Reminder to Customers – Social Engineering Scams

In light of recent news of criminals using social engineering attacks to steal cryptocurrency, Bakkt would like to remind customers of the threat and how to avoid these scams. Customers should be on the lookout for anyone trying to gain access to their accounts or cryptocurrency and verify who they are before sharing personal information. 

Social engineering is a tactic used by criminals to gain their victim's trust to take certain actions that would either let the criminal have access to accounts or to send assets to the criminal. Victims often don’t realize they have given away protected information until it is too late. Unlike hacking attacks that try to break into a victim’s account, social engineering attacks rely on gaining the victim’s trust to either give away personal information or to send assets to the criminal. Criminals may pose as customer support representatives or offer an investment that sounds too good to be true. Some criminals also pose as potential romantic partners. 

Bakkt’s customers can protect themselves and their cryptocurrency by taking the following steps: 

• Never provide confidential or personal information to anyone who calls you on the phone. Criminals can fake the phone number they are calling from to look like it comes from a legitimate company. 

• Use 2-step verification codes or systems where they are available and do not share these codes with anyone posing as customer support. 

• Never give support staff remote access to your computer as this gives them access to all passwords and accounts that you have used on that machine. 

• If you plan on transferring cryptocurrency to an external wallet, confirm that you have the correct address and consider a small test transaction. Do not transfer any cryptocurrency at the direction of anyone claiming to be a customer support agent. Bakkt customer support will never ask you to transfer cryptocurrency to any external address. 

Bakkt is committed to consumer protection and combatting fraud. Cryptocurrencies, virtual currencies and digital assets are commonly targeted by hackers and criminals who commit fraud, especially through social media platforms. Bakkt and its employees will never contact you through social media platforms. If you believe you are a victim of fraud, please contact us at help@bakkt.com  or +1 (800) 322-1719.

Bakkt will never reach out to you via text message, WhatsApp, Facebook, Instagram, Twitter, Telegram, Discord or other social media channels or messaging services. Bakkt will only contact you via email. The only website affiliated with Bakkt is https://bakkt.com. Customers may only open and access an account through Bakkt’s official client partners. 

A list of other risk disclosures can be found on Bakkt’s website - Licenses Disclosures 

For more information: 

• https://consumer.ftc.gov/articles/what-know-about-cryptocurrency-and-scams 
• https://www.sec.gov/oiea/investor-alerts-and-bulletins/social-media-and-investment-fraud-investor-alert