Cryptocurrency users should exercise extreme caution, as a prominent industry leader has warned of a potential new wave of crypto airdrop scam emails. Paolo Ardoino, the CEO of Tether, revealed that a widely used email list management provider in the crypto industry was allegedly compromised in a data breach.
The Initial Warning
In a June 5 post on X, Ardoino shared the concerning news with his 234,000 followers:
“We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.”
While the name of the breached company has not yet been disclosed, Ardoino promised more details after the completion of the investigation. He urged users to be vigilant:
“Not making names yet until the investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24 hours ago.”
Cointelegraph has approached Tether for further comment on the situation.
To protect themselves from phishing emails, users should double-check the authenticity of any suspicious email and ensure they have two-factor authentication (2FA) enabled on crypto platforms. Hakan Unal, a senior blockchain scientist at the on-chain security firm Cyvers, emphasized the importance of these precautions:
“The immediate concern is the risk posed to individuals who might receive these compromised emails. To stay safe, users should verify the authenticity of such emails and enable multifactor authentication on all crypto accounts.”
Confirmation from CoinGecko
Minutes after Ardoino’s initial warning, the attack was confirmed by a third company, CoinGecko, a cryptocurrency tracking site. Bobby Ong, the co-founder and chief operating officer of CoinGecko, revealed that the breach had affected a crypto email newsletter vendor used by several companies. Ong warned users in a June 5 post on X:
“We at CoinGecko may be potentially affected and are actively working with our vendor to investigate further to determine the extent of this breach. We have seen phishing CoinGecko emails being sent from other client accounts. There is no CoinGecko token being planned so don’t be duped by the phishing emails.”
Ong emphasized that users should not click on any links related to a fraudulent CoinGecko token or any emails promising new token launches.
Crypto scams and hacks remain one of the most pressing concerns in the cryptocurrency industry. The increasing frequency and sophistication of these attacks highlight the need for heightened security measures and awareness among users.
In May 2024 alone, over $574 million worth of digital assets were lost across 30 individual crypto hacks, according to a June 1 post by PeckShield. This represents an approximate month-over-month increase of 666% from the $385 million lost to crypto hacks in April.
| Month | Amount Lost | Number of Hacks | Percentage Increase |
|---|---|---|---|
| April 2024 | $385 million | 22 | – |
| May 2024 | $574 million | 30 | 666% |
Importance of Security Practices
The recent breach affecting a prominent email list management provider underscores the importance of robust security practices within the cryptocurrency sector. Companies must implement stringent security measures, such as regular security audits, encrypted communications, and comprehensive incident response plans.
For individual users, staying informed about potential threats and adopting best security practices, such as enabling 2FA, using hardware wallets, and verifying the authenticity of emails and websites, is crucial in mitigating risks.
Experts in the field continue to stress the importance of vigilance and proactive security measures. Hakan Unal of Cyvers reiterated the need for a multi-layered approach to security:
“Users and companies alike must adopt a multi-faceted security strategy that includes not just technical solutions, but also user education and awareness programs. Regular updates and patch management are also critical in defending against evolving threats.”
The warning from Tether’s CEO Paolo Ardoino about a new wave of crypto airdrop scam emails serves as a stark reminder of the persistent threats within the cryptocurrency industry. The confirmation from CoinGecko further highlights the widespread impact of such breaches. As the industry continues to grow, so does the need for comprehensive security measures and heightened awareness among all participants. By staying informed and adopting best practices, users can better protect themselves against these increasingly sophisticated cyber threats.
Featured image credit: Thanakorn Lappattaranan vis Vecteezy