Proofpoint researchers found that threat actors have been leveraging various phishing attack techniques to facilitate cryptocurrency theft, ZDNet reports.
One million extortion emails, most of which involve cryptocurrency payments, are being averted by Proofpoint daily. Attackers have been launching credential harvesting attacks aimed at stealing usernames and passwrods, as well as deploying extortion attacks that threaten to blackmail victims should they not provide payment. The report also showed the prevalence of phishing emails using worthy causes as lures. More business email compromise attacks have also involved the use of cryptocurrency payments, according to Proofpoint, which reported an incident that entailed an urgent payment requirement for a supposed business acquisition agreement. "Cyber criminal threats to cryptocurrency are not new, however as the general public experiences growing adoption of cryptocurrency, people may be more likely to engage with social engineering lures using such themes," said Proofpoint Vice President of Threat Research and Detection Sherrod DeGrippo.