How to Protect Yourself from Impersonation Scams

🔍 What Happened?

“I was invited to a Zoom interview by someone claiming to be a recruiter from a well-known company. They even used a real employee’s name and photo from the company’s website. During the call, they asked me to install a remote access app and change some settings. Soon after, I noticed suspicious activity on my accounts. Did I just get scammed?”

✅ Is It Real?

Yes, this is a real and growing scam. A recent case involved attackers impersonating a CoinMarketCap journalist, using the person’s real name and photo to appear legitimate. Victims were invited to a Zoom “interview” and tricked into granting remote access, which allowed criminals to steal data, credentials, and even crypto wallets within minutes.

🛡️ How Can This Happen?

• Impersonation and Social Engineering: Scammers copy real employee profiles to look trustworthy. 
• Remote Access Abuse: Apps such as AnyDesk, TeamViewer, or QuickAssist allow attackers to take full control of a system. 
• Credential Theft: Once inside, they can harvest stored passwords, browser data, and two-factor authentication codes. 
• Crypto and Financial Targeting: Attackers often move quickly to drain wallets and compromise bank accounts. 

🧠 How Likely Is This?

These scams are becoming increasingly common because they exploit trust in familiar brands. While not every cold “recruiter” email is malicious, the moment someone asks for remote access, it is almost always a scam.

🛡️ How Can I Protect Myself?

• Act immediately if compromised by disconnecting from the internet, ending the call, and uninstalling any remote access apps. 
• Run malware scans with reputable security tools or reinstall your operating system if necessary. 
• Reset all important passwords from a clean device and enable two-factor authentication. 
• Move crypto funds to a new wallet created on a secure device with a fresh seed phrase. 
• Review account activity for suspicious logins and force logouts of unfamiliar sessions. 
• Notify the impersonated company, in this case CoinMarketCap, so they can investigate and warn others. 
• File a report with law enforcement or national cybercrime agencies such as the FBI IC3 in the United States or Action Fraud in the United Kingdom. 
• Report scams to consumer fraud agencies such as the FTC in the United States or Scamwatch in Australia. 
• Alert crypto exchanges or platforms if stolen assets may flow through their systems. 
• Place fraud alerts or credit freezes if identity documents were exposed. 
• You can also seek help from 911Cyber, which assists individuals in responding quickly to incidents and provides guidance on securing accounts and devices. 

📢 Key Takeaway
The CoinMarketCap journalist scam is a reminder that impersonation attacks are highly convincing. No legitimate recruiter or journalist will ask for remote access. Always verify independently, double-check domains, and act quickly if something feels wrong.