KnowBe4 Security Awareness Training Blog

Buyers of Facebook’s Libra Cryptocurrency are the Latest Target in Phishing Scams

Written by Stu Sjouwerman | Jul 31, 2019 7:25:57 PM

Scammers are impersonating Facebook to trick potential buyers of Facebook’s new cryptocurrency into parting with their money.

Last month, Facebook announced the release of Libra, its own cryptocurrency, scheduled for public launch in the first half of 2020. Cybercriminals are wasting no time purporting to be Facebook or an affiliate official outlet of Libra currency on both Facebook, and on the web.

Facebook has already taken steps to remove any accounts, pages, or groups involved in these scams, but sites outside of Facebook have also popped up in an attempt to scam potential investors and buyers into providing credit card details.

These scams are well-executed in that they meet two very important criteria:

  • They look legitimate – impersonation of Facebook, or its’ digital wallet company, Calibra is used. From logos, to account/group names, to domains, scammers work to make sure the page the potential victim interacts with establishes credibility.
  • They create urgency – creating an emotional connection between the victim and the scam is critical to success. Offering up an easy means to purchase Libra before it’s publically available seems like a great way for a cryptocurrency investor to make some money by buying now – and, therefore, creates the urgency to motivate them to act.

While these scams intend of stealing money, they can just as easily be used to infect computers with malware, ransomware, or remote access trojans onto corporate machines. Educating users with Security Awareness Training is key to create a vigilant user that won’t fall prey to scams like this. Users that understand the power of the illusion of legitimacy found in scams are less likely to become a victim, strengthening the organizations security stance.

Organizations concerned about impersonation attacks against their own domain can try our new free look-alike domain tool, Doppelgänger. This tool identifies look-alike domains that can be used as part of phishing assessments to make sure your own employees are both aware of look-alike domains and don’t become victims because of them.

Our NEW Domain Doppelgänger tool makes it easy for you to identify your potential “evil domain twins” and combines the search, discovery, reporting, and risk indicators, so you can take action now.

Better yet, with these results you can now generate an online assessment test to see what your users are able to recognize as “safe” domains for your organization. You then receive a summary of the test results to understand how security-aware your users are when it comes to identifying potentially fraudulent or phishy domains.

With Domain Doppelgänger, you can:

  • Search for existing and potential look-alike domains
  • Get a report with aggregated results that includes risk indicators, and
  • Generate an online “domain safety” quiz based on the results to administer to your end users

This is a complimentary tool and will take only a few minutes. Domain Doppelgänger helps you find the threat before it is used against you.

Find your look-alike domains here:

 

Don't like to click on redirected buttons? Copy & paste this link into your browser: 

https://www.knowbe4.com/domain-doppelganger