Lost more than 100,000 USD in Bitcoin because of being cheated by bots
Last month, when Dr. Anders Apgar and his family went to dinner at a restaurant, his phone wouldn't
When Apgar answered, a female voice said, "Welcome to Coinbase's security hotline. We detected unauthorized activity due to an unsuccessful attempt to log into your account from your IP address. in Canada. If not you, please press 1 to complete the account recovery and protection measures". The call lasted 19 seconds. Apgar immediately pressed 1 without a doubt.
The doctor said he was hypnotized and acted like a machine, not even remembering to enter the two-factor authentication code manually or copy the number on the screen. His account was locked after two minutes and has not been able to regain access yet. He determined he had lost all of his Bitcoins.
"It's scary and empty. I can only complain," Apgar said.
According to security experts, Apgar was fooled by the 2FA two-factor authentication feature. 2FA is a popular security method on banking transactions, cryptocurrencies, social networks, email... It is considered to be able to provide higher account protection thanks to an extra step of password authentication using a password. one time (OTP) sent to the phone, next to the master password.
However, the form of authentication via OTP is also a target that hackers actively exploit in the past time. Not only making regular calls and messages, hackers also use automated bots.
According to cybersecurity company Q6 Cyber (USA), OTP bots are causing significant damage to financial institutions and many other sectors. However, it is difficult to measure the damage because bot scam attacks are relatively new.
"The bot hackers are cleverly making automated calls, creating a sense of urgency and trust. It creates fear, prompts victims to take immediate action to protect their accounts." , said Jessica Kelley, analyst at Q6 Cyber.