The Federal Bureau of Investigation has issued a warning about tech support scammers who are trying to steal assets from crypto-exchanges' clients.

According to the FBI, fraudsters purporting to be employees of technical, security or customer support services of various cryptocurrency exchanges.

Typically, scammers act as follows: they call a victim by telephone or send him a message, claiming that the victim's device is infected with a virus. Once the fraudulent tech support company representative makes verbal contact with the victim, the criminal tries to convince the victim to provide remote access to the victim’s device and accounts. Another fraud scheme includes situations when a scammer asks his victim to transfer cryptocurrency assets to the "temporary" wallet while the problem is being solved.

The warning was made by the Internet Crime Reporting Center (IC3) under the FBI. They believe that the current situation is "problematic and widespread." According to the Center, in 2017, consumers filed about 11,000 complaints and reported the loss of more than $15 million due to fraud and scams associated with false technical support.

According to the FBI, cryptocurrency investors are increasingly becoming victims of fraudsters, accounting "individual victim losses often in the thousands of dollars."

The Center gives some recommendations for protection from scammers:

  • Remember that legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals.
  • Install ad-blocking software that eliminates or reduces pop-ups and malvertising (online advertising to spread malware).
  • Be cautious of customer support numbers obtained via open source searching. Phone numbers listed in a “sponsored” results section are likely boosted as a result of Search Engine Advertising.
  • Recognize fraudulent attempts and cease all communication with the criminal.
  • Resist the pressure to act quickly. Criminals will urge the victim to act fast to protect their device. The criminals create a sense of urgency to produce fear and lure the victim into immediate action.
  • Do not give unknown, unverified persons remote access to devices or accounts.
  • Ensure all computer anti-virus, security, and malware protection is up to date. Some victims report their anti-virus software provided warnings prior to the attempt.