Bitcoin Forum

This is all about phishing activity ready reference for anyone who like to learn about how phishing activities were being done. This is not only all about cryptocurrency but other financial institutions as well like bank accounts, credit cards and etc. I have made a quick search on why phishing activity were became successful and how much losses it made from the organizations and individuals that were became a victim of phishing.

Why these kinds of activity exist?

In my own opinion phishing is one of the profitable business in the internet. It will only cost you little $ and big profits waits depending on the methods and technique in phishing being done. This is why there is a sudden increase of phishing activities that rampant here in this section of the forum.

How did it exist?

The shared information of these phishing activities here in this section made me wonder what trigger these activities and how it did came successful to scam other people. As I continue the quick search on why it was so easy for them to conduct or make phishing activities. And here were the following reasons for the increase in phishing activity I read.

Reasons for the increase in Phishing Activities

Universal man-in-the-middle phishing kit - A tool that could create a sophisticated phishing site which is sold in underground market for about 1000$. According to RSA security that the kit could allow access to almost any web sites to be configured for phishing. It added that using the kit the researchers were able to create a fraudulent URL via a simple and user friendly user interface to which hacker novice can create a sophisticated phishing attack.

https://i.imgur.com/Tppd8CW.png


Lax password requirements - Not all the websites or online apps requires strict password like they allow passwords that are simple and easy to guess like username john123 and pass john123.

https://i.imgur.com/5Du4yoF.jpg


Fake giveaways - It could be easier to detect the common fake giveaways. Usually the common victims of these are from those social media like facebook, instagram, youtube and tweeter.  However, it could be easy to spot like having a newly created account, using famous logo or brand name, stealing images, the account had no recent activity or does not have that much numbers of followers and the giveaway asks you to complete too many tasks.

https://i.imgur.com/6MsIa9J.png


Key-logging software - sometimes referred to as keylogging or keyboard capturing, from the name itself simply shows capturing keyboard strokes from the user’s keyboard and store it in a small file which will then later on send to the hackers email or save it for viewing later. This is done by which person using the keyboard is completely unaware that their actions are being monitored.

https://i.imgur.com/4ujmp4I.jpg


High return Investment Scheme - “ The return on investment in phishing is phenomenal” this according to Lohman(2006). High yield investment programs (HYIPs) are usually an investment that promise unreasonably high returns. This is done by invites where new investor paid old investors and consider it as profits. HYIP operators uses social media including facebook, twitter, youtube and instagram to appeal on their victims and create the illusion of social consensus surrounding the legitimacy of these programs.

https://i.imgur.com/NilT9VO.jpg


Therefore we can expect that with the volume of targeted victims it can earn huge of this fraudulent activity which is phishing that made me wonder I too should start my own Phishing business. LOL

These phishing activities had been effective due to applied methods. These methods were became known after some reports noted in the news on how the victims were able to get phished out of their accounts (banks and financial institutions specifically). This methods were being mention by ITU(2005) and Chawki(2006).


Methods of Phishing

Dragnet Method - This method involves the use of spammed emails, bearing falsified corporate identification (e.g Trademarks, logos, and corporate names), that are addressed to a large class of people (e.g., customers of a particular financial institution or members of a particular auction site) to websites or pop-up windows where they are requested to enter bank or credit card account data or other personal data.

Rod-and-Reel method – This method targets prospective victims and conveys false information to them that could lead them to disclose their personal and financial data. For example, online items that are available and are cheaper to which the victims were looking for and upon visiting the webpage then the victims were then ask to disclose personal information including financial aspect to proceed with the transaction.

Lobsterpot Method - This method focuses upon the use of fake sites(imitating sites). This is usually done by a phisher placing deceptiveURL address/links to a scam website. Once the victim is into this fake site then the victim might send personal details or financial access of the victims account.

Gillnet Phishing - In gillnet Phishing, phishers introduce malicious code into emails and websites. They can, for example misuse browser functionality by injecting hostile content into another site’s pop – up window. Merely by opening a particular email, or browsing a particular website, Internet users may have a Trojan horse introduced into their systems.

How Phishing is accomplished?

https://i.imgur.com/Q6ISTQz.jpg


Here is an example of 2004-2007 statistics on phishing activities.

