Ethereum a phisher’s favorite: Kaspersky report finds $2.3M lost to criminals outside traditional phishing

Global cybersecurity company Kaspersky, the same security watchdog that has been keeping an eye on notorious hacking group Lazarus, has just released their report for the second quarter of this year.

According to Kaspersky, Ethereum is a favourite among phishers.

“Ethereum (ETH) is currently the most popular cryptocurrency with phishers,” they wrote. “The popularity of Ethereum with cybercriminals increases as more funds are attracted by ICOs on the Ethereum platform.”

In terms of traditional phishing, their system intercepted 58,000 attempts to connect to fake websites posing as crypto wallets and markets. But despite this, Kaspersky says that cybercriminals have amassed a huge amount of funds by riding in on ICO hype, tricking users into forking their funds into the wrong accounts, mostly through social media and messengers. Fake profiles on Twitter and Facebook have been rampant, saying they’re giving away free ETH or other cryptocurrency, and leading clickers to fake websites.

“According to our very rough estimate (based on data received from over a thousand ETH wallets used by malefactors), over the Q2 2018, cybercriminals exploiting ICOs managed to make $2,329,317 (end-of-July-2018 exchange rate), traditional phishing not included.”

Kaspersky also notes that phishing scammers rode in on the General Data Protection Regulation (GDPR) ruckus, sending out phishing emails consistent with the standard GDPR notices sent by legitimate companies.

The report also listed some disturbing big-time data leaks this last quarter: 27 million Ticketfly customers had their data compromised; 92 million MyHeritage genealogy service users’ personal data ended up in a public server; 340 million records lost by marketing company Exactis; and Amazon leaked personal information from 48 million Facebook, LinkedIn, Twitter, and Zillow users.

As if all that wasn’t bad enough, it’s also confirmed: HTTPS is no longer a security guarantee.

“As mentioned in the 2017 report, more and more phishing pages are now found on certified domains,” Kaspersky wrote.

“Those may include hacked or specially registered domains that cybercriminals use to store their content. This has to do with the fact that most of the Internet is switching to HTTPS and it has become easy to get a simple certificate. In the middle of the second quarter, this prompted Google to announce future efforts aimed at changing the way Chrome works with certificates. Starting in September 2018, the browser (Chrome 69) will stop marking HTTPS sites as ‘Secure’ in the URL bar. Instead, starting in October 2018, Chrome will start displaying the ‘Not secure’ label when users enter data on unencrypted sites.”