A scammer wearing a rubber mask impersonated a Kraken user for video authentication, but failed to hijack his account
Kraken recently said it had unsuccessfully detected scammers wearing Halloween-style rubber masks trying to deceive staff. It is understood that when users try to regain access to their Kraken account, they may be asked to make a video call with a support agent to prove their identity.
The attacker showed red flags during the first round of checks, such as failing to name the assets held by the account. These signals caused the agent in charge to request a video call to grant access to the account. During the call, Kraken staff asked questions and checked the person's ID, at which stage the attacker exposed the suspicious situation.
Nick Percoco, Kraken's chief security officer, said that some exchanges do not pay as much attention to detail as Kraken requires of its team, and some companies support outsourcing, which is more prone to problems.