In new malicious activity discovered by Kaspersky experts, the attackers were hidden behind the technology company, Nvidia. These attackers launched a fraudulent website to commemorate the company’s 30th anniversary, which welcomed visitors to participate in a 50-thousand bitcoin giveaway. The scammers had made a mistake though, using the Nvidia logo in an incorrect violet color, when it is originally green.
The page contains a “Participate” button which, once clicked, takes the visitor to a page with detailed information on the giveaway – it is, however, full of spelling errors, which is unacceptable for a reputable company such as Nvidia. The page encourages potential victims to donate prior to entering the giveaway, and includes an image of Jensen Huang, the Nvidia CEO. Successful participants are told they can double their donation or even hit the ‘jackpot’– 50 thousand bitcoins. The page includes crypto wallet credentials for users to send their ‘donation’.
The scammers’ wallet can be checked on blockchain.com, however, the total account balance is 0.42 BTC (8 495 USD) – far less than the 50 thousand bitcoins advertised. It is unsure whether the amount in there has been formed by donations or not, but several transactions from unknown senders can be tracked in the account history.
“Crypto scams that involve images of celebrities, or power brands, become trendy these days. We’ve witnessed campaigns with Elon Musk, Bill Gates, and Pavel Durov. This time the attackers went further, launching fraudulent activity on behalf of Nvidia’s CEO and connecting it to a very special occasion for the company. Our primary advice is to carefully check all the links you follow while surfing the net, and avoid donating to untrustworthy initiatives”, comments Olga Svistunova, a security expert at Kaspersky.
To avoid scams, save money and keep personal data private, Kaspersky experts share the following simple tips:
- Check any links before clicking. Hover over them to preview the URL and look for misspellings or any other irregularities.
- Sometimes fake websites look just like real ones. It depends on how well the criminals did their homework. Hyperlinks are the most likely to be incorrect — often containing spelling mistakes — but these links can also be disguised to look valid and redirect you to a different page, impersonating the legitimate site.
- To protect your data and finances, it is good practice to make sure the online checkout and payment page is secure. You’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP; an icon of a lock will also typically appear beside the URL and the address bar, showing in green on some browsers. If you don’t see these features, do not proceed.
- Use a trusted security solution that can help check the security of the URL that you’re visiting, and can also provide the ability to open any site in a protected container to prevent theft of sensitive data, including financial details.
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.