This scam is carried out by criminals who start by building a fake website by simulating a shipping service (express courier) with traceability that they create themselves. Then they lure their victim by email (fake amazon, ebay or various marketplaces or simply send a shipment tracking) where they point to their fake site, show the status of the “shipment” at customs, awaiting payment.

In the email, the victims will be instructed on where to go to make the payment, at any bitcoin atm and for this they will give you the coinatmradar.com link to see the bitcoin atm closest to you (coinatmradar is a website where everyone is present the atm of the world). Then they will tell you to scan the qrcode of the “package” and then insert the cash for the payment of the customs (the qrcode they will give you is nothing more than the scammer’s bitcoin wallet), thus simulating the payment to the “shipping company”.

Be careful because the email is well done, also indicating to the victim to bring any identity documents to identify the user and to forward the payment receipt to the scammers themselves.

These scammers use the bargain of the moment or the awareness of attracting the customer with expensive products at low prices or simply receiving a free package. The scammers will do everything in their power to keep the victim with the desire to get “that package”. Pressing the victim to act immediately otherwise the package rolls back.

Do not trust these emails, especially if you know that you have not placed an order in an ecommerce and therefore do not wait for any packages. No shipping company has an agreement with us or with any ATM provider, so when they try to take you to maps where ATMs are positioned to pay for a package or shipment, know that you are a victim of a scam.

Pyramid or Ponzi sales systems are scam schemes often used by cyber criminals to steal the money of people interested in Bitcoin or other virtual currencies. These schemes are not born in the digital world but in the sales of non-existent products or services.

Thanks to a sort of cascade system that works through the Sant’Antonio chain, anyone who brings a new customer into the system earns a percentage of the sales of that particular person. This system is also used for the sale of some crypto-currencies. Too bad that after months of investment and work we will not receive anything since there is no virtual currency behind the company that hooked us.

These scammers use emotion and stress to cloud the judgment of their victims. The scammers will do everything in their power to keep the victim with the desire to get more and more money. Pressuring the victim to act immediately and deposit more and more.

There are no guarantees or 100% fixed profits in a single day, week or month and there is no such thing in the world of cryptocurrencies that in order to withdraw bitcoins you will have to deposit other bitcoins. So it’s a blatant scam to avoid.

One of the main channels for spreading ransomware is the banner ads of sites with adult content. But emails are also used (very similar to phishing emails) that invite us to click on a certain link or download a certain file: email that is masked so that it is sent by someone we trust, for example a work colleague. Furthermore, cybercriminals do not reserve the right to exploit vulnerabilities present in various programs – such as Java, Adobe Flash and Adobe Acrobat – or in various operating systems. In the latter case, the malicious software propagates itself without the user having to take any action.
The vectors of infection used by ransomware are essentially the same as those used for other types of malware attacks:

The most common, because unfortunately it works very well, are phishing emails: through this technique, which uses social engineering (social engineering), more than 75% of ransomware are conveyed. All of us will have ever received emails from shippers, or with fake bills attached. They are obviously phishing emails, but statistics tell us that in 30% of cases these messages are opened by users and even attachments or links in emails are clicked in over 10% of cases, thus allowing the infiltration of malware!

Despite the virulence and spread of ransomware, there are simple rules of thumb that can help us avoid them. We will list them here in summary:

• Never open email attachments of dubious origin. If in doubt, it is advisable to ask the sender if that email is authentic!

• Beware of emails also coming from known addresses (they may have been hacked in a way known as “spoofing”).

• Enable the “Show file name extensions” option in the Windows settings: the most dangerous files have the extension .exe, .zip, js, jar, scr, etc. If this option is disabled we will not be able to see the real file extension.

• Disable the automatic reproduction (“autorun”) of USB sticks, CDs / DVDs and other external media and, more generally, avoid inserting these objects into our computer if we are not sure where they come from. This attack mode is called “Baiting”: it consists in using a bait for a person able to access a specific computer system (a sort of Trojan horse). In practice, a storage medium such as a USB key or hard disk containing malware (which will activate as soon as the object is connected to the computer) is left unattended in a common place (company entrance, canteen, public bathroom). And human curiosity makes this bait work in many cases and the person inserts the unknown key into their computer …

• Disable the execution of macros by Office components (Word, Excel, PowerPoint). A malicious macro could be contained in an attachment in Office format and be automatically activated following our click.

