Betterment Users Are Falling Victim to This Crypto Scam.

Posted on by

Clients of the automated investing platform Betterment have fallen victim to a cryptocurrency rewards scam after a data breach in which attackers gained access to some user data and sent fake emails promising huge returns on Bitcoin and Ethereum deposits.

According to a January 12 security update published on Betterment’s website (and emailed to users), hackers gained unauthorized access to a third-party platform used for marketing and operations on January 9. Following the breach, they sent fraudulent messages to some clients offering to triple their cryptocurrency investments.

Betterment Cryptocurrency Rewards Scam

Fraudulent emails were sent to Betterment users on January 9, shortly after the data breach, with subject lines like “We’ll triple your crypto!” The message claimed Betterment was “rewarding” users for a limited time by tripling Bitcoin and Ethereum deposits up to $750,000 to specified wallets. The scammers attempted to create a sense of urgency by setting a deadline for the promotion (a typical scam tactic).

You may also like

The messages came from [email protected] , which is a legitimate Betterment subdomain, allowing them to appear verified in users’ inboxes. Note that this is the same email address Betterment used to send a security update to all its clients.

Daily newsletter

Ready to keep getting better? Get daily tech tips, tricks, and guides from our team of experts.

To complete your subscription, please complete the checkout below.

Success!
Everyone is registered.

By clicking the “Register” button, you confirm that you are 16 years of age or older and agree to our Terms of Service and Privacy Policy .

A nearly identical cryptocurrency scam targeted Grubhub users in December, sending emails (also from a legitimate Grubhub subdomain) promising tenfold returns for depositing $1,000 in Bitcoin.

What do you think at the moment?

Betterment’s data was hacked.

Cybercriminals managed to steal some customer information from the hacked system, including names, email addresses, mailing addresses, phone numbers, and dates of birth. Betterment stated that passwords and login credentials were not included in the leak, and the attackers did not gain access to user accounts. While few official details have been released, the company is reportedly being blackmailed as the target of a distributed denial-of-service (DDoS) attack.

If you’re a Betterment customer, be wary of any unsolicited messages regarding your account in the coming days and weeks. Scammers use these situations as an opportunity for phishing. Remember that Betterment (and other legitimate companies) will not ask for your password or other personal information via email, text message, or phone call. If you’re concerned about your account or want to update your login information or other information, go directly to the website or app and do it there—this is generally safer than clicking links in messages, even if the messages from Betterment seem (or appear) legitimate.

More…

Scams

Leave a Reply