Source: gualtiero boffi – shutterstock
- One-time password bots have become quite common and cheap to acquire, and experts say that scammers are specifically targeting crypto owners.
- There are several reported cases of customer losing their accounts to scammers, with Coinbase clients being among the most common targets.
Scammers have been known to evolve quickly in order to keep preying on their victims, often finding the most innovative method to defraud their targets. The latest is using one-time password (OTP) bots to target cryptocurrency owners. Reports of several crypto account holders losing access to hundreds of thousands of dollars in BTC and other cryptos are spiking, with Coinbase clients being a popular target.
OTP bots are built to take advantage of the widely-used two-factor authentication (2FA) process that most exchanges, wallets, and even banks rely on to enhance security. The 2FA is a passcode that one receives via their mobile phone to authenticate that they are the owners of an account.
Criminals are targeting 2FA accounts with OTP bots, reports reveal. These criminals first collect information about their targets, such as whether they hold any crypto, where they store their crypto, and even the countries and/or state they reside in.
Once they have this data, they log onto the platform, say Coinbase, as the owner of the account. This triggers a 2FA passcode to be sent to the real owner of the account.
This is when the OTP bots strike. They call the owners incessantly telling them their account has been hacked and that they should give up the 2FA code they have received or risk losing all their crypto.
Related: Hackers steal $36M in BTC, ETH from IRA Financial Trust as blame game with Gemini starts
Bots use people’s fear of hackers to trick victims
This is exactly what happened to Dr. Anders Apgar, a Maryland-based obstetrician. He and his wife started receiving several calls one day at dinner from the OTP bots. The bots claimed to be from Coinbase and were investigating a security incident involving his account.
In a call that lasted just 19 seconds, a voice told him:
Hello, welcome to Coinbase security prevention line. We have detected unauthorized activity due to failed log-in attempt on your account. This was requested from a Canada IP address. If this (is) not you, please press 1, to complete precautions recovering your account.
They requested that he submit the 2FA passcode he had received, and as he later told CNBC, he felt obliged to as the voice on the other end of the line sounded quite official.
Once he submitted the passcode, the scammers took over his Coinbase account. The account had about $106,000 in BTC which he and his wife had been investing in for years, he revealed.
Such incidents aren’t isolated, security experts from Florida-based cybersecurity firm Q6 Cyber say.
The bot calls are crafted in a very skillful manner, creating a sense of urgency and trust over the phone. The calls rely on fear, convincing the victims to act to ‘avoid’ fraud in their account.
In a report, Intel471, another cybersecurity firm revealed that such bots are available widely, with some being sold on Telegram channels for as low as $300 a month.