Kaspersky has detected a wave of phishing attacks preying on former customers of the bankrupt crypto lending platform BlockFi. These scams leverage the ongoing distribution of customer assets following BlockFi’s 2022 bankruptcy, tricking victims into surrendering cryptocurrency wallet seed phrases, potentially leading to financial losses.
BlockFi, once a prominent provider of high-yield interest accounts and crypto-backed loans, announced bankruptcy in November 2022. The company began disbursing repayments to affected clients in 2024 as part of its restructuring plan. Kaspersky has detected fraudulent emails mimicking BlockFi’s official branding, which falsely invite recipients to “claim the payment” they are “entitled to.” After clicking on the link, users land on a phishing page and are prompted to “connect their wallet”.
The attackers suggest that users import their existing wallet by typing in the secret phrase – this grants attackers direct access to the funds in the victim’s wallet.
“Phishing attacks like this are widespread, capitalising on real-world events to build trust and urgency. Victims who fall for these scams risk exposing their crypto wallets to theft. It’s critical for individuals to verify any communications directly through official channels and to check the address from where the email originates for legitimacy,” comments Roman Dedenok, anti-spam expert at Kaspersky.
The phishing emails feature convincing logos, colour schemes, and language, making them difficult to spot at first glance. Kaspersky recommends the following steps to avoid falling victim to this or similar scams:
- Do not click on links or respond to unsolicited emails.
- Protect Sensitive Information: Never share banking credentials, wallet seed phrases, or other private keys in response to an email or online form.
- Use Security Tools: Enable two-factor authentication (2FA) on all financial accounts, employ reputable security software like Kaspersky Premium, and consider using a password manager to safeguard credentials.
