Scammers have been impersonating members of Kraken’s token listing team and employees in recent weeks, promising coverage of projects in exchange for a fee.
Kraken, a digital-asset exchange operating from the United States, said on Friday that cryptocurrency teams that use LinkedIn and Telegram should be on high alert. They were advised to watch out for would-be scammers posing as Kraken staff, as these efforts appear to be targeting users of these social networks in particular.
Example email associated with the scam.
To be clear, Kraken said its staff involved in the listing process does not, and will never, contact a project or cryptocurrency by social media or chat applications.
If you are being contacted by someone called Liz Cohen, Darin Zumberi or Jing Kang, claiming to be one of Kraken employees on Telegram or LinkedIn, the exchange said know the account reaching out is a fraud.
Open a Trading Account Today With These Recommended Brokers
Kraken tracked some of this activity, shedding light on the situation. The exchange said in most cases it reviewed, scammers have gotten sophisticated to the point where they sent phishing emails using domain addresses that look legitimate and appear to be associated with Kraken. This technique is called Punycode, which tries to deceive users by replacing one or more characters in the URL with similar-looking characters from another character script.
Example of a Punycode email address
Rampant Crypto Scams Continue to Plague Social Media
“To protect yourself and your business against Punycode phishing: we recommend adding filters to check the header on inbound emails for 'xn--'. Our security team advises you quarantine these messages by default, review them regularly and add exceptions for any legitimate domains you communicate with,” Kraken said.
Example social media profile identified in this scam.
The warning highlights the lengths to which fraudsters and clone crooks seeking to defraud cryptocurrency users will go to find targets. But this is not a new phenomenon, as scams and crypto go hand in hand since Cryptocurrencies gained mainstream attention.
In July, Twitter accounts of dozens of crypto exchanges and high-profile figures were hacked, including Bill Gates and Joe Biden, to promote an apparent Bitcoin scam.
Interestingly, Kraken has recently secured approval from a state regulator in the US to launch a crypto bank under an SPDI charter. An SPDI bank charter permits Kraken to operate an independent bank that will reduce reliance on third-party financial institutions and allows the exchange to provide deposit-taking, custody and fiduciary services for digital assets.
