Tether’s CEO Paolo Ardoino has alerted the crypto space to another wave of supply chain email scams in an X post. The CEO urged the community to exercise extreme caution while the issue is resolved.
On Wednesday, online reports surfaced of suspicious emails being sent to the crypto community. Per the reports, investors received emails from crypto companies offering an upcoming token airdrop.
First, users received emails from Bitfinex announcing “exciting news” for the exchange. The email revealed an upcoming ERC20 airdrop of their “new $BFX token” for all Bitfinex users. The reason behind the airdrop was the recent approval of Ethereum spot exchange-traded funds (ETF).
The email offered a “claim now” link that redirected to a website asking to connect to the user’s wallet. Despite the suspicious look of the email, investors doubted its legitimacy as it came from the crypto platform’s official address.
After being tested by the community, it was quickly revealed that the lookalike website was a scam page. An X user tested the page with an empty wallet and found they were “not eligible” for the airdrop.
However, the user tried Rabby Wallet’s watch-only feature with a VB wallet. The user found that all the ETH “would be sent to another wallet, so there was no airdrop for vb.” The destination wallet was empty, which suggested that the scam generated a new wallet for each victim.
The user confirmed the theory after testing it with a second wallet. This tactic would make tracking the number of victims and the money involved more difficult.
Likewise, several users reported receiving strange emails from Coinbase asking to verify secondary addresses. The racist email claimed that the crypto exchange was shutting down and stated that all funds would be lost if they didn’t verify their secondary email for withdrawal authorization.
The email also came from the official Coinbase address. However, the post was unauthorized as the sender used racial slurs and doxed himself.
Tether and Bitfinex’s CEO, Paolo Ardoino, took X to address the situation. In his post, Ardoino revealed he had received reports from two independent sources confirming that a prominent vendor used by crypto companies had suffered a security breach.
The vendor, which was not named, manages the mailing lists of several important crypto companies. Similarly, CoinGecko’s COO Bobby Ong warned users about the ongoing supply chain email attack targeting the community:
Several crypto companies may be affected via email blasts of fake token launches. Be careful with email newsletters in the coming days.
Despite being affected by the security breach, Ong assured users that CoinGecko’s website and mobile app had not been impacted and were safe to use. Moreover, he clarified that the crypto-tracking website was not launching a token, nor did it have plans to.
It’s worth noting that this is not the first time a supply chain email attack has targeted the crypto industry. In January, a massive phishing campaign drained around $600,000 from investors after a scammer sent unauthorized emails from different crypto-related companies.
It was revealed at the time that a member of the exploited vendor’s customer support team became the initial point of compromise. As of this writing, there are no official reports of affected users or lost funds yet.