Kaspersky Unveils New Facebook Phishing Scheme

Attackers now use the fake Facebook page to still users' funds
22 January 2018   3054

Kaspersky Lab experts told about a new phishing scheme aimed at holders of crypto-currencies, who are following favorite projects on Facebook. This scheme is more sophisticated than the "good old spam mailings" with a security alert or an offer to take part in the survey, for which it is suggested to follow the link with all the ensuing consequences.

As mentioned above, the new scheme is related to the features of the social network Facebook. The attacker creates a copy of the popular cryptocurrency community: it can be an exchange or a separate crypto-currency, with an address similar to the original one.

Next, the scammer from his new page sends out a notification to the subscribers of the original community, and he does it in a very intricate way.

In order to address the victim's address, they share her profile photo on their page and mark the user in this post.
 

Kaspersky Team

The fact is that the privacy settings of Facebook do not allow you to prohibit the distribution of the profile photo, which means that the notification will be guaranteed to all users, except for those who have disabled notifications from third parties.

This ends the originality of the method, and then uses the standard message that the lucky guy has allegedly won a nice amount in the cryptocurrency, for which he is invited to click on the link, after which he will leave his data.

In the example considered, the fraudster on behalf of the Kucoin exchange offered to receive 20,72327239 WAVES tokens.

New Facebook Fraud
New Facebook Fraud 

We recommend you to avoid visiting strange pages/websites and use two-factor authentication to protect your accounts.

Binance to Join Forces With IdentityMind

IdentityMind provides exchanges with ability to comply with KYC\AML worldwide
26 March 2019   86

Binance announced an agreement with IdentityMind, which will help it ensure compliance with regulatory requirements and improve data security.

IdentityMind provides cryptocurrency exchanges with access to the platform, thanks to which they can monitor compliance with customer identification and anti-money laundering requirements in real time. This includes connecting new customers, managing their profiles and monitoring transactions.

The partnership between Binance and IdentityMind further strengthens our compliance capabilities and our commitment to re-invest in the blockchain ecosystem and grow it. We continue to evolve and enhance security systems while adhering to regulatory mandates in the countries we operate in. The goal is to foster greater trust among financial institutions worldwide.
 

Samuel Lim

Chief Compliance Officer, Binance

Last year, Bloomberg wrote about the Binance user identification system as the least strict in the entire industry, and linked the “level of anonymity” provided by the exchange with the risks of money laundering and market manipulation.

In October, Binance entered into an agreement with a supplier of transaction analysis software on the blockchains Chainalysis, and in November with Refinitiv, which developed an automated solution for client verification.

Whether the ordinary users of the platform will feel the impact of the integration of IdentityMind tools on themselves, the exchange does not specify.