Nikola Brežnjak blog - Tackling software development with a dose of humor
Miscellaneou$

Fireblocks Cryptocurrency Scams: A Real-Life Example

TL;DR

Beware of the crypto scams. Here I’m just sharing one that I just got from a site I never even heard of. Still not clear what could they do with my IBAN – assuming it’s just the first step in them trying to extract more info…

Anyways, stay careful 🤗

!TL;DR

The Email

Just so that this hopefully gets picked up by Google and people see it before it hits their email, I’m sharing the text of the email in full:

Dobar dan, I sam Monika Verbic, i predstavljam tvrtku Firebocks. Želim vas obavijestiti da imate neaktivan račun u našem sustavu koji je automatski otvoren 2019. godine.

https://blockchair.com/bitcoin/address/bc1q4cyj5ucd9xenehxyjjm24ycv84c44c4eyf50r8

Na taj račun je uplaćen bonus u iznosu od 250 eura koji ste dobili prilikom registracije. Nakon toga ste aktivirali sesiju automatskog trgovanja, a naš robot je obavljao trgovinske operacije na vašem računu tijekom 5 godina. Zahvaljujući rastu vrijednosti kriptovaluta u tom razdoblju, saldo vašeg računa trenutno iznosi 4670 eura.

Sesija trgovanja je završena, a prema pravilima naše tvrtke, registraciju je potrebno zatvoriti. Međutim, zatvaranje nije moguće dok na računu postoji pozitivan saldo. Zbog toga je potrebno prebaciti sredstva s ovog računa na vaš bankovni račun kako bi se registracija mogla uspješno zaključiti i izbjegli dodatni troškovi provizije.

Molimo vas da nam dostavite IBAN legalnog hrvatskog računa na koji želite primiti sredstva kako bismo mogli izvršiti prijenos. Ako imate bilo kakvih pitanja ili trebate dodatne informacije, slobodno mi se obratite u bilo kojem trenutku.

Hvala vam na suradnji!


Monika Verbic
Manager Fireblocks
https://www.fireblocks.com/

The crazy part? Someone who claimed to be Monika called me just before this email was sent (I hung up the phone as soon as the person started saying "you have a trading account with us…").

As crypto is becommoing more lucrative and even a household name, it’s not surprising that the scams are picking up in volume and also becoming increasingly sophisticated. Malicious actors continually find new ways to deceive unsuspecting victims. Recently, I received an email that’s a textbook example of a scam, and I want to share this experience to help you avoid falling for similar traps.

Too Good to Be True

The email, which claimed to be from a company called "Fireblocks," stated that I had an inactive account with a balance of 4,670 euros, earned through a supposed cryptocurrency trading bot. The message seemed professional and convincing at first glance, complete with links to a Bitcoin wallet and a seemingly legitimate website.

The twist? To "retrieve" the funds, they requested my IBAN (bank account information). This is a classic phishing technique—luring you in with promises of a large payout while stealing sensitive financial details.

Red Flags in the Email

  • I never signed up for such a service or company
  • Legitimate companies won’t ask for sensitive details like your IBAN over email.
  • Promises of free money are almost always scams
  • While the email included a link to a Bitcoin address and the company website, these are likely designed to create a false sense of legitimacy
  • Use of the letter "I" instead of "ja" in Croatian language
  • Misspelled name of the actual company
  • Use of a private Gmail account, instead of one coming from a company domain

How to Protect Yourself

  • Verify the Sender: Check the email address carefully. In this case, the address was from a generic domain, not an official company domain
  • Don’t Click on Links: Hover over links to see their true destination before clicking. Avoid clicking links in unsolicited emails altogether
  • Contact the Company Directly: If you suspect the email might be legitimate, visit the company’s official website and contact them through their verified channels
  • Enable Multi-Factor Authentication (MFA): Secure your accounts with MFA to make them harder to breach
  • Educate Yourself: Learn about common scam tactics to recognize them quickly

What to Do If You Receive a Scam Email

  • Do Not Respond: Never reply or provide personal information.
  • Mark as Spam: Flag the email to help your email provider filter similar scams.
  • Report It: Notify your local cybersecurity authority or anti-fraud organization.
  • Spread Awareness: Share your experience with friends and family to protect them.

Final Thoughts

Scammers rely on a lack of awareness to succeed. By staying informed and vigilant, you can avoid falling victim to their tactics. Remember, if something sounds too good to be true, it probably is.

If you’ve encountered similar scams or want to share tips for staying safe online, feel free to comment below!

Recent posts

Categories