Cybersecurity company, Kaspersky, has come out to warn that criminals are targeting those interested in crypto mining across the African continent.
The top 3 largest target markets by crypto cybercriminals are in East Africa.
In a blog post, the company has revealed that since 2021, it has detected more than 1,500 fraudulent global resources targeting people interested in crypto mining.
The company also noted having prevented more than 70,000 attempts by users to visit the fraudulent sites.
The firm consequently revealed the most common schemes that are used to lure users:
Creating fake cryptocurrency exchange websites – In this case, the user is allegedly given a coupon for replenishing an account on a crypto exchange. However, to use it they must carry out a verification payment of usually no more than 0.005 Bitcoin (about 200 US dollars), which becomes the cybercriminals’ profit
Sending messages about fake sales of video cards and other equipment for mining – To purchase equipment, the user needs to make an advance payment. After providing it, the author of the ads stops communicating
Creating phishing pages with various content to steal private keys, which allow cybercriminals to gain access to all digital assets associated with a crypto wallet
Crypto cybercrime threat level as a percentage of total users in Africa is as below:
Ethiopia – 3.68%
Rwanda – 3.22%
Kenya – 0.85%
Nigeria – 0.71%
South Africa – 0.60%
According to Bethwel Opil, a Kaspersky representative for Africa:
“Although these percentages may be interpreted as low and may not seem significant to users, crypto-miner malware has been identified as one of the top 3 malware families rife in South Africa, Kenya and Nigeria at present, which we believe emphasizes that as cryptocurrency continues to gain momentum, more users will likely be targeted.”
– Kaspersky, Africa
Kaspersky has also revealed that criminals commonly target sites based on popular domains, like .com, .net, .org and .info.
Sites with cheap internet domains like .xyz, .site, .online, .top, and .club are also commonly targeted.
Kaspersky notes that criminals are taking advantage of the high interest in cryptocurrencies and are using tactics such as flooding their fraudulent sites with a lot of information. Some of this information includes the latest crypto prices pulled from data and news sites.
A common tactic is also to ask users for an advance payment in crypto or fiat before the delivery of a service or good.
The cybersecurity firm has provided a list of recommendations that both users and investors can have with them to protect against malicious cybercriminals.
Do not follow dubious links from letters, messages in messenger apps, and social networks
Be critical of extremely generous online offers
Download applications from official stores only
Use a security solution that protects against phishing, scams, and prevents the installation of malicious applications
Take extra precautions before purchasing a product in an online store if the company is unknown. It is better to study on special WHOIS-sites information first about how long the domain has existed and who its owner is – If it is completely fresh and registered to a private person, you should not purchase from them