Cisco has revealed one of crypto’s most successful phishing operations, COINHOARDER, among a number of other groups originating from Ukraine, as having profited nearly $50 million over the course of 3 years. With even $2 million being stolen within 4 weeks at one time, it has become apparent that these scams are much more successful in recent time.
A number of scams have launched their own advertising campaigns on Google to have their fake sites pushed to the top of search results. One such victim remains Blockchain.info. The legitimate bitcoin wallet site has a number of copycats set up to steal user data and gain access into your wallets.
“The campaign was very simple and after initial setup the attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” they wrote. “This campaign targeted specific geographic regions and allowed the attackers to amass millions in revenue through the theft of cryptocurrency from victims. This campaign demonstrates just how lucrative these sorts of malicious attacks can be for cybercriminals.”
You can take a few simple solutions to avoid falling victim to these larger phishing scams. Initially advice was given to look for a security icon when visiting a wallet page or blockchain.info. However with the price of security certificates much lower many criminals can easily purchase one to look authentic. By clicking the security icon you can easily confirm the true identity of the website as the domain name is verified by a third party.
Furthermore, you can also avoid clicking suspicious links sent via email. By typing the entire URL into the address bar you can be assured that you are navigating to a bonafide site. To check the authenticity of email messages you receive, you can simply view the original message using the option available on Gmail. This will allow you to view if the email originated from the shown address, and allow you to see where the links included, actually refer you to. This remains the method of choice for more experienced IT users.
To conclude, bitcoin phishing scams have become larger and more sophisticated as criminals believe bitcoin thefts are easy money. Due to the nature of crypto itself, once a theft has been committed there is no chance of recovering stolen assets except if you are reimbursed by a exchange or wallet provider at their own discretion. While criminals hide behind the anonymity that crypto provides, simple precautions taken by users can essentially make you almost immune to phishing scams while allowing you freedom to invest and use crypto as you wish.