Interview scams on crypto companies are probably unheard of. Crypto scams are common knowledge these days, with many organizations taking initiatives to make individuals and organizations aware and safe. But the scammers have found an all-new method to breach the privacy of various entities, with a rather unsuspecting means— approaching an interview process for promotion and PR (press release).
Interview Scams: How and Why?
Interview scams can be classified under a category of crypto scams– social engineering scams. What generally happens in these scams is that a party will approach an organization to conduct an interview and other kinds of exposure on their said platforms. Then, they eventually ask for public keys of some account or wallet from that organization. They say this on the pretext of verifying their portfolio, promoting their assets, or some other kind of lure.
Notably, private keys are no longer the only way to attack one’s wallet these days. Access to public keys by the malicious party could also leave one’s account vulnerable to sophisticated tech hackers. It’s a classic social engineering scam kind of move, where the scammers use psychological manipulation rather than hacking computer systems to penetrate into one’s account. They don’t rely on breaking codes to breach security; they instead try to gain control through direct key access.
An Interview Scam Averted: Orbis86 Case-Study
Orbis86 is an NFT collection and a Web3 media platform, run by the CEO and founder Soniya Ahuja. They recently encountered an experience of a potential scam via an interview request. This highlighted the importance of vigilance and security in the crypto world, where frauds keep coming up with newer ways. It could be a very small and highly unsuspecting approach, where the victim can easily overlook red flags as they are not very prominent.
For Orbis86, it all started with a message from an individual who claimed to be from Cryptonews.com, a reputed crypto news aggregator, who approached the company on Discord. They expressed interest in interviewing them and covering their crypto project. At first, it seemed like a fantastic opportunity, but something about this tempting offer didn’t just sit right.
From there on, several red flags appeared which they initially ignored, but realized in the hindsight reflection. The first red flag appeared when they asked the Orbis86 team to raise a ticket in their Discord server. In the Discord platform, raising a ticket means entering a query on a channel. In the industry, most communications are conducted via email, so this was unusual. Moreover, Discord is known to be a hotbed for potential scams and malicious activities.
Rather than jumping into the Discord server, the team of Orbis86 decided to dig deeper to hunt for the legitimacy of the individual. They searched for an official link to the Cryptonews’ Discord server on their website. To the team’s surprise, there was none. This was a glaring red flag, as reputable crypto publications typically have official Discord channels listed on their websites.
Things became quite obvious when they joined Cryptonews’ Telegram group to inquire about the existence of a Discord server for the company. Much to their surprise, a community member confirmed their suspicions as they firmly replied negatively, saying that there was no official Discord group on Cryptonews.com. They also warned that whoever contacted them was probably a fraud and that they should steer clear and be extremely wary of such potential scams.
Key Takeaways and Learnings to Protect Against Such Scams
Even though Orbis86 was saved by the last bell, the results could’ve been devastating, had they fallen for it. Hence, it is vital for all the organizations to take a lesson from the incident. First of all, from any project or entity, when users receive unsolicited interview requests or coverage offers, maintain a healthy level of skepticism, acting upon which, you must approach them with caution.
Confirm the legitimacy of the platform by checking its official website, social media profiles, and other trusted sources. Verification of their authenticity is a must before responding. It’s the most obvious tell-tale if you find something weird in this particular aspect.
Be cautious when asked to communicate through uncommon platforms, especially Discord. Discord is notorious for entities like these to base their actions on. It’s a red flag if they don’t follow the common protocol of contacting through standard means like an email.
Never share sensitive information, such as wallet private keys, without a proper verification process. This has to be a practice set in stone, regardless of whether or not users find anything suspicious.
This all goes back to the age-old adage— “If an opportunity seems too good to be true, it probably is.” One must prioritize security and essential privacy above a potentially profitable deal.
Credit: Source link