange didn’t also reveal if there were any attempts to fight the scammers or how extensive the phishing campaign was.

This is just the latest attack in what is becoming an increasingly common phenomenon. With the prices of most cryptos bouncing back to 15-month highs, many traders have thronged back to the industry. This has attracted the scammers who are keen on defrauding the unsuspecting traders.

Just recently, two Israeli brothers were arrested and charged with being behind a series of crypto-related phishing attacks as well as the infamous hack of major crypto exchange, Bitfinex. The two developed clones of major crypto exchanges and wallets and sent the links to community forums on Telegram and other social media platforms. They embedded credential-stealing malware on these sites, taking over the accounts of hundreds of victims. According to a report by Finance Magnates, the two brothers made tens of millions of dollars.

It’s not just the crypto users who are being targeted. Coinbase was on the news recently after being one of the high profile crypto exchanges targeted by a spearphishing campaign. The attackers sent phishing emails to Coinbase employees with links to malicious sites. If the victim clicked on the links using the Firefox browser, it would automatically download and install malware capable of stealing passwords and other sensitive data. Firefox reportedly issued a patch after Coinbase reported the vulnerability, ZDNet reported.