There are a lot of phishing attempts and scams in the crypto community lately. Hackers use emails, websites, chat-apps, a combination of all of these and more.
Let’s take a closer look at how the attackers manage to steal your funds and what you can do to protect your funds and data.
Phishing emails aren’t anything new in the digital world. Below is an example of a phishing e-mail sent using Facebook Company name. The purpose of this e-mail was to steal somebody’s identity on Facebook. There are a couple things highlighted that are considered red flags and can help you identify a phishing email.
For the sake of explaining let’s say that we received this e-mail and believed that the story (unusual Copyrights activity) is true. Then we click the link which takes us to a page that looks exactly like the Facebook login page but isn’t actually a property of Facebook. Inputting our login information doesn’t actually log us in but runs a script that sends login information to the true owner of the page (a scammer). Now they own your Facebook identity.
Attackers are getting more creative every day and sometimes it is extremely hard not to believe the story they present to you in an email. It is the same in the cryptocurrencies world. Below is an example of a phishing scam email received.
Off course it seems tempting to add free ETH to your existing holdings but in this case, this would be a big mistake. Clicking a link inside this e-mail takes you to a page that looks exactly like /www.myetherwallet.com/ but like in the example of the Facebook page above, it’s not. Inputting your address and private key doesn’t actually log you into your wallet but runs the script that sends your login data to a scammer. They can then login into your true MEW account and send the funds to their desired address.
This is also very common and nothing new in the digital world. Hackers use phishing websites to gain passwords, credit card numbers, security codes and so on. Most common way of arriving onto the phishing site is via Google Search or Direct link. The phishing website looks identical to the real website and it’s hard to tell when a certain website is designed to steal your data. When users input their data into a login form or any other form for that matter on this kind of website, a script is run which send this information to a scammer. They now have your login information and can do whatever they want with them.
The most important thing you can do to protect yourself from this kind of information theft is to always check the URL before inputting sensitive information like password or credit card number. Phishing URLs will have a missing or an additional letter in the URL (ww.myettherwallet.com, ww.mytherwallet.com) Both URLs are with 2 Ws on purpose so you don’t click on these links. Phishing websites can also have completely different URLs or different endings (.net, .co, .at…) than the original ones.
Always check the URL and Bookmark the original page to avoid google search phishing sites.
The example below is the “fake” OmiseGo Airdrop (giveaway of the coins to holders of ETH on a certain day.) Airdrop is not a scam by itself but is being used as one rather common lately.
This one was sent via email through the official Slack channel of OmiseGo. This e-mail included a direct link that leads to a page looking exactly like the real OmiseGo website. The biggest red flag, in this case, is the Enter Your Private Key form. Never ever input your private key onto some website (unless it’s an online wallet and you are sure it is the original site). Another giveaway was the URL that was completely off.
Whenever you come across an airdrop or something similar always check the news around it on an official website, social media accounts of the team behind the cryptocurrency. Most of the time these announcements are fake. Check Reddit on official SubReddits, to see if anyone already pointed out the scam and use common sense. There is absolutely no need for private keys in order to execute an airdrop.
Slack is a cloud-based chatting software/app. Companies and Teams behind cryptocurrencies use this app to communicate with existing and potential investors.
Lately, cryptocurrencies and wallet provider’s official channels are being exploited for phishing attempts like the one shown below.
This is an email received from the official Slack channel of MyEtherWallet. It is another perfect example of a scam. The link inside this message takes you to a phishing website and the process is the same as described earlier. Slack scams and phishing attempts are becoming so common these past months that I would advise you not to use Slack at all at the moment.
5 TIPS TO AVOID PHISHING
Always write the link manually or use bookmarks to arrive at the login page.
Never click links connected to crypto currencies (accounts, safety updates, airdrops, forks…) inside emails or chat apps. If you click a link and then see they require information about your account, do not input anything. Just close the window.
Always double-check the URL before inputting any sensitive information or logging into a service.
Never input your Private Key anywhere else then your wallets official webpage. (Again – double check URL).
Always use common sense – if you’re being offered something for free just assume It’s a scam and double check everything written above.