As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

By Matthew Vulpis

In the last few weeks, Pax8, a global cloud marketplace for MSPs and the SMBs and enterprises they serve, noticed an uptick in compromised Azure and AWS accounts used for crypto mining. Urging their MSP partners to pay attention, especially during the holiday season when cybercriminals are more prevalent, Pax8 sent an email to its 25,000 MSPs cautioning, “Don’t let your guard down and stay alert.”

The email continued, “We want to remind you of the security guidelines for securing identities and workloads to monitor Azure cost management spending. If you choose not to follow these security guidelines, you are making it easier for malicious actors to succeed and could be at risk for substantial unauthorized charges accumulated by these bad actors.”

Pax8 recommends several steps for MSPs to take, starting with setting up Multi-Factor Authentication (MFA) on Microsoft Accounts, which makes those accounts more resistant to phishing and channel jacking, and cited an article posted by Microsoft on how to enable MFA.

Pax8 also pointed out that Cost Management Alerts can be set up to monitor Azure usage and spending. Cost alerts are automatically generated based on when Azure resources are consumed, and alerts show all active cost management and billing alerts in one place.


“When your consumption reaches a given threshold, alerts are generated by Cost Management,” Pax8 said, referencing another Microsoft article on how to use cost alerts to monitor usage and spending.

Finally, Pax8 suggests MSPs study customer security best practices and recommends that their partners open a support ticket in the Pax8 platform for additional help and guidance.

These threats have been growing throughout 2022, and not just impacting Azure accounts, but AWS and Google accounts as well.

For example, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini.

The U.S. Federal Trade Commission warned earlier this year that “Crypto has several features that are attractive to scammers, which may help to explain why the reported losses in 2021 were nearly sixty times what they were in 2018. There’s no bank or other centralized authority to flag suspicious transactions and attempt to stop fraud before it happens. Crypto transfers can’t be reversed – once the money’s gone, there’s no getting it back. And most people are still unfamiliar with how crypto works. These considerations are not unique to crypto transactions, but they all play into the hands of scammers.”




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Content Contributor

SHARE THIS ARTICLE
Related Articles

Real Estate Forecast 2025: Emerging Developments and Market Shifts

By: Contributing Writer    7/1/2025

Buying or selling property can be challenging. Rising mortgage rates and fluctuating home prices leave many uncertain about their next move. Business …

Read More

Protecting Business Assets with Smarter Security Frameworks

By: Contributing Writer    7/1/2025

Protecting your business is more challenging than ever. Cyber threats are increasing every day. Hackers target small and large businesses alike, searc…

Read More

Reimagining Public Transportation in the Era of Smart Mobility

By: Contributing Writer    7/1/2025

Public transportation can be frustrating. Buses stuck in traffic, late trains, and hard-to-navigate systems often leave people stressed or stranded. M…

Read More

SonicWall Powers Secure Access for Missouri MSP, Improving Cybersecurity and Network Access for Clients

By: Erik Linask    6/27/2025

With SonicWall, Stronghold Data delivers a modern, secure remote access solution that ensures access to networks and resources and improves cybersecur…

Read More

Guardz Unleashes AI-Driven ITDR to Combat Escalating Identity-Based Threats

By: Erik Linask    6/26/2025

The launch of Identity Threat Detection and Response (ITDR) gives MSPs the tools to defend SMBs against increasingly sophisticated attacks targeting u…

Read More