SMS fraudster stole Bitcoin following what happened to a victim on Hodl Hodl platform
These types of scams are also known as phishing. Phishing is the act of attempting to acquire personal information such as passwords and details by masquerading as a trustworthy entity in an electronic communication. Short Message Service (SMS) is the technology used for text messages on cell phones.
This accident happened on June 2 was reported by a Reddit user. According to the victim, he was about to sell out his Bitcoin savings. Via the HodlHodl platform, he found a buyer willing to buy the Bitcoins at a higher price. Because of the sudden Bitcoin price slip, the price appears to have been higher than the going market rate at the time.
The buyer offered to use the Revolut app to make the trade, asking for the seller`s phone number to make the payment. The victim then received a realistic-looking SMS that supposedly came from the Revolut app, mentioning that the transfer was pending, and would be done in a few hours due to “locational differences”.
The SMS came from the same identifier that sent two-factor authentication codes earlier so it seemed totally genuine at first. While the seller did not see any money being sent on the Revolut app, the scammer then successfully pressured the victim into releasing his BTC from escrow.
The victim pointed out that Revolut told him that the SMS did not come from them, while the merchant platform HodlHodl refused to provide any additional data that could help catch the attacker. According to the victim, the HodlHodl platform answered the requests by saying, “We do not provide any information about our users to anyone but them. You can contact your bank and find out all the details”. However, no transactions were actually made in this case making it impossible to be traced via the victim`s bank.
SIM-based scams getting more common
Recognizing phishing attacks are usually not difficult, but the ability to spoof official addresses can give them added credibility. SIM tricking is relatively easy to perform and very difficult to discover, though the specifics may differ from a country to another. The network carriers are nevertheless able to understand where the spoofed SMS actually comes from.
Mobile networks are also vulnerable to a more serious attack called SIM swapping. This is usually done by tricking customer support into swapping phone numbers with a different network provider, though there are several other methods.
Scams related to the coronavirus pandemic are also on the rise. Phone calls and text messages claim to offer a cure or test kits, but what the scammers are really after is your personal information.
HodlHodl: is a P2P cryptocurrency exchange that allows users to trade directly with each other and it doesn’t hold user funds – locking it in multisig escrow instead – which minimizes the possibilities of cryptocurrency theft and reduces trading time.
Reddit: Essentially, it’s a massive collection of forums, where people can share news and content or comment on other people’s posts
Revolut: Revolut Ltd is a British financial technology company headquartered in London, the United Kingdom that offers banking services. It was founded in 2015 by Nikolay Stronosky and Vlad Yatsenko.
SIM-swap: (also known as a port-out scam, SIM splitting, and sim jacking, SIM swapping) is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.
BlockFi: provides the wealth management products crypto investors need, all powered by blockchain technology.