Solomon’s Independent Financial Advisers founder, Dominic Thomas, has told FT Adviser that he received a fake “FCA-endorsed” crypto scam email five times over the weekend before finally going on Twitter to warn the regulator.
The FCA (Financial Conduct Authority) oversees UK capital markets, and has been impersonated in many scams before this.
Generally speaking, the FCA warns, “if it sounds too good to be true, it probably is.”
The latest impersonation email making the rounds attempts to entice recipients with the subject line: “Guaranteed chance to earn.”
Once opened, the email tells readers: “Bitcoin is still a long way off its peak price of $20,000, which it reached in 2017, but some cryptocurrency experts believe it could hit an even higher value by 2020.”
According to FT Advisor:
“Recipients are then asked to click on a button, coloured in the FCA’s distinctive maroon branding, which reads ‘Click her’ [sic].”
The presence of any clickable link in any email from an unknown recipient should be treated as a red flag and possible Trojan link, meaning a link which, if clicked, could inject devastating malware onto a victim’s computer system.
If that system is networked with other computers, such as in a business environment, the malware could easily spread across the entire network, and malware/Trojans are typically very difficult and expensive to remove once they have taken hold.
Once in place, Trojan malware can collect data and override protocols, thereby destroying the system’s privacy and security.
This type of infection has probably been used to execute the majority of cryptocurrency exchange hacks, and has lately been adapted by state actors who previously used to use it to attack banks in the developing world.
The FCA reminds the public to, “Keep in mind that we would never contact members of the public asking for money or your bank account details.”
As well:
“The correspondence is likely to be linked to organised fraud and we strongly advise you not to respond to the criminals in any way.
“Look for signs that the email, letter or phone call may not be from us, such as it listing a mobile or overseas contact phone number, an email address from a hotmail or gmail account, or a foreign PO Box number.
“Scam emails or letters often contain spelling mistakes and poor grammar.”