Crypto Scams on the Rise: Fake Video Conferencing Apps Target Job Seekers for Crypto

Crypto scammers have found a new method to deceive and steal from unsuspecting victims: fake video conferencing apps. 

Recently, a user on X, known as maxlin.eth, reported encountering a sophisticated job-hunting scam. The scammer, posing as a representative from the human resources department of the infrastructure development firm xLabs, approached the user on Telegram. 

The Interview Trap

Unlike typical scams, this one involved a fake job interview conducted via a phony Zoom meeting. The victim, believing the job offer was genuine, chatted for nearly half an hour about xLabs’ vision and products. The scammer then requested a switch to a different meeting software called Meetly, citing technical difficulties with Zoom.

When the victim clicked on the provided link, they were directed to a realistic-looking conference screen but experienced technical issues. The scammer convinced the victim to download and install the Meetly software, which turned out to be malicious. Although the session ended, the application was installed.

After realizing something was amiss, the victim researched the link and found it widely reported as fraudulent. Further investigation revealed no record of the supposed xLabs employees or the offered marketing specialist position. The victim swiftly transferred their crypto assets to different wallets, averting potential theft.

Alert from Cybersecurity Experts

On July 22, in a similar fashion, NFT collector and cybersecurity engineer “NFT_Dreww” informed the community to the crypto scam involving fake Zoom links. 

The scammers insist on using Zoom and send a malicious link that appears legitimate. When clicked, the link opens a “stuck” page with an infinite loading screen, prompting the user to download and install a fake Zoom installer, which is actually malware. Once installed, the malware infiltrates the victim’s computer, stealing data and crypto assets.

According to technologist “Cipher0091,” the malware initially adds itself to the Windows Defender exclusion list to avoid detection. It then begins extracting information while the user is distracted by the fake loading page, as reported by CoinTelegraph.

The scammers continually change domain names to evade detection, with this being their fifth domain used for the scam.

Alarming Increase in Crypto Losses

Research from blockchain security platform Immunefi shows a dramatic increase in crypto losses from hacks and scams. 

Over $572 million was lost in Q2 2024, more than double the $220 million lost in Q2 2023. Centralized exchange hacks accounted for the bulk of these losses. The biggest single loss in Q2 was a $305 million Bitcoin hack from the crypto exchange DMM on May 31. 

On July 18, Indian crypto exchange WazirX lost $234 million to a hack.

Protecting Against Scams

To protect against such scams, users should:

• Verify the legitimacy of any job offers and the identities of the individuals involved.

• Avoid downloading software from unverified sources.

• Use reputable security software to scan for malware.

• Be cautious with links received via email or messaging apps, especially if they prompt software downloads.