Kraken has identified an active scam targeting the cryptocurrency community in which malicious actors are using fake identities to pose as members of our token listing team.
Cryptocurrency teams that use LinkedIn and Telegram should be on high alert, as these efforts appear to be targeting users of these social networks.
Example email associated with the scam.
If you were contacted by Liz Cohen, Darin Zumberi or Jing Kang – note: these are NOT Kraken employees, but rather puppet accounts used by the perpetrators.
Example social media profile identified in this scam.
In the event any of these individuals contact you, they may request your email or else access this information via LinkedIn or Telegram. In most of the cases we’ve reviewed, the email will be sent from a Punycode domain that appears to be associated with Kraken.
Example of a Punycode email address. The Ks are cyrilic alphabet characters not ISO basic Latin alphabet characters.
To protect yourself and your business against Punycode phishing: we recommend adding filters to check the header on inbound emails for “xn--“. Our security team advises you quarantine these messages by default, review them regularly and add exceptions for any legitimate domains you communicate with.
Example scammer message identified as part of this advisory.
Please be aware that Kraken employees involved in the listing process will never make contact with a project or cryptocurrency by social media or chat applications.
To submit your project for consideration by our listing team, you can email firstname.lastname@example.org.