Statistics of Phishing with respect to non banking institutions

https://i.imgur.com/gKukZzL.png


Top list of phishing email reports

https://i.imgur.com/HStQo95.png


Top Phishing sites hosting countries

https://i.imgur.com/Zsr3PsV.png


Top brands affected by phising during 2003, 2004, 2006 & 2007

https://i.imgur.com/Zsr3PsV.png


Related Articles:


The phishing activities clearly resembles huge losses to the organizations or individulas. This is why in cryptocurrency where these activities are present we should tend to be more careful. This is why I made this posts for you ready reference about phishing acticity. The information above are from the following references listed below. All of it were done in a quick search using google and the internet.

Resources :
 https://www.itproportal.com/2007/01/10/universal-maninthemiddle-phishing-kit-discovered/
https://en.m.wikipedia.org/wiki/keystroke_logging
https://www.ques10.com/p/49373/methods-of-phishing-1/
https://www.easypromosapp.com/blog/en/2019/09/fake-instagram-giveaways/
https://www.investopedia.com/terms/h/high-yield-investment-program.asp
Google pictures/internet

[LEARN] Phishing Quizzes - Beginners & Experts (https://bitcointalk.org/index.php?topic=5178375.0)
What to do to avoid phishing sites (https://bitcointalk.org/index.php?topic=5171134.0)
Punycode and how to protect yourself from Homograph Phishing attacks? (https://bitcointalk.org/index.php?topic=5184169.0)

You can participate in the phishing quizzes and get merit if your result is good.

This is a good article, but I want to first emphaze little more about malware, there are many types with different functions. The viruses are rear but can collapse devices, which makes them deadly, the worms can spread like the virus and can be used in phishing attacks, there are some bugs that can steal authentication codes, many hackers used it to reveal datas on victims devices that download an app they intended for phishing attack, there is another malware called bots, many bots leads to botnents which are used in denial of service attack, the keyloggers are spyware which spy the activities of victim on their devices. There are main two other ones I have not even mentioned which are used in stealing information from victims computers, they can be used to know anything saved on the device that is related to wallet, exchange accounts, banking details and other such information, they can also be used to reveal two factor authentication codes. They are trojan horse and rootkits. Hackers are now using this malware in phishing that can result to more malware that can be installed on computers, leading to severe losses like stealing of bitcoin and other cryptocurrencies from wallets and exchange accounts, also steal of money from banks.

That is why it is said to be good to avoid this deadly malware by practicing safe browsing. Like me, I do not use my wallet device for social activities, I do not even use it to browse, I used it online only for wallet, exchange and banking purposes.

About the issue of fake giveaways, we have to be careful. Recently, there are even celebrities social media accounts that were hacked with the use of malware, using the celebrities accounts to lure people into fake giveaways, anyone can fall victim. That is why it is good to neglect many of these giveaways that seem to be false than true.

We should be careful of the site we visit, be careful on social media, and we should avoid clicking on links and ads we do not authorize for, also on email messages.

I had tried taking up the first quiz and it is a little bit difficult and confusing. I got low score but I am eager to try the next quiz. This is an additional information of phishing sites that may be going to encounter one day. I just have to learn the different domain extensions or probably will make a quick search to check if it is legit or  not by checking the domain extensions. Anyway, that was fun experience for me. BTW, thanks for the share.

I see a lot of phishing activities reported here in the forum. I think it may be best to share what really are phishing is all about and how it could be avoided. There should be a way of distinction between a legit and a scam website in  their domain extension. However, I know it is difficult to distinguish those sophistcated fake sites that usually one of the successful way of phishing financial related accounts. But still if you could manage to tell us here then that might be really helpful OP. I hope you can do something about it?

Looks like crypto users became the main target of scammers and with all these tools sold on the dark web it's not that hard to set up a phishing website.
You don't have to be a hacker or have any technical knowledge.
Lobsterpot Method, I think this is the most used method by phishers when targeting crypto users. Almost every known exchange or web wallet have hundreds of fake clones.
I don't think key-loggers fall under the phishing category though.

I thought the OP was going to expand later on to see include some more up-to-date statistics on phishing. The statistics presented are pretty old, and although the pretend some preliminary context, the numbers must be pretty far from nowadays reality. It would be interesting if you search around for something more 2020’s, such as:

By the way, just a reminder included in the above reference:

Of all the phishing techniques mentioned, the key-Key-logging software technique just might be the most ignorant and also very effective one. Especially amongst those with a particular need to beautify their keyboards.
It's like in the movies when the thumb print of an officer is gotten by placing a white tap over the scanner or the CIA extracting a printing by publishing the touched surfaces with some little dust. Never thought of correlating the scheme with keyboards and we've got a lot of cute emoji keyboards over the web which we know nothing of it's source.
How a lot can be destroyed by mare looking to beautify your keyboard. Never thought of it even once!

