Crypto security specialists have found another dangerous social engineering technique aimed at crypto company executives. Criminals are now hiring voice impersonators to trick potential victims.
GK8, a crypto custody solutions company, said that "a well-established, highly active threat actor" was recruiting "voice-based social engineering operatives" in order to attack senior executives at leading US-based crypto firms. The actor, identified in June 2025, was using an undisclosed "highly restricted underground forum" to find voice impersonators.
According to the custody firm, the criminal claimed on the forum that they had the personal phone numbers, emails, and home addresses of senior crypto industry executives, such as senior legal officers, engineers, financial controllers, and CTOs.
"To establish credibility, the actor included a sample list of five potential targets, all high-level executives at US crypto companies, with a minimum net worth of roughly $500,000," GK8 said.
In May and June, the threat actor started looking for a team of callers to trick executives and gain access to their companies' internal systems, wallets, customer data, and private keys to crypto assets. The criminal was looking specifically for native English speakers with American accents to conduct voice phishing, a.k.a. "vishing" attacks.
The authors of the report found that voice impersonators make from $15 per 20-minute call to over $20,000 per month, as they try to manipulate victims into revealing sensitive information or initiating unauthorized actions. To do so, they impersonate legitimate entities, ranging from banks and crypto services to government agencies.
Meanwhile, "vishers" use direct inward dialing numbers, VOIP, and SMS messages to contact their potential victims, while callers might also need to meet certain criteria depending on who they’re targeting. For example, according to GK8, it could be accent, gender, language, and availability.
The conversation on this topic is live. Join in the discussion.
"Some of the threat actors mention the victim’s level in their organization and the type of scam that they want to conduct, helping tailor the caller’s role accordingly," the report said, adding that criminals are actively seeking or selling datasets of "high-balance" and "high-net-worth" targets.
To protect oneself, GK8 suggested assuming that your personal information has already been exposed and implementing protective measures accordingly. Moreover, strengthening company confirmation algorithms, policies, and human firewalls, as well as keeping track of the latest tricks used by cybercriminals, might also help.
Your email address will not be published. Required fields are markedmarked