• Always update operating systems and browsers. In general, it is a good rule to always and immediately install the security “patches” (updates) that are proposed to us by the manufacturers of the software we have installed.

• Use – when possible – accounts without administrator rights: if an account with administrator privileges and access is breached, the attacker can use the same privileges to perform more actions and do more damage. Conversely, a non-administrator user has limited privileges and the same limitations will be transferred to the attacker

• Install effective and advanced Antispam services. They will not be able to block all phishing emails, but the best ones still manage to achieve an efficiency higher than 95%.

• Implement “User Behavior Analytics” (UBA) solutions on the corporate network (web traffic anomaly analysis). These tools represent the most advanced protection against ransomware today. In fact, it is known that these malware exhibit a series of typical behaviors (access / write to system folders, connection to external servers for downloading encryption files, etc.). The UBAs therefore analyze the behavior of each computer in the company and are able to understand if “anomalous” events are occurring (such as for example an above average data traffic, access to IP addresses classified as malicious, and writing to system folders that should not be used). Upon detection of anomalous and suspicious events, they can isolate the offending computer and block (at least limit) the attack.

• Implement the use of Sandboxing: these tools are generally present in UBA systems (referred to in the previous point) and allow you to analyze suspicious incoming files in an isolated environment (precisely the “sandbox”).

• Make sure that the plugins you use (Java, Adobe Flash Player, etc.) are always up to date. These plugins – it is known – represent a preferential entry route for most cyber attacks. Keeping them up to date reduces the vulnerabilities they are affected by (although it does not completely eliminate them).

• Always be careful before clicking on banners (or pop-up windows) on unsafe sites. As I have already explained, ransomware can strike us not only through phishing, but also by visiting sites that have been “infected”, with the so-called “drive-by download” method.

• Frequent backup of your data. This is a fundamental rule: if despite everything a ransomware manages to hit us, the only salvation is to have your data saved in another place. And it is important that the backup is performed frequently and completely. In the absence of a backup, only the option to pay the ransom remains, which we strongly advise against since you will never know if they will actually unlock everything or ask for more money. The advice we are also is to always report everything to the police.

Once the scammer has convinced his victim with screenshots and screencasts (fake), he will be led to believe that the proceeds will be sent to his personal wallet but in reality the QR CODE provided will be that of the scammer himself.

After completing the transaction, the bitcoins (or altcoins) will be sent to the address of the scammer’s bitcoin wallet. Once the bitcoins have been sent, you will see stratospheric figures on the fake wallet but in reality you will not have anything on the wallet and so the scammer will tell you that to unlock that figure it will be necessary to deposit more bitcoins, but this is obviously false and therefore the person less experienced will be tempted by greed and the desire to have those figures so as to be willing to deposit more and more money without ever actually being able to withdraw.

The transaction can be viewed on the blockchain, which is the decentralized public ledger of all bitcoin transactions. However, it is impossible to act on this information alone as the transactions are not linked to identities, but to a string of codes.

These scammers use emotion and stress to cloud the judgment of their victims. The scammers will do everything in their power to keep the victim with the desire to get more and more money. Pressuring the victim to act immediately and deposit more and more.

There are no guarantees or 100% fixed profits in a single day, week or month and there is no such thing in the world of cryptocurrencies that in order to withdraw bitcoins you will have to deposit other bitcoins. So it’s a blatant scam to avoid.

Once the scammers have convinced their target that they owe money to the government, a QR code will be sent to the target via SMS or email. This QR code is the scammers’ Bitcoin wallet address, to which the bitcoins will be sent. Once the QR code is scanned by the ATM, the target will be told to deposit their cash into the  machine, to convert it to bitcoins.

After completing the transaction, the bitcoins will be sent to the scammers’ Bitcoin wallet address. Once the bitcoins have left an ATM, it is impossible to recover the funds; Bitcoin transactions are anonymous, irreversible, and virtually untraceable.

The transaction can be viewed on the blockchain, the decentralized, public record of all Bitcoin transactions. However, it is impossible to act on this information alone since transactions are not linked to identities, but to anonymous addresses.  

