Deribit Warns of Fake Recruiters on LinkedIn in Latest Crypto Scam

Cryptocurrency options exchange Deribit has issued a warning about a scam involving fraudulent recruiters who are targeting job seekers through LinkedIn.

Deribit has reported an increase in scams where fraudsters are impersonating recruiters to deceive job seekers, specifically developers and senior professionals in the cryptocurrency industry.

In a post on March 19, Deribit's chief information security officer Anthony Sweeney revealed that the company has noticed a recent rise in "scammers posing as recruiters claiming to work for Deribit." He noted that these types of fraudulent tactics often appear in the crypto industry before spreading elsewhere.

According to Deribit, scammers create fake LinkedIn profiles, pretending to be talent scouts for the company. They post job advertisements for high-paying positions and reach out to potential candidates privately. Once they establish contact, they use various tactics to steal from the victims.

Deribit has outlined several tactics used in the scam, including requests for candidates to complete an "online assessment" that installs malware. In other instances, scammers offer fake jobs with "exclusive pre-hire perks" such as discounted company shares, only to steal the victim's money.

In some cases, scammers even arrange in-person meetings for a supposed contract signing, instructing candidates to "bring along your work laptop," a move that could suggest an attempt to access sensitive company data.

The exchange advises job seekers to exercise caution and verify job offers through official company channels. In January, global cybersecurity provider CrowdStrike identified a phishing campaign that exploited its recruitment emails to distribute malicious Monero mining software.

The Austin-based firm explained that the scam uses fake job offers to trick people into downloading an application that installs the XMRig miner on their system. CrowdStrike stated that the phishing emails impersonate its recruitment process, luring victims to a fake website. There, they are asked to download an "employee CRM application," which is actually a downloader for the cryptominer.