On June 12, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about a rise in impersonation scams often involving the names and titles of government employees.
The alert emphasized that CISA staff will never request money wiring, “cash, cryptocurrency, or use gift cards.”
“If you suspect you are a target of an impersonation scammer claiming to be a CISA employee, do not pay the caller; take note of the phone number calling you; hang up immediately, [and] validate the contact by calling CISA.”
In response to written questions from Cointelegraph, Phil Larratt, Chainalysis’ director of investigations, highlighted that scams “continue to be a major threat to the [crypto] ecosystem at large.”
Larratt noted that scams remain significant drivers of cryptocurrency-based crime, generating at least $4.6 billion in revenue in 2023.
“Impersonation scams, in particular, had the fourth-worst impact on victims in 2023 based on an average payment size of $948, as we found in our Chainalysis 2024 Crypto Crime Report.”
Addressing prevention, Larratt emphasized the importance of public education as a first line of defense against large-scale scamming: “This is critical because once crypto assets are transferred to a third party, there is no longer control of that asset without the private keys of the third party’s funds.”
READ MORE: MicroStrategy Announces $700 Million Debt Offering to Fund Additional BTC Purchases
Larratt detailed two prominent scam tactics among fake Federal employee impersonation scams: approval phishing and crypto drainers.
“Approval phishing scammers have historically targeted wide swaths of crypto users through the proliferation of fake crypto apps.”
This method has been adopted by romance scammers, also known as pig butchering scammers, resulting in substantial losses.
“[Crypto drainer operators] often promote their fake Web3 sites in Discord communities and on compromised social media accounts […] enticing victims into connecting their crypto wallets to the drainer and then using the approval phishing technique to trick the victims into approving transaction proposals that grant the operator control of the funds inside the wallet.”
Larratt concluded by stressing the importance of implementing protective security measures like “Web3 security extensions” for both Web3 projects and users to combat these scam tactics effectively.
To submit a crypto press release (PR), send an email to sales@cryptointelligence.co.uk.