Jameson Lopp, co-founder of CasaHODL, recently brought attention to a new phishing scam that is targeting Gemini users. The scammers are using a fake data breach notice to deceive users into transferring their funds to malicious actors. The notice falsely claims that Gemini has partnered with Trust Wallet to protect users’ funds following a security breach on their backend storage servers. This deceptive tactic preys on users’ fear of losing their assets and prompts them to transfer funds to a wallet controlled by the scammers.
Yu Xian, founder of SlowMist, highlighted that phishing scams involving mnemonic phrases are not a new phenomenon in the crypto industry. These scams rely on the low cost of sending fraudulent emails, often using leaked data from the dark web. Xian emphasized that these scams pose a persistent threat to the industry, particularly for users who rely on third-party custody platforms. The ease of executing these scams and the potential for financial gain make them appealing to malicious actors.
Psifour, a developer for Taproot Wizard, suggested that raising awareness about such scams could help prevent newcomers from falling victim. By educating users about the risks associated with transferring funds based on unsolicited emails, the industry can protect vulnerable individuals from financial losses. Gemini has acknowledged the phishing attempt and advised users to exercise caution. This incident underscores the need for increased user vigilance and security measures in the face of evolving phishing tactics.
Phishing scams have become a growing concern in the crypto industry, resulting in substantial losses for users. According to blockchain security firm Scam Sniffer, crypto phishing scams led to $63 million in losses for 9,145 victims in August alone. Despite a decrease in the number of victims, there was a significant increase in stolen funds, indicating the rising sophistication of phishing attacks. This trend underscores the importance of implementing robust security measures and enhancing user awareness to combat the growing threat of phishing scams in the industry.