As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

By Matthew Vulpis

In the last few weeks, Pax8, a global cloud marketplace for MSPs and the SMBs and enterprises they serve, noticed an uptick in compromised Azure and AWS accounts used for crypto mining. Urging their MSP partners to pay attention, especially during the holiday season when cybercriminals are more prevalent, Pax8 sent an email to its 25,000 MSPs cautioning, “Don’t let your guard down and stay alert.”

The email continued, “We want to remind you of the security guidelines for securing identities and workloads to monitor Azure cost management spending. If you choose not to follow these security guidelines, you are making it easier for malicious actors to succeed and could be at risk for substantial unauthorized charges accumulated by these bad actors.”

Pax8 recommends several steps for MSPs to take, starting with setting up Multi-Factor Authentication (MFA) on Microsoft Accounts, which makes those accounts more resistant to phishing and channel jacking, and cited an article posted by Microsoft on how to enable MFA.

Pax8 also pointed out that Cost Management Alerts can be set up to monitor Azure usage and spending. Cost alerts are automatically generated based on when Azure resources are consumed, and alerts show all active cost management and billing alerts in one place.


“When your consumption reaches a given threshold, alerts are generated by Cost Management,” Pax8 said, referencing another Microsoft article on how to use cost alerts to monitor usage and spending.

Finally, Pax8 suggests MSPs study customer security best practices and recommends that their partners open a support ticket in the Pax8 platform for additional help and guidance.

These threats have been growing throughout 2022, and not just impacting Azure accounts, but AWS and Google accounts as well.

For example, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini.

The U.S. Federal Trade Commission warned earlier this year that “Crypto has several features that are attractive to scammers, which may help to explain why the reported losses in 2021 were nearly sixty times what they were in 2018. There’s no bank or other centralized authority to flag suspicious transactions and attempt to stop fraud before it happens. Crypto transfers can’t be reversed – once the money’s gone, there’s no getting it back. And most people are still unfamiliar with how crypto works. These considerations are not unique to crypto transactions, but they all play into the hands of scammers.”




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Content Contributor

SHARE THIS ARTICLE
Related Articles

MSP Expo Sponsor Wildix Launches E-Learning Platform

By: Greg Tavarez    6/24/2024

MSP Expo sponsor Wildix launched its new e-learning platform designed to enhance training and certification processes for MSPs and system integrators.

Read More

Strategizing to Strengthen Asset Intelligence Capabilities, Courtesy of Sevco Security and GuidePoint Security Partnership

By: Alex Passett    6/24/2024

Last week, a new strategic reseller partnership was announced between Sevco Security and GuidePoint Security.

Read More

SUSE Launches Cloud Elevate Program

By: Stefania Viscusi    6/24/2024

SUSE announced a new SUSE One Cloud Elevate Program, designed to empower SUSE One partners to sell SUSE's open-source solutions more effectively.

Read More

What You Need to Know About KnowBe4's New PhishER Plus Threat Intel

By: Alex Passett    6/20/2024

Renowned phishing awareness company KnowBe4 is rolling out additional features for its PhishER Plus offering - PhishER Plus Threat Intel packs one hec…

Read More

DataStrike Acquires MiCORE, Creating SMB Data Infrastructure Powerhouse

By: Greg Tavarez    6/18/2024

DataStrike recently completed the acquisition of MiCORE in a transaction that will form a large MSP specializing in data infrastructure services for S…

Read More