Bi.Zone Brand Protection platform specialists talked about a new fraudulent scheme aimed at for users of cryptocurrencies from Russia. The number of identified cases of the crypto scheme’s use is already in the hundreds.

The mechanism of the fraudulent scheme consists of two stages. First, a victim is contacted by a fake representative of a recruitment agency. The representative claims to be looking for clients for a partner and offers a potential investor a lucrative partnership. Then, a “partner” of the agency contacts the victim from another account, presenting themselves as a specialist in working with the largest crypto exchange, Binance. They provide a detailed description of a passive income process similar to a bank deposit, where a deposit is made and interest is earned. To participate, the victim is asked to install the Trust Wallet cryptocurrency wallet app and one of the crypto exchanges, such as MEXC or Bitget.

After registration and deposit of funds, the scammers create an account on Binance using the victim’s email address. Once the victim receives the link in the email, they confirm their connection to the account, granting the attackers access to their funds. The criminals deliberately emphasize the lack of Binance’s presence in Russia, using it as a means to gain the victim’s trust and persuade them to fund their cryptocurrency wallet.

Marat Khamidullov, the head of the blockchain development team at Axiomica, also reported on the emergence of the “HR agency – Binance client – interest-bearing deposit” link. According to him, cases of payment address spoofing and so-called “refund traps” have become more frequent: they send a couple of dollars and then demand the return of a “mistaken” thousand, relying on the client’s carelessness. In addition, there have been cases of fake tokens and attempts to deceive users through fake technical tasks and “test transactions,” which give attackers extensive control over users’ wallets and accounts.

Fedor Ivanov, Director of AML/KYT Analytics at Shard, confirmed that the number of fraudulent activities has increased as the value of Bitcoin has risen. This has also led to an increase in the number of fake domains that mimic real websites. According to Dmitry Kiryushkin, the head of the Bi.Zone Brand Protection platform, since October 1, 39 suspicious resources containing cryptocurrency-related terms in their names have been registered in the .ru domain zone. In September, 222 such sites were identified.

Kirill Levkin, a project manager at MD Audit (Softline Group), noted that popular methods of deception include pseudo-investment platforms with fake interfaces, where users are shown “increased profits” but cannot withdraw their money. Mass mailings on behalf of exchanges, banks, and payment systems asking users to confirm their accounts or unfreeze their funds are also on the rise. Social engineering attacks through messaging apps have become more common, with scammers pretending to be acquaintances, company employees, or customer support representatives. Deepfake calls and fake media pages are often used to make the attacks more convincing.

Earlier, Dmitry Kirillov, a lawyer and advisor at Lidings, said that legal restrictions force Russian drivers who want to buy a car with cryptocurrency to turn to intermediaries for help. However, such transactions are extremely risky: crypto assets can be stolen, and the car may not be delivered.

Leave a Reply