This post is also available in:
עברית (Hebrew)
A sophisticated social engineering method targeting the cryptocurrency industry has recently come to light, involving the use of professional voice impersonators to deceive high-ranking executives. Security researchers have identified a coordinated effort by cybercriminals to recruit native English speakers capable of mimicking trusted entities in real-time phone calls.
According to findings published by crypto custody provider GK8, a well-resourced threat actor began actively searching for voice-based social engineering operatives earlier this year. The recruitment efforts were observed on a restricted underground forum, where the actor claimed to hold detailed personal information—such as phone numbers, emails, and residential addresses—of senior personnel at several U.S.-based crypto firms.
The objective is to conduct “vishing” attacks (voice phishing) aimed at breaching corporate defenses. By impersonating internal staff or external service providers, the attackers seek to extract sensitive information, gain access to internal tools, or even manipulate executives into unknowingly compromising private keys and digital wallets.
What sets this campaign apart is the level of planning and customization involved. The threat actor reportedly shared a list of target profiles with net worths exceeding $500,000, and offered guidance on tailoring calls based on the victim’s role. Details such as gender, accent, and linguistic fluency were specified when recruiting callers, indicating a targeted, methodical approach.
According to GK8, the financial incentives for participants vary significantly – ranging from $15 for a single short call to tens of thousands of dollars per month for more experienced impersonators. Tools used in these operations include VOIP systems, spoofed numbers, and automated SMS services to build credibility before the call even begins.
This development highlights a growing convergence of traditional fraud techniques with more modern, cyber-enabled tactics. As attackers move beyond email phishing into more personalized deception strategies, organizations are being urged to revise verification procedures and train staff to recognize voice-based manipulation attempts.
Experts recommend that firms adopt the mindset that key personal data is already compromised, and adjust their internal security protocols accordingly. Enhanced identity verification for phone-based requests, cross-channel confirmation policies, and updated employee awareness training are seen as critical defenses against this evolving threat.
