The goal of a phishing scam is to spoof a real organisation’s online identity like an email, a URL or even a social media account to trick and manipulate users. Cybercriminals capture personal details, either by asking them to reset their password, divulging personal information of just clicking on a link. The popular form of Phishing scams in Cryptocurrency will try to impersonate popular wallets (Such as My Ether Wallet), or a major ICO that has just launched (such as Distric0x or Bancor).
Cryptocurrency-themed phishing emails
These attacks typically start with an email or a social media message which manipulate potential victims to send cryptocurrency to a wallet with the promise that more will be sent back. As scammers lay the social engineering groundwork, they will also develop fake Twitter accounts impersonating exchanges, developers, and celebrities to try to further prompt users to click.
SANS revealed a cryptocurrency-themed phishing email spoofing blockchain.info. It attempted to obtain login credentials for bitcoin or other cryptocurrency wallets. The content of the email was about “Ether Payment” asking users to view the details of the transaction on the blockchain, which has fake a URL.
If the users click on the fake link, they visit the fake landing page shown below.
Notice domain was blockpchain.info. There is the “p” letter between “block” and “chain”.
As the popularity around cryptocurrency has continued to increase in 2018, it has also been inviting scammers to launch cryptocurrency-themed phishing emails. Researchers at Proofpoint observed a sharp rise in these scams, which target users of Ethereum and Bitcoin and typically request that victims send a small amount of the currency in exchange for a much larger payout in the same cryptocurrency.
“This post is originally published at www.keepnetlabs.com”
Teknoloji Haberleri