“Get rich fast” scams have been circulating online for several years now. Some examples would be the classic Nigerian or 419 scams, lottery scams, and work-from-home scams. The stories may vary but the underlying premise is the same: get a large sum of money for doing something with little to no effort.
Scammers have now added a new topic to their roster of lures: the cryptocurrency Bitcoin. The continued rise and fall (and rise and fall and…) of Bitcoins has captured the interest of the media and the public. Certain events in the cybercriminal underground have also played a significant part in boosting the profile of this digital currency.
The fact that Bitcoin is being recognized as a legitimate form of currency with real-world value has not gone unnoticed by cybercriminals. We have seen different types of Bitcoin-related threats appear over the past years and now, we can add yet another incident to this roster.
We came across several spammed phishing messages that use Bitcoin as bait. These messages promise recipients that they can earn a large amount of Bitcoins in a short span of time, with one email promising up to more than US$23,000 in a single day. The emails encourage users to click the embedded link for more information.
Figure 1. Spammed message about Bitcoin
The links lead to a site that asks for details like name, address, and credit card information. The registration page appears to have no means of verifying the information; it accepts any data provided in the form fields. This type of behavior is very much typical of phishing sites, which aim to get as many credit card credentials as possible.
Figure 2. Phishing site
Scammers often use “get rich quick” schemes because these hold a certain appeal to users. After all, who wouldn’t want to get a large amount of money easily? However, these things are often too good to be true. We encourage users to refrain from opening emails and clicking links from unknown or unverified senders. Users should also do research before sharing personal information—especially those financially related—online with any site or service.
Trend Micro protects users from all related threats in this incident.