Email scams are catching crypto investors offguard and stealing millions

Quick Take

  • A common email phishing attack is being used to trick crypto investors — with devastating results.
  • Just today, one such scam likely resulted in the theft of $60 million in ETH.

A recent wave of email scams is catching crypto investors off-guard and stealing millions of dollars in cryptocurrency.

Friday morning, it appeared that one such email scam was behind the theft of some $60 million in ETH from a dog-themed crypto project during its token sale.

One of the persons behind the project shared a screenshot of an email they received containing an attachment. The email looked like it was from a prominent crypto investor but it wasn't their real email address. It contained a PDF file that was presented as an investment deck, which may have contained malware. This malware may have managed to access the crypto wallets controlling the funds before sending them to another address.

Since then, the project says it has gotten in touch with Chainalysis to monitor the movement of the seemingly stolen funds and it has let professional security researchers look at the PDF.

This project wasn't the only target, however.

VC firms County Capital and Sneaky Ventures both shared tweets showing that they, too, received the same phishing email. The one sent to County Capital was also sent to VC firm Sino Global Capital, the screenshots show.

Inspired by a previous phishing attack

The individuals behind the attack posted a message on the Ethereum blockchain, which said that they were inspired by a similar phishing attack.

This was the attack against trading firm