Typos in web domains can be a lucrative market for scammers. According to an article in The Washington Post (WSJ), a Brazilian spent more than US$ 55 thousand (about BRL 1.1 thousand, at the current price) in Bitcoin between November 2020 and February of this year, to buy internet addresses that resemble those of digital brokers (or exchanges) of cryptocurrencies.
- NFTs Market fixes the flaw that allowed the theft of cryptocurrencies
- Scam cryptocurrency theft cheats iPhone dating app users
- Company system failure distributes more than US$ 90 millions in cryptoactives
Second the article, the addresses wwwblockchain.com, hlockchain.com and blpckchain.com, with similarities to the exchange Blockchain.com, and conibase.com, with similarities to the exchange Coinbase.com, were acquired by a Brazilian – his identity was not has been revealed. The report states that the likely reason is to deceive users into thinking that this is the official page of the cryptocurrency broker, inducing victims to enter the access credentials of their digital wallets, configuring attempts to phishing. This information was made available from a data leak by Epik, a North American internet domain registration platform.
Phishing is the name given to cyber crimes that try to deceive victims from Fake websites and applications that pass as official pages of famous companies or people, keeping the same characteristics as the original ones, with small changes, such as changing a letter in the address used for access.
Want to catch up on the best tech news of the day? Access and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news from the tech world to you!
According to the WSJ report, shortly after the leak, if the addresses with small modifications of typing access were accessed, copies of the official pages of Blockchain.com and Coinbase.com were displayed, inviting visitors to enter their credentials on the sites.
Zack Allen, cybersecurity specialist at ZeroFox, says he is surprised with the amounts paid by the Brazilian to buy the domains, since the normal price of an address ending in .com costs just over US$ 09 ( about R$ 55, at the current price) per year. The high price of URL’s indicates that Epik saw them as having great financial potential.
For Stony Brook University computer science professor Nick Nikiforakis, in an interview with TWJ, these domains present huge opportunities for their owners to steal credentials from inattentive visitors. And, in the case that the theft actually happens, Nikiforakis says that the victims have no way of recourse, since they are digital cryptocurrency wallets, where all security is done on who has the access information — making this a good scam. profitable for criminals.
Phishing scams on exchanges
It is not known whether the Brazilian still owns the domains of the addresses mentioned in the Epik data leak, but both Coinbase and Blockchain.com claim that they do not own the addresses conibase.com, wwwblockchain.com, hlockchain.com or blpckchain.com.
Blockchain.com head of communications, Brooks Wallace, sent the following statement to the WSJ:
We take the security of our millions of global users very seriously and remove hundreds of phishing campaigns per month and regularly educate our customers about digital security risks . We also carry out monitoring 90 hours a day, 7 days a week of the activities performed on our platform.
The wwwblockchain.com address returns this message if it is currently accessed. (Image: Screenshot/Dácio Augusto/Canaltech)
Both Coinbase and Blockchain.com have requested that domains that mimic their sites be removed and as determined by Canaltech, all of them, when accessed this Thursday (14), returned an unavailable page message.
Until the publication of this article, it is still unknown whether these scams Phishing from fake domains victimized exchanges users, but it is known that this type of fraud, carried out by other means, is nothing new in the world of cryptocurrencies.
In September, Coinbase announced that 6,000 of its customers have had cryptocurrencies stolen through a phishing attack. According to the company, the scammers took advantage of a flaw in the platform’s two-factor authentication system. Shortly thereafter, the exchange claimed to have reimbursed its users, but did not reveal the full amount of damage suffered.
Source: Beincrypto, The Washington Post
Did you like this article?
Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.