Deribit Warns Against Job Scams Using Fake Recruiter Profiles

Highlights:

• Deribit warns of scammers posing as recruiters to steal from crypto professionals.
• Fraudsters use fake job offers and malware to steal finances and sensitive company data.
• Crypto firms urge job seekers to verify recruiters through official channels to avoid scams.

Cryptocurrency exchange Deribit has recently warned about increasing fraud recruitment scams targeting job seekers through fake employment offers. The scammers specifically target developers and senior professionals who work within cryptocurrency domains. Anthony Sweeney, who serves as Deribit’s chief information security officer, has reported a rapid surge in bogus recruitment personnel who impersonate exchange employees.

⚠️ Scam Alert from Anthony Sweeney, CISO at Deribit

In recent weeks, we’ve noticed a surge in scammers posing as recruiters claiming to work for Deribit (and likely other well-known firms soon). The crypto industry often pioneers the latest fraud tactics, and this scam is no… pic.twitter.com/BHxGxhn2nS

— Deribit (@DeribitOfficial) March 19, 2025

Crypto-related scams are increasing and will likely expand their reach into other business sectors. The scammers establish their fake LinkedIn profiles to represent Deribit talent recruitment. Job advertisements on their website promise lucrative jobs before they reach out to candidates personally through private messaging. Once a victim is engaged, the scammers begin using different tactics designed to steal either personal information, company data, or funds.

Deribit outlined how these criminals are convincing victims to download malware disguised as an online assessment. In particular, they offer fake jobs that come with so-called exclusive pre-hire perks, such as discounted company shares. However, the actual goal is to access funds or sensitive data. The scammers also go as far as arranging in-person meetings, where they request candidates to bring their work laptops.

Deribit believes this may be a method to gain unauthorized access to confidential company information. In response to these threats, the crypto exchange urges all job seekers to be vigilant exercise caution and to always verify job offers through official company channels. They also advise candidates to closely examine recruiters’ LinkedIn profiles and make sure the profile they claim to represent has been linked.

Tactics Used to Access Funds and Data

In addition, other cybersecurity firms have also been able to trace similar scams. A global cybersecurity company, CrowdStrike, uncovered a phishing campaign distributing malware through fake recruitment emails. The phishing emails imitate CrowdStrike’s recruitment team and then dupe users into visiting a fake website. Job seekers there are prompted to download a fake employee CRM application, which will install a Monero cryptominer known as XMRig on the system.

Furthermore, blockchain security firm SlowMist has issued warnings to EOS token holders. Scammers are sending small EOS transactions from fake addresses that resemble those of real trading platforms. These transactions trick victims into sending funds directly to the scammers’ wallets.

🚨 SlowMist Security Alert 🚨

Beware of address poisoning attacks on #EOS!

Malicious accounts are sending 0.001 $EOS to users to poison addresses, such as:

fake: oktothemoon
real: okbtothemoon – @okx

fake: binanecleos
real: binancecleos – @binance

Stay vigilant and verify… pic.twitter.com/HQu2kgAL3E

— SlowMist (@SlowMist_Team) March 19, 2025

The job-related scams have been on a surge lately, and this shows that cybercriminals are devising a more sophisticated way of doing their business. In one of those cases, a prank job website masquerading as a record label scammed people of their crypto coins. More than $95,000 was also taken from unsuspecting job seekers in one week by another illegal website claiming links to Outlier Ventures.

Deribit and Experts Advise Increased Vigilance

The exchange recommends job seekers always check the legitimacy of recruiters even if their profiles seem to be authentic. According to Deribit, clients should contact the human resources department through official communication channels.

The crypto exchange has stated that criminals are now resorting to complex schemes to target the crypto space. Aside from job scams, fake meme coin projects have also emerged, including one masquerading as the chief executive of Hong Kong and trying to push a fake token.