FTX Users Targeted by Phishing Emails Following SIM Swap Attack

The challenges persist for individuals connected to Sam Bankman-Fried's previous enterprise, with no sign of relief in sight.

FTX customers are still grappling with escalating challenges, even months after the exchange's closure, which left numerous users unable to access substantial amounts of funds locked within the now-defunct platform.

A fresh set of concerns has emerged as certain former users find themselves caught up in a novel phishing attack that specifically targets email addresses associated with FTX. This attack comes closely on the heels of Kroll, the claims agent overseeing the bankruptcy proceedings, experiencing the repercussions of a SIM swapping attack. This breach led to the exposure of sensitive customer details, including account balances, phone numbers, and residential addresses.

Significantly, this attack also impacted customer information from other struggling cryptocurrency entities like Genesis and lender BlockFi. While passwords for crypto accounts and other sensitive data remained untouched, customers were advised to maintain caution against potential scammers adopting the roles of entities involved in the bankruptcy procedures.

The culprits behind this breach quickly capitalized on the acquired information, constructing deceptive emails that promise to restore lost funds to account holders, on the condition that they link a crypto wallet to their account.

One such email example reads, "You have been identified as an eligible client to initiate the withdrawal of digital assets from your FTX account. Withdrawals will be made in USDC, corresponding to the balance of digital assets held in your wallet during the platform's suspension."

The deceitful email encourages recipients to "withdraw to an external ERC20 wallet by clicking the 'withdraw now' button."

Nevertheless, connecting a wallet to this phishing email is likely to result in the depletion of one's token holdings, as it might request sensitive private key data required for the transfer.

What customer data is non-sensitive? https://t.co/StqcS1EviC

— Dyme (@CryptoParadyme) August 25, 2023

SIM swapping involves fraudsters manipulating a victim's mobile carrier to activate a SIM card under their control. This enables them to gain access to the victim's phone number and exploit their personal information to steal passwords, financial data, cryptocurrencies, and other valuable assets.

In a parallel development, FTX recently took a precautionary step by temporarily freezing affected user accounts within the customer claims portal. This portal serves as the official platform for creditors to provide details about their accounts.