As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

By Matthew Vulpis

In the last few weeks, Pax8, a global cloud marketplace for MSPs and the SMBs and enterprises they serve, noticed an uptick in compromised Azure and AWS accounts used for crypto mining. Urging their MSP partners to pay attention, especially during the holiday season when cybercriminals are more prevalent, Pax8 sent an email to its 25,000 MSPs cautioning, “Don’t let your guard down and stay alert.”

The email continued, “We want to remind you of the security guidelines for securing identities and workloads to monitor Azure cost management spending. If you choose not to follow these security guidelines, you are making it easier for malicious actors to succeed and could be at risk for substantial unauthorized charges accumulated by these bad actors.”

Pax8 recommends several steps for MSPs to take, starting with setting up Multi-Factor Authentication (MFA) on Microsoft Accounts, which makes those accounts more resistant to phishing and channel jacking, and cited an article posted by Microsoft on how to enable MFA.

Pax8 also pointed out that Cost Management Alerts can be set up to monitor Azure usage and spending. Cost alerts are automatically generated based on when Azure resources are consumed, and alerts show all active cost management and billing alerts in one place.


“When your consumption reaches a given threshold, alerts are generated by Cost Management,” Pax8 said, referencing another Microsoft article on how to use cost alerts to monitor usage and spending.

Finally, Pax8 suggests MSPs study customer security best practices and recommends that their partners open a support ticket in the Pax8 platform for additional help and guidance.

These threats have been growing throughout 2022, and not just impacting Azure accounts, but AWS and Google accounts as well.

For example, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini.

The U.S. Federal Trade Commission warned earlier this year that “Crypto has several features that are attractive to scammers, which may help to explain why the reported losses in 2021 were nearly sixty times what they were in 2018. There’s no bank or other centralized authority to flag suspicious transactions and attempt to stop fraud before it happens. Crypto transfers can’t be reversed – once the money’s gone, there’s no getting it back. And most people are still unfamiliar with how crypto works. These considerations are not unique to crypto transactions, but they all play into the hands of scammers.”




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Content Contributor

SHARE THIS ARTICLE
Related Articles

Kong's New Dedicated Cloud Gateways: Fully Managed for Optimal Efficiency

By: Greg Tavarez    10/3/2023

Kong introduced Kong Konnect Dedicated Cloud Gateways, which offers a straightforward and budget-friendly approach to deploying Kong Gateways in the c…

Read More

Kterio and eSentire Team Up to Protect Critical Infrastructure from Cyber Threats

By: Greg Tavarez    9/29/2023

Combined, eSentire and Kterio are positioned to deliver a 24/7 full-scale solution to support teams in charge of critical infrastructure firms.

Read More

GoSecure Signs on as a Silver Sponsor for MSP Expo 2024, Part of the #TECHSUPERSHOW

By: TMCnet News    9/29/2023

Leading Communications and Technology Event Returns to Florida for the 24th Consecutive Year.

Read More

Gaichu Managed Services and Overwatch by High Wire Networks Bring Advanced Cybersecurity Solutions to US

By: Greg Tavarez    9/28/2023

Gaichu Managed Services is bringing 24/7 monitoring and rapid response capabilities to SMBs through a partnership with High Wire Networks' Overwatch M…

Read More

Stamus Networks Expands Reach Through Ayscom Reseller Pact

By: Greg Tavarez    9/28/2023

Stamus Networks expanded its reach to Spain and Portugal through a reseller agreement with Ayscom.

Read More