Decentralized finance has seen a sudden boom since the introduction of non-fungible tokens and cryptocurrencies going mainstream. But in this consistent adoption and scaling of things, many investors and traders have let their guard down. When something goes mainstream and becomes the talk of the town, usually scammers and illicit hackers would try to bend the situation to their advantage. The same thing happened with decentralized finance. Many phishing emails have been sent to many investors and traders, and plausibly many of them have fallen victim to these.

The general rule of thumb is when you can’t verify the sender of the mail and or the source; then you shouldn’t open it. This is where many investors fell victim to this whole crusade. They received fraudulent emails that had PDF files attached, and some of them opened these, unleashing a malware attack encrypting every ounce of data on their hard drives. It is a very popular type of phishing scam in which malware is inserted into the PDF files, and then someone opens it; it encrypts every ounce of data in that system. When the data is encrypted, it requires a password for decryption and unlocking of the data, and guess what? The original user doesn’t have the password.

Phishing Scams are Increasing in DeFi Space

This is also a very elaborate type of ransomware attack. After some time has passed, the cybercriminals will send an email with a dedicated wallet address in which the user has to deposit the required money to be able to get their files back. This is the main mechanism of how this thing goes down usually. @cryptofan777 is a Twitter user who said that they received an email from a well-known decentralized finance investor Sisyphus for NFT product Pebble DAO or they thought they did. It was definitely a phishing email, and as the subject of the email read, it contained an elaborative agreement for future tokens from the parallel DAO project.

But the possible giveaway of this fraudulent email was that it didn’t have any text, and neither was it signed. The recipient made the mistake of opening the email and then opening the PDF file, which unleashed malware into their system. These kinds of attacks have become more frequent, and the only thing that can be done here is to be cautious and verify the recipient of every email or text message before you open it or take any action.