Blockchain security firm SlowMist has issued a warning about a new wave of scams targeting the crypto community. Scammers are posing as crypto journalists and utilizing malicious Calendly links to compromise victims’ accounts.
Targeting Chinese-speaking Users
The primary focus of these scams is on Chinese-speaking victims. The scammers initiate contact through direct messages, presenting themselves as crypto journalists interested in scheduling interviews. To appear legitimate, they share links that closely mimic the appearance of Calendly bots.
🚨SlowMist Security Alert🚨
Recently, victims have been phished by people pretending to be journalists. The scammer often spoke broken Chinese and sends a normal-looking Calendly link. However, upon clicking, the link’s name changes to “Calendly.”, with an additional dot. This… https://t.co/PN3sANKknH pic.twitter.com/Sy7WNNGTJv
— SlowMist (@SlowMist_Team) January 8, 2024
Unwitting Grant of Authorization
Once a victim clicks on the fake Calendly link and grants authorization, they unknowingly give control of their account to the scammers. This authorization enables malicious actors to distribute phishing links through the victims’ posts, potentially causing widespread harm.
Reports suggest that scammers are specifically targeting crypto influencers, using broken Chinese in their communication. The scale of the attack remains uncertain, but there are indications that the cybercriminals might be associated with the Pink Drainer crypto hacking group.
Stay Vigilant: Mitigating the Risks
SlowMist recommends users take immediate action to mitigate the risks. Users are advised to check and delete any suspicious applications or sessions in their account settings on the affected platform. Proactive measures can help prevent unauthorized access and protect users from falling victim to these scams.
Historical Precedent: Previous Impersonation Incidents
If you think your X account is at risk, delete any suspicious applications or sessions asap in👇 “Settings->Security and account access->Apps and sessions”. pic.twitter.com/N8xK2vUPe4
— SlowMist (@SlowMist_Team) January 8, 2024
This is not the first instance of scammers impersonating journalists within the crypto space. In November 2023, SlowMist revealed a sophisticated phishing attack on the crypto startup Friend.tech. Scammers used fake interviews and malicious scripts to target users successfully.
Varied Tactics: Forbes Impersonation Incident
In another incident during the same month, an unidentified con artist posed as a Forbes journalist to approach holders of Bored Ape Yacht Club NFTs. The scammers conducted interviews, setting up multiple call links and recording screens using a separate recorder bot.
As these scams evolve, users must exercise caution and remain vigilant. Deleting suspicious applications and sessions, verifying the legitimacy of interview requests, and being wary of unexpected communication can go a long way in safeguarding against potential threats.
