A new round of phishing attempts has targeted creditors of the cryptocurrency lender Celsius Network as the bankruptcy procedures for the company are about to come to a close. Two data breaches that happened in 2022 are thought to be the cause of this rise in fraudulent activity since they made network users more susceptible to fraud.
The Return of Phishing Attacks
Reports on social media have surfaced, indicating an uptick in phishing attacks targeting creditors of the bankrupt Celsius Network. These scams involve malicious actors impersonating Stretto, the bankruptcy services platform that works with Celsius and its creditors.
In one case, a user reported receiving three phishing emails, all posing as communications from Celsius, on September 18th. Others have also fallen victim to these fake emails, which often contain malicious links attempting to mimic Stretto, the claims agent responsible for handling the bankruptcy case.
The fake websites created by these scammers closely resemble the genuine Stretto site but with a slight modification, typically dropping an “s” from the URL. Once victims connect their wallets, the scammers can access and drain their crypto assets.
3 phishing emails this morning on the Celsius stuff, what a mess
— Bull Run ₿lackmore 🫐 (@21blacky) September 18, 2023
Did kyc in the app, what else is there to do after that?
A Word of Caution
Industry experts and analysts believe that these phishing attacks will escalate as the Celsius bankruptcy proceedings draw to a close. To safeguard themselves, creditors are advised to take extra precautions and meticulously verify the authenticity of links and emails they receive.
In mid-August, Celsius obtained authorization to distribute ballots to its customers for a vote on a proposed settlement plan. Fraudsters have seized this opportunity to launch phishing attacks around the voting deadline.
According to Simon Dixon, CEO and co-founder of BnkToTheFuture, an online investment platform, the voting deadline was set for September 18th, with the report scheduled for release on September 20th. A confirmation hearing is slated for September 29th, and Celsius aims to secure final court approval of its restructuring plan on October 2nd.
Rooted in Data Breaches
These phishing attacks appear to have their origins in previous data breaches, underscoring the importance of securing personal data in the digital age. Celsius Network suffered an email server breach in April 2021, which led to the leakage of user details and subsequent malicious emails targeting those affected.
In July 2022, Celsius admitted to another data breach involving third-party data providers, resulting in yet another wave of phishing attacks. Customers have been eagerly awaiting resolution since Celsius suspended withdrawals in June 2022 following the collapse of the Terra ecosystem, culminating in the company’s bankruptcy filing the following month.
While the Celsius Network works through its bankruptcy proceedings, users must remain vigilant in the face of these phishing threats. As the crypto industry continues to evolve, protecting personal information and assets remains paramount in safeguarding against fraudulent activities.