Dr. Anders Apgar was out for dinner last month with his family, and his phone would not stop buzzing. It looked like a robocall, so he tried to ignore it.
But the calls would not stop. Then his wife’s phone also started to ring.
“When she picks it up, a banner came across, a notification that says, ‘Your account’s in jeopardy,’” he said.
The warning, which he said was a text message, prompted him to pick up his phone. That was when the couple’s nightmare started.
It’s the kind of nightmare many crypto account holders around the country are facing as hackers target a boom in the industry, cybersecurity experts said.
The Apgars, who are both Maryland-based obstetricians, began investing in cryptocurrency several years ago. By December, their account had grown to about $106,000, mainly held in bitcoin. Like millions of investors across the country, their account is with Coinbase, the country’s largest cryptocurrency platform.
When Apgar picked up the phone, a female voice said, “Hello, welcome to Coinbase security prevention line. We have detected unauthorized activity due to failed log-in attempt on your account. This was requested from a Canada IP address. If this (is) not you, please press 1, to complete precautions recovering your account.” The call lasted just 19 seconds.
Alarmed, Apgar pressed 1.
He said he cannot remember if he manually entered his two-factor authentication code or if it came up automatically on his screen. But what happened in that moment led to his account being locked in less than two minutes. As Apgar has not regained access, he said he assumes the fraudsters stole most if not all of the crypto, but he can’t be sure.
“It was just dread and an emptiness of just, ‘Oh my gosh, I can’t get this back,’” he said.
The Apgars were targeted by a particularly insidious type of fraud that takes advantage of two-factor authentication, or 2FA. People use 2FA, a second level of security that often involves a passcode, to safeguard a range of accounts at crypto exchanges, banks or anywhere else they carry out digital transactions.
But this new type of fraud goes right at that 2FA code, and it uses people’s fear of their accounts being hacked against them. In taking action they think will protect them, they actually expose themselves to thieves.
The fraud tool is called a one-time password, or OTP, bot.
A report produced by Florida-based cybersecurity firm and CNBC contributor Q6 Cyber said the OTP bots are driving substantial losses for financial and other institutions. The damage is hard to quantify now because the bot attacks are relatively new.
“The bot calls are crafted in a very skillful manner, creating a sense of urgency and trust over the phone. The calls rely on fear, convincing the victims to act to ‘avoid’ fraud in their account,” the report said.
[…] Read original article […]
IT WOULD BE RESPONSIBLE JOURNALISM TO EXPLAIN TO PEOPLE THE DIFFERENCE BETWEEN EXCHANGES AND PLATFORMS VS. A BTC BLOCKCHAIN AND PERSONAL VAULT. PAINTING “CRYPTO” WITH A SINGLE BRUSH CREATES DOUBT IN THINGS HAVING NOTHING TO DO WITH THIS REPORT.
You can do all that and more on your own website. Our editorial content is our business, not yours.
Yea but there is a clear distinction between online crypto platforms and hardware wallets. Its like saying we need a cashless society because all cash spreads covid; as if there’s no way to safety handle cash without disease spreading. The same is true for crypto and for someone who’s business model is based around warning people about upcoming trends, it would behove you to at least give a more accurate presentation of the facts. If your whole perspective is “ALL NEW TECH IS EVIL” then you’re no better than the mainstream media who only report half truths while ignoring facts… Read more »
Sorry to disappoint but I did not write this article and attribution is clearly noted, so quit your carping. If you don’t like what they wrote, then go find them and complain. You obviously know nothing about me or Technocracy.news. There is no perspective here about “all new tech is evil”. You are now coming on like a troll, making an untrue accusation and then shaming as if it were true.
But you did post a comment from the TN Editor. “In time, people will call for central banks to provide security.” This comment is a bit unfounded, central banks are the problem, as you know, so why not educate users on security. You don’t get better security than Bitcoin and some other cryptos (not all mind you). Not even central banks can provide the level of security on Bitcoin. This article is CNBC, these media companies are clearly attacking crypto on any angles they can get, they try to scare people instead of educate. Technology is a tool, can be… Read more »
Daryl – dude, you are so lost in the weeds that you will never understand Technocracy, much less the content on this site. Read my books. Listen to my interviews. Read my articles. Come back when you are done.
[…] Read More: Poof, It’s Gone: Hacking And Draining Cryptocurrency Accounts […]
Well i guess if your using platforms you dont really understand this sort of thing can happen. Coinbase doesnt ring you much like a bank doesnt ring you with automated security messages nor does amazon or the tax office. Plenty of scambaiter youtubers who fulltime expose and take down these groups . My phone daily has scammers try many different angles to get my funds.
[…] Poof, It’s Gone: Hacking And Draining Cryptocurrency Accounts […]