This is one good article you have here. I am realy having hard time looking for new statistics targeting cryptocurrency but due to the fact that reports could probably not accurate or if there are reports no record wss being accomplished by the authority which make it even harder to look for it just using the google search engine. Anyway, my purpose is only to aware users regarding on ghe inrease of phishing activities and how it was done(methodology). Anyway, thanks for showing the article it would be that great to include in the post.

Some of them are free and usually that clickbait on some social media is using some of these tools to hack the account of noob users. Most of the users fell into this trap before but most of these tools are now blocked in Facebook. But as the OP stated, more kinds of phishing will be created and we must all aware about how this kind of thing works. no matter how complex our passwords are, if we fell to their trap they are one step ahead to stole our accounts. That's why using some authenticators will also help us because even though they got our passwords, they need to have a second method to access to our accounts which is next to impossible.

One form of phishing I saw just today, on a relative’s phone, was through an SMS asan entry point: The recipient received an SMS stating that a certain delivery was due, but required the payment of just under 2€ to be fulfilled by the courier. The SMS included a link to a website, which asked for your credit card information in order to pay for the courier’s fee. Of course, why not, while being at it, the phishing site also asked for your credit card’s pin number. Anyone gullible enough will probably get to see at some point in the future that, filling-out the form, may have led to his credit card being duplicated and used unlawfully.

This is very much another page in their book of scam schemes. Though, you never did state if your said relative was victimized or not but then, the question that rolled up my thought upon reading your comment was:
1. Was your relative expecting any shipment? If yes,
2. Isn't there an official site to the based organization for
   delivery and perhaps, is that how it's done with that company or perhaps, it's your relatives first time ordering a stuff with that organization.
For me, on the matter of delivery on a shipment, it's always going to be pay after service though, the fee was quite low in this case.
One course of wonder for me is, how they often acquire all their potential victim cell phone numbers. I'm guessing telegram group chart can provide that right...

No, my relative did not fall for it – probably wouldn’t have on his/her own, but was prudent enough to resend me the SMS to check it.
The phishing scheme (smishing really) uses as bait one of the top couriers, and since my relative is a heavy online buyer, even if experienced, it seemed remotely feasible (coincidently, my relative is waiting for a package that has been delayed for some unknown reason, although the courier was not the same one).

Since there are many people making online purchases, and the courier is one of the biggest, it is possible to do a blind SMS (i.e. not targeted) smishing campaign, and chances are that a non-depreciable percentage of recipients do online shopping and get deliveries through that courier at some point.

I’ve checked for similar events, and there is a whole array of similar cases, with variable messages, but a similar modus-operandi. I haven’t managed to discern if they narrow down their list of potential targets - all it takes is one online store to leak the data and there’s a narrowed down potential and feasible target list.

I've seen this phishing also being posted in social media and it got trending in my country. They will call you as if it's a legit call from the bank or any service they pretend to be and after believing that they are real and you have provided important details that you shouldn't be, within split seconds you'll only notice that you've been faked.

Well, out of negligence and lack of knowledge about these frauds, phishing and scams. I feel bad for the victims even though it's been in the media and being reminded by the bank for several times that they'll never ask for important details.

It will still fall to dragnet method of phishing but in this case using sms instead of email which is very crucial becaus sms could reach instantly to the user compared to email.

It is important to know the basic in phishing because these are the ways how phishing is done and if user know the basics of phishing or its methodology then there is no reason for a user to get phished out.

Well, I hope my post was useful to other users here as well.

A friend of mine recently got scammed by a phishing through sms too, The SMS indicates that there is someone who deposited in his bank account and log-in to the link given through the SMS, and it seems legit knowing that the site and the name of the sender has the name of the account and when he log-in into the site using his bank account, the scammer immediately order in an online shop using his bank account and completely clean his balance. I would also fall for these petty tricks knowing that it's urgent to complete the task too.

I have experienced the same thing about this, but this is an online store account that has a balance when I wake up receiving a notification about entering with a certain IP and that notification via SMS I am shocked and after I check my balance because hackers have spent it with my balance then I rushed and opened it, it turned out that it was true that all the balances ran out had been ordered, maybe this was my forgetfulness that I clicked something that was not clear so that it caused losses to me, oh my god, it's really bad luck and I don't want to repeat it and still have to know the original reference link .