The emails arrived on Monday, promising refunds. They got here from legitimate “.gov” e mail addresses, with headers from a cryptocurrency trade.
However the emails weren’t professional, they usually weren’t April Idiot’s Day pranks. They had been phishing scams, based on the Maryland Office of the Comptroller, designed to seem like customers may comply with directions to get a cash from Bittrex, a now-defunct digital forex.
“The e-mail was despatched from compromised accounts to a number of listservs hosted on a third-party server,” the comptroller’s workplace stated in an announcement Friday. No different techniques had been affected, and no taxpayer private data was compromised, the assertion stated.
Although the quantity of people that acquired the obvious phishing e mail is unknown, fewer than 30 folks had informed the Office of the Comptroller that they clicked any of the hyperlinks within the e mail as of Thursday afternoon, and none stated they skilled any additional hack or information theft.
Bittrex shut down in August 2023 after settling prices that it operated as an unregistered nationwide securities trade, dealer and clearing company. The platform declared chapter earlier than the settlement.
A website for users who have funds to claim from the platform warns of phishing scams and a faux web site with inflated account balances to lure folks into getting into their private data.
The comptroller’s workplace notified those that acquired the phishing emails and instructed them to delete the emails. Officers there additionally disabled the affected e mail accounts so they may not be used to ship any extra malicious emails.
The comptroller’s workplace stated anybody who supplied monetary data after following a hyperlink within the Monday e mail ought to contact their banking service.