Anatomy of a Phishing Attack — The methods fraudsters can use to trick

The crypto community is one of the most welcoming and passionate communities on the internet. People help each other wherever they can and welcome new members with open arms when they are researching new projects. Unfortunately, there are also some bad apples in the community that try to take advantage of less experienced users and attempt to steal their money.

Published in

AirGap

4 min readNov 2, 2021

Many users throughout the crypto community have been victims of phishing attacks carried out via Telegram and Reddit. The social media channels of AirGap have also been targeted by scammers. While we sadly cannot prevent this from happening, we feel like it is our responsibility to constantly look for ways to bring this issue to the attention of our community. The following is a small list of methods that fraudsters will try to use to scam users.

1. DM (Direct Message) immediately after asking questions

One typical tactic used by scammers to target our users is to send direct messages to them right after they have asked a question in one of our support groups, pretending to be an admin or a member of the AirGap team. Please note that no member of the AirGap team will ever send you a direct message first, without announcing it in the group.

Here is a typical example of a scammer impersonating Pascal Brun, the co-founder of AirGap.

At first sight, these scammers appear innocuous, but as you continue to entertain their inquiries, you will realize that they are in fact fraudsters and should be avoided at all costs. Also, note that the scammers usually use a name that closely resembles the team member's name. So even if the name looks legitimate, it’s best not to engage in a conversation.

2. Malicious website

Another technique that scammers employ is the use of malicious websites. The website may resemble a web-based version of the AirGap Vault or any other AirGap app or website. The attackers’ primary purpose is to steal the victim’s mnemonics (i.e., the 24 words) and they commonly use two methods to accomplish this goal. A form that persuades the victim to enter their mnemonics or a website or link that is provided that replicates the AirGap Vault interface.

Here is another example:

In the screenshot above, which was shared by one of our users, the scammer presents a shortened URL to a malicious website disguising to help the individual backup his mnemonics.

Please always keep in mind:

You should never enter your mnemonics anywhere except the official AirGap Vault application.
We’ve included links to our official website as well as our applications, GitHub repository, and social media accounts at the end of this article.

3. Fake Mobile Apps

Another popular method these scammers use to deceive crypto users is through the deployment of fraudulent apps that are offered for download through alternate stores. Although these fraudulent apps are often reported and discovered fast, it is recommended that you should never download our vault and wallet from any other store than the Google Play Store, Apple App Store, or our GitHub page.

While this is more of an issue for Android users, it is something that every one of our users should be aware of.

4. Scamming Emails

Even if it looks exactly like an email you received from us, proceed with caution before following any instructions included in it. If your seed phrase is requested, it is clear that you are dealing with a fraudster.

Things you could do to reduce phishing scam

Such individuals should be blocked, reported, and avoided on any social media platform.
Report malicious website here
Report malicious apps here
Use plausible deniability to add an extra layer of security to your funds just in case you ever fall victim to giving away your mnemonics to these scammers.

Conclusion

At the end of the day, it is your responsibility to ensure that your funds are kept secure and safe.

Never, ever reveal your mnemonics to anyone.
If someone offers you a deal that seems too good to be true, then it usually is and that person is likely trying to scam you.
Make use of extra security functionality such as plausible deniability to provide an extra layer of protection.
Remember that the support team does NOT require your mnemonic to help you if you have a problem.

Do you have further questions regarding AirGap?
Reach out to us via Discord or visit the AirGap help center.