Facebook Thieves Are Emptying Bank Accounts for Bitcoin

Pinterest

Cybersecurity research group BadCypher recently uncovered a clever, unusual trick Polish thieves are using to empty Facebook users’ bank accounts and turning their funds into bitcoin so they won’t get caught.

Get exclusive analysis of bitcoin and learn from our trading tutorials. Join Hacked.com for just $39 now.

According to the report, the hackers rely on well-known phishing and social engineering techniques, such as emailing someone an attachment with malware in it, to take over their Facebook account. Since most Facebook users don’t even bother using two-factor authentication (2FA), the takeover is relatively easy.

Once they control the account, the hackers then examine message logs to find those close to the initial victim. Then, posing as the original account owner, they ask for a small amount of money to be wired to them. Requests are kept to small amounts, as asking for a large amount would surely prompt questions and a phone call that would reveal the user has been hacked.

As soon as the person agrees to wire the money, they are sent a spoofed link to cloned versions of popular payment provider websites. These are popular in Poland, as they have contracts with banks that allow users to shop online without the use of a credit card.

The victim enters his bank account information on the cloned version of the website, and is then sent a code via SMS, in order to confirm the small transaction. So far, only a few dollars have been stolen from the victim, but the scam doesn’t end here.

Emptying Bank Accounts for Bitcoin

The thieves managed to guarantee the SMS message sent to the victim only asks the user to confirm that one transaction, even though it actually grants them access to transact as much as they want to without additional SMS code confirmations.

They do this by asking for the approval of so-called “trusted transfer” accounts, which the user unknowingly approves when he enters the SMS code that approves the original transaction. Banks usually allow these trusted accounts for the sake of usability.

With permission to transfer as much as they want to, the thieves then transfer everything the victim has into a bank account they will then use to buy bitcoin, or directly buy bitcoin using the victim’s bank account. The thieves usually create a regular transfer pattern to Polish bitcoin exchanges they use to buy the cryptocurrency, so everything looks fine on the bank’s side. Experts estimate it takes 15 minutes to turn everything the victim’s bank account has into bitcoin.

These attacks are rather complex, and as such hard to detect and prevent. So far reports suggest attacks only occurred in Poland, but they can easily spread. According to BadCypher:

Only vigilant fraud detection departments equipped with proper detection mechanisms can handle those attacks properly. Fortunately for the victims those scenarios don’t scale well, but a handful of attempts can be noted in one evening.

Featured image from Shutterstock.

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Comments

comments

Filed in: Mainstream Bitcoin Tags: ,

You might like:

Bitcoin and Ethereum fall amid profit taking Bitcoin and Ethereum fall amid profit taking
Bitcoin, Ether Lead Digital Currency Slide From Highs Bitcoin, Ether Lead Digital Currency Slide From Highs
Bitcoin Price Analysis: Bear Run Shows No Decrease in Momentum Bitcoin Price Analysis: Bear Run Shows No Decrease in Momentum
What Is Bitcoin's Elusive Intrinsic Value? What Is Bitcoin's Elusive Intrinsic Value?
European Banks Select IBM Blockchain for Small Business Trade Finance European Banks Select IBM Blockchain for Small Business Trade Finance
Blockchain Research Lab to Combat Financial Fraud in Shenzhen Blockchain Research Lab to Combat Financial Fraud in Shenzhen
Crypto Correction: Bitcoin and Ether Dive as Market Sheds $13 Billion Crypto Correction: Bitcoin and Ether Dive as Market Sheds $13 Billion
Barclays Discusses Bitcoin-Like Cryptocurrencies with UK’s Financial Regulator Barclays Discusses Bitcoin-Like Cryptocurrencies with UK’s Financial Regulator
© 2017 Virtual Mining Bitcoin News. All rights reserved. XHTML / CSS Valid.
Email
Print