As Bitcoin becomes more popular, so do phishing websites. A phishing website is a website that attempts to impersonate a company to gain information about it, or to steal money. One of the more popular methods of phishing is to make a fake website that looks identical to the real one with only a slightly different URL, and then have the user log in with their real credentials. The phishing site then remembers those credentials and logs in to the real website with that information. The phishing site now has full access to the fooled user’s account.
One of these phishing sites that became well-known in the Bitcoin community is the Blockchain.info impersonation. Essentially, when you Googled ‘blockchain.info’, an advertisement came up. It had the same information as the real Blockchain.info, including the title and URL. Heck, even the green URL below the title said ‘Blockchain.info’. This is a feature of Google AdWords: you can change what the URL of your site looks like when it’s shown as an advertisement on Google. Unsurprisingly, many people clicked on this advertisement, believing it to be the real Blockchain.info. However, this advertisement actually pointed towards a phishing site: http://blockchaln.info.gwyndara.com. Many users attempted to get Google to remove the advertisement for it and to let Google Chrome (a web browser) users know that it’s a phishing site. Their attempts usually worked within a few hours, and Chrome users would get a warning that the site is probably a phishing site – however, the phishing site would just change its subdomain from say, blockchaln.info.gwyndara.com to http-blockchain-info.gwyndara.com. (See more information on my reddit post about this topic). Once the owner of the phishing site runs out of ideas (or just a different person doing the same thing), they just use a totally new domain, like http://blockchain-info-wallet.trasteosbarranquilla.com. The real Blockchain.info is aware of this problem, and they tweeted about it:
— Blockchain.info (@blockchain) March 25, 2014
A recent phishing scam was a bit different – someone registered the domain cryptocoinznews.com, clearly trying to imitate this news site, cryptocoinsnews.com (CCN). The owner of the fake site created the email [email protected]znews.com, while the email of the director of the real CCN’s email is [email protected]snews.com. The fake CCN sent an email to one of CCN’s advertisers (99bitcoins), offering a new advertising option which costs one Bitcoin. Fortunately, Ofir, the person who they contacted from 99bitcoins, did not fall for the scam and discovered what was happening. CCN is taking action against the domain and domain owners.
This phishing attempt is likely the same person or group of people as the ones who made the fake email [email protected] and emailed people with a similar fake advertising offer. The CoinDesk impersonators also tried to scam Ofir of 99bitcoins, and he wrote an article about it. CoinDesk even has a page dedicated to impersonators and not falling for phishing scams.
So, protect yourself. Be careful before logging in with sensitive information, and be wary of emails asking you to buy something. I’m not saying don’t trust anyone, you need to have trust – just be cautious.
Featured image from Shutterstock.com. Screenshot of email courtesy of Ofir from 99Bitcoins.com