The Cybersecurity and Infrastructure Security Agency (CISA) alerts crypto investors to a surge in impersonation scams, urging public vigilance and outlining preventive measures to protect against these threats.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a significant increase in impersonation scams targeting cryptocurrency investors. This alert, released on June 12, emphasizes the growing threat posed by scammers, who often use the names and titles of government employees to deceive their victims.


CISA's Alert on Impersonation Scams

CISA's alert clarifies that its staff will never request money transfers, whether in cash, cryptocurrency, or via gift cards. The agency advises that if you suspect you are being targeted by an impersonation scammer claiming to be a CISA employee, you should not make any payments. Instead, note the phone number of the caller, hang up immediately, and validate the contact by calling CISA directly.


The Growing Threat of Crypto Scams

Phil Larratt, director of investigations at Chainalysis, addressed the rising threat of scams in the crypto ecosystem in a response to Cointelegraph. Larratt noted that scams continue to be a major issue, generating at least $4.6 billion in revenue in 2023. Impersonation scams had a particularly severe impact, with an average payment size of $948, according to the Chainalysis 2024 Crypto Crime Report.


Preventive Measures and Public Education

Larratt emphasized the importance of public education as the first line of defense against large-scale scamming. He pointed out that once cryptographic assets are transferred to a third party, control of those assets is lost without access to the private keys.


Prominent Scam Tactics: Approval Phishing and Crypto Drainers

Among the various impersonation scams, Larratt highlighted two prominent tactics: approval phishing and crypto drainers.


Approval Phishing

Approval phishing scammers have historically targeted a broad range of crypto users by proliferating fake crypto apps. This tactic has been adopted by romance scammers, also known as pig butchering scammers, resulting in significant financial losses for victims.


Crypto Drainers

Crypto drainer operators often promote their fraudulent Web3 sites within Discord communities and on compromised social media accounts. These operators entice victims to connect their crypto wallets to the drainer site. Using approval phishing techniques, they trick victims into approving transaction proposals that grant the scammers control of the funds inside the wallet.


Recommendations for Enhanced Security

Larratt stressed the importance of implementing protective security measures for Web3 projects and users to combat these scam tactics. He recommended the use of Web3 security extensions to help safeguard against these threats.


The rise in impersonation scams targeting crypto investors highlights the need for increased vigilance and proactive measures to protect digital assets. CISA's alert and the insights provided by Chainalysis underscore the importance of public education and robust security practices in mitigating these threats. As the crypto ecosystem continues to evolve, staying informed and adopting best practices for security will be crucial in safeguarding against these sophisticated scams.


(JOSH O'SULLIVAN, COINTELEGRAPH, 2024)