Phishing campaign against Italian users of Crypto.com

The Threat Intelligence Team of D3Lab in the analysis and fight against online fraud detected on March 3 the creation of a new Ad Hoc domain containing a phishing site against Italian users of Crypto.com.

Crypto.com is a cryptocurrency exchange app based in Singapore. The app currently has 10 million users and 3,000 employees. {Wikipedia}


The campaing spread through the creation of a new Ad Hoc domain and text messages (smishing) asking to the victim their email, password and phone number

And finally warn the victim that there was an error and they will be contacted. Probably a telephone contact, as much used in the last two years by criminals towards Italian users.

Screenshots of phishing pages

Analyzing the DropZone (where criminals store stolen credentials) 24 hours after domain activation there are more than 20 unique victims.

Domains Email of the victims

The phishing kit analyzed is very similar to multiple phishing kits against Italian banks. It is likely that the same criminals are expanding fraud to other entities/sectors.

Finally, we always advise users to pay attention and never provide their personal information.

/da
Potrebbero interessarti
Phishing Verifica Green Pass
pagina fraudolenta Crédit MutuelPhishing aux dépens du Groupe Crédit Mutuel
Campagna di Phishing ai danni di Fideuram
console di monitoraggio del phisherPhishing con C2 per aggirare i token otp
Phishing ai danni di Unipol, in crescita nel 2016!
Phishing con presenza di files di log
Phishing ai danni di Deutsche Bank IT
Bonus 500€ anche per le famiglie? No, è Phishing ai danni di Poste!