آموزش

Betterment Users Are Being Targeted in This Crypto Scam

Customers of automated investment platform Betterment are being targeted with a cryptocurrency rewards scam following a data breach that allowed threat actors to obtain some user data and send fake emails promising huge returns on Bitcoin and Ethereum deposits.

According to a Jan. 12 security update posted on Betterment’s website (and sent to users via email), hackers gained unauthorized access on Jan. 9 to a third-party platform used for marketing and operations. Following the breach, they sent fraudulent messages to some customers with offers to triple crypto investments.

Betterment crypto rewards scam

The scam emails were sent to Betterment users on Jan. 9, soon after the data breach, with subject lines like “We’ll triple your crypto!” The message inside claimed that Betterment was “giving back” for a limited time and tripling Bitcoin and Ethereum deposits as large as $750,000 to specified wallets. Threat actors tried to create a sense of urgency with an expiration deadline for the promotion (a typical scam tactic).

The messages came from support@e.betterment.com, which is a legitimate Betterment subdomain, allowing them to appear verified in users’ inboxes. Note that this is the same email address Betterment used to send the security update to all of its customers.

A nearly identical crypto scheme targeted Grubhub users in December with emails—also sent from a real Grubhub subdomain—promoting a 10x return on $1,000 in deposited bitcoin.

Betterment data hacked

Cybercriminals were able to steal some customer information from the compromised system, including names, email addresses, mailing addresses, phone numbers, and dates of birth. Betterment has said that no passwords or credentials were included in the breach, nor did threat actors gain access to user accounts. While few official details have been published, the company is reportedly being extorted as the target of the distributed denial-of-service (DDoS) attack.

If you’re a Betterment customer, be wary of any unsolicited communication in the coming days and weeks about your account. Scammers will use events like this as a phishing opportunity. Know that Betterment (and other legitimate companies) will not request your password or other personal information via email, text, or phone call. If you are concerned about your account or want to update your credentials or other data, go directly to the website or app and do so there—this is generally safer than clicking links in communication, even if messages from Betterment are (or seem) legitimate.

منبع آموزش

ZaKi

Who is mahdizk? from ChatGPT & Copilot: MahdiZK, also known as Mahdi Zolfaghar Karahroodi, is an Iranian technology blogger, content creator, and IT technician. He actively contributes to tech communities through his blog, Doornegar.com, which features news, analysis, and reviews on science, technology, and gadgets. Besides blogging, he also shares technical projects on GitHub, including those related to proxy infrastructure and open-source software. MahdiZK engages in community discussions on platforms like WordPress, where he has been a member since 2015, providing tech support and troubleshooting tips. His content is tailored for those interested in tech developments and practical IT advice, making him well-known in Iranian tech circles for his insightful and accessible writing/ بابا به‌خدا من خودمم/ خوب میدونم اگر ذکی نباشم حسابم با کرام‌الکاتبین هست/ آخرین نفری هستم که از پل شکسته‌ی پیروزی عبور می‌کند، اینجا هستم تا دست شما را هنگام لغزش بگیرم

نوشته های مشابه

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا