Cryptocurrency exchanges and third parties continue to be targeted due to the potential financial gains. Any vulnerabilities located will be rare but, as always, remain a threat due to the amount of malicious actors looking to exploit any given weakness.

This latest campaign once again highlights the power of a phishing campaign. Phishing emails work on high volume to maximise any compromise which cannot always be mitigated against by the software. Therefore, crypto users especially must remain extra vigilant of any email along with follow up text messages where potential hackers are seeking those all-important credential details.

Cryptocurrency exchanges and third parties continue to be targeted due to the potential financial gains. Any vulnerabilities located will be rare but, as always, remain a threat due to the amount of malicious actors looking to exploit any given weakness.

This latest campaign once again highlights the power of a phishing campaign. Phishing emails work on high volume to maximise any compromise which cannot always be mitigated against by the software. Therefore, crypto users especially must remain extra vigilant of any email along with follow up text messages where potential hackers are seeking those all-important credential details.

Coinbase have offered their own MFA for some time but many users choose not to set it up. Common reasons are lack of understanding of how it will impact them and fear of getting locked out. Unfortunately it is all too easy these days for bad actors to get their hands on email addresses, phone numbers and passwords for online accounts, especially if they have value behind them such as a bank or crypto exchange account. It's just a case of checking social media to find people who are active in crypto and use the Coinbase platform. Then checking that data against the vast amount of password breach data on the dark web and then trying logins until they find ones that work. It’s a simple numbers game where even a small degree of success can still pay handsomely.

Simple rule, if you have anything of value online and want to keep it, don’t just use a password.