A few lessons to be learned from this recent cryptocurrency fraud story.
Lesson 1: When using your phone to make financial transactions, make sure you you use the apps that your service links on their home site.
Lesson 2: Two-factor authentication... always!
Users of the popular cryptocurrency exchange Poloniex have been the target of two credential stealing apps, discovered on Google Play disguised as legitimate mobile apps of the exchange. Apart from harvesting Poloniex login credentials, the crooks behind the fake apps have also tried to trick victims into granting them access to their Gmail accounts. Poloniex is one of the world’s leading cryptocurrency exchanges with more than 100 cryptocurrencies to buy and trade in. That alone makes it an attractive target for fraudsters of all kinds, but in this case, it was its lack of official mobile app that the criminals took advantage of.