Published: July 16, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
Cryptomining, the partner to cryptocurrency, is an elusive concept for many of us but likely won’t stay that way for long. According to a report by Cisco “Top Security Trends for 2021” cryptomining is a cyber threat we’ll be seeing more of this year. The report finds cryptomining opens the door for other cybercrimes and criminals, including those that steal data and perform other malicious activities. Cryptocurrency is much more publicized than cryptomining, and as a result, many aren’t aware the two depend on each other to survive. A closer look at this trending cyber threat can shed light on a looming security threat to us all.
Cryptomining is the way to validate cryptocurrency transactions. The public ledgers that record all cryptocurrency transactions are saved in blockchains that create a chain of records. The cryptominer receives a small fee for validating the cryptocurrency transaction, usually in the form of the e-currency. Cryptomining needs a tremendous amount of power to work, and some miners hijack power from other sources, including from devices. That’s called cryptojacking and can leave a device useless after draining its power.
If cryptomining software has hijacked a device, it could be the first step toward advancing a multi-staged attack on an infrastructure. Third party hackers can use the opening to advance other malware activities, and that’s the bigger security threat that security experts warn we’ll be seeing more and more.
How Cryptomining Attacks Start
Like many other types of malware attacks, email phishing is the route cryptominers use to enter a system and drain its power. The answer to avoiding these malicious emails is knowing how to identify and protect against a potential phishing email. The steps below can add to your security against cryptominers and malware attacks in general.
What Can You Do To Protect Yourself
Think before you click. Phishing emails often have malware attachments and malicious links in the message and acting on them can be the first step to installing malware on your device
Be aware of bad spelling or grammar in an email. English may not be the hacker’s first language, or the hacker is just not good with language. A legitimate email should not have typos or bad grammar
Be aware of any sense of urgency in the email. Hackers like to push us into acting quickly before there’s enough time to scrutinize the email request
Keep software updated, especially any anti-virus software. Updates have fixes to security flaws that can leave a system open to attack
Use a good dose of common sense. If for any reason you feel an email isn’t quite right, don’t act on it. Always verify an email request with the sender, but don’t use any contact information in the email. It could lead directly to the hacker. Look up the legitimate source of the request yourself
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com