FBI, S Korean Police Bust International XRP Phishing Scam
Police in Seoul have arrested at least two people on suspicion of cryptocurrency-related fraud after a joint investigation with the American FBI.
The agencies say they unearthed a phishing scam that appears to have robbed South Korean and Japanese cryptocurrency investors of USD 800,000 worth of Ripple (XRP).
Per TV news station MBC, at least one of the two men arrested is described as an office worker. The man allegedly mastermind an email-powered sting that drew in 24 South Koreans and 37 Japanese investors.
Prosecutors said the man hired a 42-year-old programmer to create a fake Ripple exchange website. The mastermind then sent emails to Ripple users in South Korea and Japan, claiming their funds had been frozen. The email redirected Ripple users to the fraudulent site, where he was able to convince them to enter their IDs and passwords, which he then used to access their accounts. It is thought that the FBI became involved because the phishing site targeted users of Ripple, an American cryptocurrency.
The man is said to have transferred funds into Korean won via legitimate exchanges, and used the money to pay for accommodation in a luxury apartment complex and fund an extravagant lifestyle.
Per Joongang Ilbo, the suspect claims that he has spent all of the money and cryptocurrency holdings, and has nothing left over. The prosecution service said it would be hard for the victims to receive any compensation for their losses – largely because cryptocurrencies are not deemed to have any monetary value under South Korean law.
The men have been indicted on charges of cyber fraud and violations of the Information and Communications Networks Act.
Many of Japan’s major, government-licensed cryptocurrency exchange platforms are providing “insufficient” protection against phishing schemes, potentially allowing cybercriminals to compromise their users, according to a report published by the University of Tsukuba and investment management firm Nomura Asset Management in May.
While phishing emails are probably the most common attempt to steal user credentials, fake exchange websites have become another popular tool for hackers to gain access to cryptocurrency investors’ funds.
When typing the name of an exchange into Google, you will regularly see exchanges listed on the top of the search results as ads. What is not always clear, however, is that some of these ads have been taken out by hackers and will lead you to a website that looks almost the same of the original exchange website but has the sole purpose of stealing your login credentials to then steal your funds on the actual exchange.
Google has started to crack down on these type of ads, but new fake exchange websites are still being discovered on a regular basis.