The price of a single Bitcoin passed that of an ounce of gold for the first time this month, and scammers were quick to get in on the action with Ponzi schemes and phishing sites spread via social media.
Victims are lured in with fake Bitcoin wallets, fake Bitcoin search services, fake surveys about Bitcoin, too-good-to-be-true money making offers, and classic pyramid scams now dressed up with Bitcoins, according to a report released this week.
“The same characteristics that make Bitcoin attractive to people who want to make money distributing ransomware make it attractive to scammers,” said Philip Tully, senior data scientist at security vendor ZeroFox, which published the report.
Those characteristics are that it’s decentralized, anonymous, and irreversible, he said.
“When people have Bitcoins taken from their wallets, there is no one to complain to,” he said. That’s not the case with traditional payments. “With a bank, a lot of banks will let you immediately stop transfers and compensate you for lost value.”
This makes Bitcoin extremely attractive for a wide variety of scammers. And when the scams are deployed via social networks, they have the potential to reach large numbers of people quickly.
But people who fall for one of these scams don’t just lose their own money, and possibly, the respect of their friends. They also lay the groundwork for potential future infections — infections that could do harm to the companies where they work.
For example, scams that take users to phishing sites could also then install malware on employee computers.
“And now you have corporate data that’s at risk,” said Evan Blair, co-founder and chief business officer at ZeroFox.
Companies also need to keep an eye on these scams in order to protect their own reputations.
Scammers will sometimes try to leverage existing brand names. For example, they might claim that a particular too-good-to-be-true Bitcoin promotion comes from a well-known bank.
Brands that are already experimenting with Bitcoins are particularly vulnerable, since the scammers can use that legitimate activity to give their scams a bit more credibility.
Companies can protect their employees from these kinds of scams through user education, and through blocking malicious sites. They can also report the scams directly to the social media platforms.
However, it can be hard to keep up, since scammers can use templates to generate these websites.
“For every one Instagram was taking down, three new scams created,” said Blair. “It’s an exponential curve.”
Plus, it can take days, weeks, or month to get a social media site to remove a scammer from its network.
“If you do it manually, it ends up in a massive queue,” he said.
The way ZeroFox addresses the problem is with direct connections to the major social networks, he said.
“We build out strong relationships, they know the quality of content we produce, we have a consistent format,” he said. There are also APIs in place for faster remediation of malicious content, he added.
ZeroFox finds the scams through both automated searches on the social networks and with dedicated researchers who go out to the social networks to find new types of scams. Once a new scam is identified new search rules go into effect in less than an hour to help the company find all examples of similar scams.
“It’s a fast turnaround, responsive to the fast-changing nature of social media,” said Tully.
The data is also available for enterprise customers to funnel to their network security systems, such as Palo Alto firewalls.
“To my knowledge, this is the first time a security vendor can offer protection for Bitcoin scams that happen on social media,” he said.