The National Fraud Intelligence Bureau (NFIB), a branch of the UK police focused on fraud and financial cybercrime, has taken action against fraudulent activity by blocking 43 web domains associated with fraudulent schemes. Metropolitan Police Interim Commissioner Pete O’Doherty disclosed that the NFIB uncovered a spoofed email address masquerading as the legitimate cryptocurrency platform Blockchain.com. Upon investigation, authorities identified an additional 42 domain names, including "actionfraud.info" and "department-fraud.com," and swiftly blocked them to prevent further deception.
Emphasizing the importance of reporting cybercrime through official channels, the NFIB encourages victims to utilize designated hotlines. In December 2023 alone, nearly 300,000 malicious websites were taken down based on user reports. Among the fraudulent schemes, phishing attempts continue to be prevalent, with tactics ranging from falsely claiming recipients have won prizes to impersonating reputable cryptocurrency services. For instance, hardware wallet manufacturer Trezor recently disclosed a security vulnerability that compromised the data of 66,000 users, leading to phishing attempts targeting crypto wallet access.
In a notable incident, a widespread phishing campaign targeted numerous cryptocurrency investors, with fraudsters impersonating prominent Web3 companies. On January 23, the crypto community identified a phishing attack promoting fake token airdrops, falsely attributed to entities such as Cointelegraph and WalletConnect. Investigations later revealed that the phishing campaign stemmed from a vulnerability in the operations of email marketing provider MailerLite. The breach occurred when a team member inadvertently clicked on a fraudulent link, granting unauthorized access to MailerLite's administrative panel.
As a result of the breach, hackers exploited compromised Web3 accounts, leading to significant financial losses. Blockchain analytics firm Nansen reported that the attackers' primary wallet received inflows totaling at least $3.3 million following the phishing attack. This incident underscores the persistent threat of phishing in the cryptocurrency ecosystem and highlights the importance of robust security measures to safeguard against such malicious activities.
