Calls under the guise of helping you withdraw cryptocurrencies (Hello, we found bitcoins in your account!)
The National Cyber Security Response Centre (SI-CERT), as part of its Safe on the Internet programme, warns of online fraud that leads to complete control over a user's computer, phone and bank account. Fraudsters call by phone with the promise of withdrawing forgotten funds at a crypto exchange. The purpose of the scam is to steal all available money from the victim's bank account.
This is yet another fraud under the pretext of high profits in cryptocurrency investments, which is also being highlighted by the Slovenian police. As they point out, by 15 September this year, they had dealt with around 240 cases, with a total damage of around €6.2 million!
Fraudsters call and introduce themselves as being from Blockchain (a perfectly legitimate company in the field of crypto-finance), either by phone or through instant messaging apps such as Viber or WhatsApp. They claim to have found forgotten bitcoins, which they can now transfer to our bank account or convert into real money. The call may come from an unknown foreign phone number or from a Slovenian mobile operator number, which is usually spoofed.
They offer to help us arrange everything on our behalf, which requires access to a computer and a phone. The victim is then guided to install programmes that give the attackers remote access and, as a result, full control over the computer and phone. They then create a user account in the victim's name on one of the legitimate crypto exchanges (e.g. Binance, Coinbase, KuCoin) where they are supposed to transfer the forgotten funds. However, as they are supposed to need credit card details for the transfer, they also require these or, in most cases, they also want full access to the online bank.
By gaining full control of the victims' e-banking, the perpetrators can make transactions between accounts they have access to at the same time. At this point, the Slovenian police warn that the funds that the victim receives in his/her account do not represent cryptocurrency profits, as falsely portrayed by the fraudsters, but money from another victim who has been caught up in the same fraud. As they say: "If you withhold these funds, withdraw them in cash or transfer them to another account, thereby disguising their origin and preventing the return of the funds to the victim, you may be committing a money laundering offence."
If you receive a call from fraudsters
If you receive such a call, hang up immediately. In the experience of the SI-CERT Response Centre experts, scammers can be very persistent and call for several days in a row from different phone numbers, especially if you have ever answered their call. It is best to ignore them as they usually stop calling after a few days.
In any case, it is always a red alert if someone asks you to install software that allows remote access, access to an online bank or credit card details. A legitimate representative of any company will never ask for this!
The Safer Internet website (https://www.varninainternetu.s...) explains in detail what to do and where to go if you are a victim of this type of fraud.
For further information you can contact press@cert.si