Skip to content

Commit

Permalink
Create bogus-cryptocurrency-investment-apps.md
Browse files Browse the repository at this point in the history
  • Loading branch information
summercms authored Sep 20, 2023
1 parent 410c2d5 commit 890e538
Showing 1 changed file with 42 additions and 0 deletions.
42 changes: 42 additions & 0 deletions docs/scams/bogus-cryptocurrency-investment-apps.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
## Cybercriminals are convincing investors to download fraudulent mobile apps

The FBI has warned that cybercriminals use fraudulent cryptocurrency investment applications to steal funds from investors.

The FBI has observed cyber criminals contacting investors, fraudulently claiming to offer legitimate cryptocurrency investment services and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency.

The agency identified crooks operating under several company names, such as Yibit (between October 2021 and May 2022) and Supayos aka Supay (in November 2021).

They convinced multiple targets to install bogus apps and deposit funds into wallets the attackers claimed were associated with the victims' app accounts.

Between 22 December 2021 and 7 May 2022, other cybercriminals impersonated a legitimate US financial institution to defraud dozens of other victims out of millions of dollars worth of cryptocurrency.

They used a similar tactic, tricking victims into installing a bogus app and depositing cryptocurrency into wallets allegedly linked with the victims' accounts on the app.

## Recommendations

The FBI recommends financial institutions take the following precautions:

* Proactively warn customers about this activity and provide steps customers can take to
report it.
* Inform customers as to whether the financial institution offers cryptocurrency
investment services or other related services and methods to identify legitimate
communications from the institution to customers.
* Inform customers whether the financial institution has a mobile application.
* Periodically conduct online searches for your company's name, logo, or other
information to determine if they are associated with fraudulent or unauthorized activity.

The FBI recommends investors take the following precautions:

* Be wary of unsolicited requests to download investment applications, especially from
individuals you have not met in person or whose identity you have not verified. Take
steps to verify an individual's identity before providing them with personal information
or relying on their investment advice.
* Verify an app is legitimate before downloading it by confirming the company offering
the app actually exists, identifying whether the company or app has a website, and
ensuring any financial disclosures or documents are tailored to the app's purpose and
the proposed financial activity.
* Treat applications with limited and/or broken functionality with skepticism.

## Links

https://www.ic3.gov/Media/News/2022/220718.pdf

0 comments on commit 890e538

Please sign in to comment.