Adam Griffin, a U.S. citizen, fell victim to a sophisticated scam in which he lost nearly $500,000 in cryptocurrency. The perpetrators posed as Google support representatives, employing advanced social engineering techniques. The case was reported by Krebs on Security (KoS).
The Scam
On May 6, Griffin received a call from a number associated with Google Assistant. The caller claimed his Gmail account had been compromised from Germany. Simultaneously, he received an email appearing to originate from Google, complete with an “incident ID.” It was later revealed that the email had been sent via Google Forms, giving it a convincing appearance of authenticity.
The scammers persuaded Griffin to approve a recovery request for his account. Once access was granted, they exploited his Gmail account to retrieve data stored in Google Photos, which contained images of a secret recovery phrase for his Exodus cryptocurrency wallet. This allowed the scammers to steal approximately $450,000 in cryptocurrency.
Additionally, the attackers attempted to withdraw another $100,000 from Griffin’s Coinbase account, but the exchange successfully blocked this transaction.
A Similar Case
Another victim in Northern California reported losing 45 bitcoins (worth over $4,000,000 at current rates) in a nearly identical scheme. In this instance, the scammers used a phishing site disguised as a Trezor wallet recovery page to steal funds.
Google’s Response
Google confirmed the targeted nature of these attacks and announced strengthened security measures. Despite these efforts, victims have continued to receive threatening calls from the scammers. Griffin, who recorded his interactions with the attackers, was warned by the FBI to cease communication with them.
Preventive Measures
Experts recommend disabling Google Authenticator synchronization with Gmail accounts. This precaution ensures access to cryptocurrency accounts remains secure even if email accounts are compromised.
The incident underscores the importance of remaining vigilant against phishing scams and protecting sensitive account data, particularly in the growing world of cryptocurrency.
