Creditors from bankrupt crypto lender Celsius Network are again being targeted in a new wave of phishing attacks as the crypto lender’s bankruptcy proceedings enters its final stages.
Reports on social media over the past week have shown an increase in phishing attacks from scammers impersonating Stretto, the bankruptcy services platform for crypto lender Celsius and its creditors.
One user reported receiving three phishing emails claiming to be from Celsius on Sept. 18.
Others reported receiving fake emails with malicious links attempting to impersonate Stretto, the claims agent handling the bankruptcy case.
— Better World (@Scam_is_sinful) September 18, 2023
The fake website, which drops an ‘s’ from the genuine URL, pops up a connect wallet prompt which when connected allows the scammers to drain the crypto asset contents.
One analyst and business manager said that phishing attacks were likely to increase as the Celsius bankruptcy proceedings approach its final stages. He advised taking precautions and double-checking links.
I expect phishing attempts to only increase as the celsius ch.11 approaches what appears to be the final stages. Creditors will be eager to make any final last-minute changes or confirm any alleged distributions. Be extremely cautious, links are bad, and take precautions.
— Keith (@ChazzonKe) September 18, 2023
In mid-August Celsius was authorized to start sending out ballots to its customers for a vote on a proposed settlement plan. Scammers are using this to ramp up phishing attacks around the voting deadline.
According to Simon Dixon, CEO and co-founder of the online investment platform BnkToTheFuture, the final date for voting was Sept. 18 with the report scheduled for Sept. 20, and a confirmation hearing slated for Sept. 29.
Celsius intends to seek final court approval of its restructuring plan on Oct. 2.
The @BankToTheFuture Investment Banking team have been working on some models to help #Celsius Creditors vote on the disclosure statement that I’ll share on YouTube soon. For now our team has put together a timetable of important events leading up to plan conformation. pic.twitter.com/3dQduMAofP
— Simon Dixon (@SimonDixonTwitt) July 12, 2023
The phishing attacks appear to stem from previous data breaches, including a Celsius Network email server breach in April 2021 that resulted in user details being leaked, which led to malicious emails to those users.
The embattled crypto lender revealed more of its customer data had been leaked in another third-party data breach in July 2022 which led to another wave of phishing attacks.
Customers of the crypto lender have been waiting to be made whole ever since Celsius halted withdrawals in June 2022 after the collapse of the Terra/Luna ecosystem. The crypto lender filed for bankruptcy the following month.