Betterment Users Are Being Targeted in This Crypto Scam

by
Emily Long
from Lifehacker on (#72TKN)
Story Image

Customers of automated investment platform Betterment are being targeted with a cryptocurrency rewards scam following a data breach that allowed threat actors to obtain some user data and send fake emails promising huge returns on Bitcoin and Ethereum deposits.

According to a Jan. 12 security update posted on Betterment's website (and sent to users via email), hackers gained unauthorized access on Jan. 9 to a third-party platform used for marketing and operations. Following the breach, they sent fraudulent messages to some customers with offers to triple crypto investments.

Betterment crypto rewards scam

The scam emails were sent to Betterment users on Jan. 9, soon after the data breach, with subject lines like "We'll triple your crypto!" The message inside claimed that Betterment was "giving back" for a limited time and tripling Bitcoin and Ethereum deposits as large as $750,000 to specified wallets. Threat actors tried to create a sense of urgency with an expiration deadline for the promotion (a typical scam tactic).

The messages came from support@e.betterment.com, which is a legitimate Betterment subdomain, allowing them to appear verified in users' inboxes. Note that this is the same email address Betterment used to send the security update to all of its customers.

A nearly identical crypto scheme targeted Grubhub users in December with emails-also sent from a real Grubhub subdomain-promoting a 10x return on $1,000 in deposited bitcoin.

Betterment data hacked

Cybercriminals were able to steal some customer information from the compromised system, including names, email addresses, mailing addresses, phone numbers, and dates of birth. Betterment has said that no passwords or credentials were included in the breach, nor did threat actors gain access to user accounts. While few official details have been published, the company is reportedly being extorted as the target of the distributed denial-of-service (DDoS) attack.

If you're a Betterment customer, be wary of any unsolicited communication in the coming days and weeks about your account. Scammers will use events like this as a phishing opportunity. Know that Betterment (and other legitimate companies) will not request your password or other personal information via email, text, or phone call. If you are concerned about your account or want to update your credentials or other data, go directly to the website or app and do so there-this is generally safer than clicking links in communication, even if messages from Betterment are (or seem) legitimate.

External Content
Source RSS or Atom Feed
Feed Location http://lifehacker.com/rss
Feed Title Lifehacker
Feed Link https://lifehacker.com/feed/rss
Feed Copyright Copyright 2026 Ziff Davis, LLC. All Rights Reserved.
Reply 0 comments