Within twenty-four hours of Facebook’s announcement of its new Libra cryptocurrency and Calibra digital wallet, more than three-hundred sites were registered with domain names associated with the words “Libra” and “Calibra,” according to researchers at Digital Shadows. The researchers examined these sites and found that while most of them are currently empty, some are already hosting active scams.
One of the sites copied the real Calibra site very convincingly, and replaced the words on a “Get Started” button with “Sale Libra Currency.” This button takes users to a page that offers to exchange Ethereum cryptocurrency for Libra with a 25% bonus. Since Libra isn’t slated to launch until next year, the scam doesn’t specify where exactly the converted currency will be stored, but the researchers note that the scammer’s Ethereum wallet has already received $58.
Another site was more ambitious, offering early access to Libra on a Virtual Private Service for several hundred dollars. After victims hand over their money, the scammers walk them through the process of accessing their new server, which involves opening a Remote Desktop Connection and entering an IP address, a username, and a password. This gives the attackers the ability to do whatever they want on the victim’s computer.
Digital Shadows emphasizes the announcement of a new, extremely high-profile cryptocurrency that hasn’t launched yet has created a perfect opportunity for scammers to exploit people who want to make an early investment in the next big currency. New-school security awareness training can help employees resist these types of scams by teaching them the signs to watch out for.