CoinGecko Hit by Phishing Scam; Users Warned of Fake Airdrop

Cryptocurrency data aggregator CoinGecko suffered a security breach on January 10, with their account falling prey to a phishing attack. This incident underscores the increasing cybersecurity threats facing the digital finance industry. During the attack, a fraudulent link promising a CoinGecko token airdrop was posted, misleading users. The company acted swiftly, removing the post and alerting users to avoid engaging with any suspicious content.

CoinGecko Tactics in Recent SEC Account Breach

Moreover, this breach mirrors a similar incident that occurred a day earlier with the U.S. Securities and Exchange Commission’s (SEC) account. Investigations into the SEC account compromise revealed that scammers, exploiting the lack of two-factor authentication (2FA), posted false information about SEC Chair Gary Gensler approving Bitcoin spot exchange-traded funds (ETFs). However, the SEC had nodded to Spot Bitcoin ETF at press time. 

Although promptly deleted, these deceptive posts highlight the sophisticated techniques cybercriminals use to manipulate information in the financial sector.

SIM-Card Swap Attacks

The cybersecurity community has raised alarms over the increasing frequency of SIM-swap attacks. This method involves imposters gaining control of a victim’s phone number, thereby accessing various linked accounts. Such tactics were evident in the recent hack of Ethereum co-founder Vitalik Buterin’s account. These incidents highlight the critical need for enhanced security measures like two-factor authentication, not just for individuals but also for corporate entities.

Read Also: Spot Bitcoin ETF Approved: Here’s Why Grayscale is the Biggest Winner