As the price of bitcoin rises amid the growing public interest in cryptocurrency, cybercriminals are taking advantage of the opportunities this creates for them to trick potential victims and increase the profits they can make from their attacks. Researchers at Barracuda recently analyzed phishing impersonations and business email compromise attacks sent between October 2020 and May 2021 and identified that the growing price of bitcoin has led to an increase in the volume of cryptocurrency-related attacks.
The threat has increased after some companies announced that they will accept payments in bitcoin, it generated more interest in cryptocurrency and started to drive its value up. Fueled by the chaos around bitcoin, its price increased by almost 400% between October 2020 and April 2021. Cyberattacks quickly followed with impersonation attacks, which led to its growth by 192%.
Key catch phrases used by bitcoin users
Hackers use bitcoin to get paid in extortion attacks where they claim to have a compromising video or information that will be released to the public if the victim does not pay to keep it quiet. While this scheme has been around for some time, as the price of bitcoin climbed, cybercriminals started including it as part of their business email compromise attacks impersonating employees within an organization. They target and personalize these emails to get their victims to purchase bitcoin, donate them to fake charities, or even pay a fake vendor invoice using cryptocurrency.
Barracuda has been using its AI natural language processing capabilities to analyze the language used in cryptocurrency-related BEC attacks and determine key phrases and calls to action that hackers used to incite their victims. Attackers are creating a sense of urgency by using phrases like “urgent today” or before the “day runs” out. Their call to action is typically for their victim to go to the “nearest bitcoin machine.” They also play on their victims’ sentiments to request that a payment be made as a “charity donation,” making their victims believe they are doing a good thing.
Bitcoin making ransomware attcaks more dangerous
Due to the rapid growth in the perceived value of bitcoin, ransomware attacks have also become more damaging than ever. In 2019 ransom demands ranged from a few thousand dollars to $2 million at the top end. By mid-2021 most demands were in the millions, with a significant number over US$20 million. The possible reasons contributing towards the skyrocketing demands are: Fewer organizations choosing to take the hit by actually paying the ransom; Ransomware payments are getting traced by law enforcement agencies and strict actions are being taken; and, with the price of cryptocurrency going up, it is costing more for organizations to pay out to the cybercriminals.
Hackers have been conducting phishing attacks time and time again asking victims for wire transfers and gift cards. They are now they are looking for their victims to buy and send them bitcoin. Organisations need to protect their users from such attacks by training them on the latest email threats so that they are able to recognize the latest tactics used by hackers. They should make phishing simulation a part of their security awareness training.
During a ransomware attack, a cloud backup solution can minimize downtime, prevent data loss, and get the systems restored quickly, whether the files are located on physical devices, in virtual environments, or the public cloud.