Hang Up if Your ‘Crypto Exchange’ Calls Asking for Your Login Data, the FBI Warns

The FBI is warning cryptocurrency holders to keep watch for scams impersonating exchange employees asking to provide login information.

The agency’s public service alert, issued Aug. 1, clearly details the ruse scammers typically use to obtain access to crypto wallets and transfer the funds to their own pockets:

• The scammer contacts the victim via an unsolicited call or message and pretends to be a cryptocurrency exchange employee
• The scammer conveys a sense of urgency and may claim there is a problem with the victim's account, or someone is attempting to compromise it
• The scammer claims the victim must safeguard their account by providing login information, clicking on a link, or providing identification information
• The scammer obtains access to the victim's account and steals the cryptocurrency

Hang up!

The feds urge players in the crypto market to resist the impulse of cooperating with the voice on the other end of the line.

“If you receive a call or message indicating any kind of account problem or compromise, do not respond, even if it appears official and indicates you must act immediately,” according to the notice.

If you find yourself in this situation, hang up and call the cryptocurrency exchange's official phone number to check whether there’s a problem, says the agency. Do not use any link provided by the caller, the alert adds. Instead, navigate to the official cryptocurrency exchange website yourself, using the official URL.

Most importantly: “If anyone asks for your account log-in information at any point, do not provide it.”

As a rule of thumb, avoid clicking links, downloading files or opening attachments in unsolicited messages. And be cautious of services that claim they can recover lost cryptocurrency funds. The alert offers additional information on recovery schemes at IC3 PSA Alert Number I-081123-PSA.

Crypto scams on the rise

Crypto scams have grown bigger and more sophisticated in recent years. Victims reported losing more than $2.5 billion in cryptocurrency investment frauds in 2022 alone, according to the IC3’s latest figures.

The FBI issued an initial warning last year about an increase in schemes designed to exploit victims who have already lost cryptocurrency to fraud, scams or theft.

In June, the bureau said it noticed an emerging criminal tactic used to defraud cryptocurrency scam victims: fictitious law firms baiting people who’ve already had their crypto wallets drained by scammers, claiming to be on their case to recover their precious digital coin – for a fee.

In some cases, scam victims ended up baiting themselves by contacting what they believed was a legitimate recovery service, the feds said.

It’s also important to watch out for spoofed versions of your exchange. In May, US authorities arrested an Indian national for spoofing the Coinbase website to steal over $37 million, which he allegedly used to pay for exotic trips, supercars, and expensive watches. If found guilty of all charges, he faces up to 20 years behind bars.

Protect your crypto

According to the Bitdefender 2024 Consumer Cybersecurity Assessment Report, netizens' biggest cybercrime worry is having their money stolen. Yet people generally avoid even the easy steps that could help keep fraudsters at bay.

Bitdefender recently published a straightforward guide on how to exercise good cybersecurity hygiene to combat the rising tide of scams targeting regular folk.

Read: Make It Hard for Scammers to Get You! Use These Seven Vital Tips.

Use Scamio to combat socially engineered attacks on your finances. If you're suspicious about a certain phone call, email or SMS, Scamio provides a fast and efficient way to find out if you’re being conned. Simply describe the situation to our clever chatbot and let it guide you to safety. You can share with Scamio the exact thing you want to check: a screenshot, PDF, QR code or link. Scamio lets you know in seconds if it’s a scam. Use it anywhere via web browser, Facebook Messenger, or WhatsApp. Scamio is localized for use in the USA, France, Germany, Spain, Italy, Romania, Australia and the UK.