This scammers use emotion and stress to cloud the judgement of their targets. The scammers will do everything in their power to keep the target on the phone, for as long as possible, to ensure they do not try to contact help. By pressuring the target into acting immediately, the scammers often get results quickly, before the police can become involved.  

The Public Amministration will never ask for payment in bitcoins. Should the caller demand payment in bitcoins,hang up immediately then contact the authorities. If you are unsure, tell the scammers on the phone you will call them back when you have some time. Do not provide the callers with any personal information.

Scammers use technology to mask their actual phone number; the caller ID will often show a legitimate Police phone number. The scammers will attempt to scare their target into paying the “police” a large sum of bitcoins in order to have their loved one “freed”.

Once the scammers have convinced their target to pay for the release of said loved one, the scammers will send their Bitcoin wallet address in the form of a QR code. The QR code will be sent to the target via SMS or email. When the QR code is scanned by the ATM, the target will be told to deposit their cash into the machine, to convert it to bitcoins. Once the bitcoins have been sent to the QR address the transaction cannot be stopped or reversed. At this point, the scammers will often make additional excuses or reasons as to why the target must send additional funds to the QR address.

Absolutely no part of the government (including the Police) requests payment of bail (or similar) in the form of bitcoins.

If you suspect that the individual with whom you are speaking is not a legitimate police officer, be sure to ask for their name and badge number. Hang up the phone, then contact the police to confirm the validity of the caller’s identity.

In some instances, the scammers will have a very sophisticated network, and may even provide the information of a real police officer. Under no circumstance should you provide the caller with any personal information. Inform the scammer that you will cooperate with the authorities by providing the requested information, in-person, at a police station.

The scammer will contact a job seeker through an email, or phone call, and offer them a job. If the job seeker believes that this job offer is legitimate, they will accept their offer and follow the scammers’ subsequent instructions.

The instructions will involve funnelling money from a compromised bank account controlled by the scammer, into the target’s bank account; this is done via Interac e-Transfer. The target will then be instructed to withdraw most of the transferred money, with the difference being the target’s compensation. The target is then requested to use the withdrawn money to purchase bitcoins at a Bitcoin ATM, and send them to the scammer’s wallet address. When the compromised bank account’s or paypal holder discovers money missing, they will report it to their local authorities, who will ask the bank to reverse the transaction. After the transaction is reversed, the target will be left at a loss, having already withdrawn the money sent to them.

The majority of jobs will require a physical presence for an interview. Always be skeptical when being offered a job. Be particularly cautious of any jobs that claim to be ‘remote’ or ‘work-from-home’. Be wary of any job offers made on-the-spot, through an email or a phone call, and without an interview. It is also very important that you never accept money transfers from anyone you do not know. Most certainly, the chances are that the funds are coming from a compromised bank account. A job will also most certainly never involve conducting business out of a target’s personal bank account. Any job that is easy to obtain, with easy pay, is most likely too good to be true. It is always good to have a healthy dose of skepticism.

It is beautiful, but unfortunately it is not the same person who is behind the screen, who has endless chat conversations by being kind and caring and too seductive.

After some time he starts asking for large amounts of money, justifying a sudden financial problem or making up any other excuse, while promising to pay it all back once they meet. The appointment, however, will never happen because once the payment is made, the mysterious suitor disappears permanently from circulation or goes back to the office by inventing any other excuse by seducing his victim and making her feel important for the sole purpose of stealing more money.

Cross-checking and verification.
Conduct an online search to verify the legitimacy of the person’s name, photo, location, email address, and other details.

Slow down and talk to someone you trust.
Talk to a friend or family member about your situation and discuss your next steps with them. A romantic scammer might try to isolate you from friends and family or push you to make impulsive decisions on your own. Don’t let a scammer push you into making any kind of decisions.

NEVER send money.
Never transfer money, never put money on a gift card or cash recharge card or send money via bitcoin atm as they will instruct you where to go, how to do and what to say if you have any questions. Don’t do this because you will be scammed and will never get your money back.

If you have already sent money, please report it.
Contact your financial institution right away if you think you’ve sent money to a scammer.