Blockchain.com Phishing Attempt

[Maus0728]

Just got this message yesterday in my email and this is clearly a phishing attempt for blockchain accounts. It's funny that they still haven't fix their letter before sending their attempt to every users.

I also reported them as a "phishing attempt" on google.

[tbct_mt2]

Thanks your the warning but I wonder (and you should too) how your emails is attacked like that. Did you arbitrarily share your email address publicly somewhere? It is a big risk when you or anyone else do so.

For my accounts in crypto, the email addresses I use are only used for crypto things and I don't share those email addresses to anyone else.

For entertainment things: gambling, social media platforms (Twitter, Facebook - I did not use Facebook last 2 years), online shopping, etc. I use other emails.

I want to be safe from any risks of attacks: phishing, malware, spam, etc. Even I am aware of such risks, don't click on links, I don't want to see my email inbox receives such risky emails.

The email (in image) is a joke:

- Send 0.005 BTC first to receive airdrop (a warning).
- No amount of airdrop BTC is mentioned

It is even worse than scam giveaway on Youtube, Twitter.
Youtube scam channels. Please spend your time to report them and take them down
Scammers on Youtube. Don't fall into this scam trap and lose money, guys

[Darker45]

- Send 0.005 BTC first to receive airdrop (a warning).
- No amount of airdrop BTC is mentioned

I wonder how they would get your 0.005BTC. They're just saying "you need to have at least 0.005 BTC in your Blockchain Wallet..." They're not even providing a BTC address where you will make a deposit.

I guess the amount was the one indicated in the "Airdrop Pending: 5" with the equivalent of "BTC (~$50,097.86)." With this huge amount given away, I would immediately declare this email a stupid attempt to scam. I bet these scumbags would make more victims if they reduced the airdrop amount to 0.008BTC.

[tbct_mt2]

- Send 0.005 BTC first to receive airdrop (a warning).
- No amount of airdrop BTC is mentioned

I wonder how they would get your 0.005BTC. They're just saying "you need to have at least 0.005 BTC in your Blockchain Wallet..." They're not even providing a BTC address where you will make a deposit.

When they do phishing attacks, they will have links to direct to their phishing sites. If they don't include phishing links, why do they send people such emails? OP can answer and give more details. When OP does it, please add phishing link with code (people don't click on phishing link with code line)

Code:

Post a phishing link here

[Charles-Tim]

When they do phishing attacks, they will have links to direct to their phishing sites. If they don't include phishing links, why do they send people such emails? OP can answer and give more details. When OP does it, please add phishing link with code (people don't click on phishing link with code line)

OP may decided not to bother about the phishing link, as you can see from the above short link that stated 'reclaim airdrop', that is a short link (phishing link). In this case, the phishing link is not that necessary to be known because may novice will only decide to click on the short link which can contain malware, or link to a malicious site or other possible scam means. We should just know that we should not click on any email links we do not authorize for.

[seoincorporation]

With the attack link we could understand how the attack goes, it could be a fake logging site or it could send us to download an app. So, when we report an attack we should give all the information we have to give a nice warning to the users about what's going up.

I have seen in the past web browser apps draining, so, always we must be careful with this kind of emails.

[jossiel]

Thanks for this reminder. Blockchain.com has always been used by these scammers. The scammer's email domain is still ".info" but it's been long that they've migrated to ".com".

For someone who uses a blockchain.com wallet frequently, they'll notice it. But for newbies, they won't. That, "Hi[[firstname]]" is also an indication that these scammers are only copy-pasting their messages.

I hope that many newbies will see this reminder and they won't click links attached to these scammer's email.

[mk4]

Thanks for this reminder. Blockchain.com has always been used by these scammers. The scammer's email domain is still ".info" but it's been long that they've migrated to ".com".

I think the scammer is probably using a .info domain mostly because .info domains are mostly significantly cheaper than the .com counterparts. Since I assume that these email domains(that are being used for these kinds of purposes) are going to be sort of "flagged" real quick, it's more feasible for them to be purchasing cheaper domains.

[robelneo]

Thanks for this reminder. Blockchain.com has always been used by these scammers. The scammer's email domain is still ".info" but it's been long that they've migrated to ".com".

For someone who uses a blockchain.com wallet frequently, they'll notice it. But for newbies, they won't. That, "Hi[[firstname]]" is also an indication that these scammers are only copy-pasting their messages.

I hope that many newbies will see this reminder and they won't click links attached to these scammer's email.

If what you mean is blockchain.info they still own that domain and made a redirection to their main page blockchain.com and so is blockchain.net this is to avoid confusion they own literally the word blockchain top-level domain except for blockchain.org that redirect to tronscan.org.

Since they are using getresponse newsletter they should be reported for abuse and  it seems the scammers do not know how to use a code on how to convert the

"Hi[[firstname]]

so it will convert to the receiver's username now that's also a big warning that people should be aware of.

[NeuroticFish]

I wonder how they would get your 0.005BTC. They're just saying "you need to have at least 0.005 BTC in your Blockchain Wallet..." They're not even providing a BTC address where you will make a deposit.

Yes they will; and will also get everything else you have in your blockchain wallet.
That's because most probably if you log in via their button you'll (also) send them your credentials, so they'll access freely your account.


Blockchain.com / .info has a long history of having its users targeted by phishing e-mails. I've got at some point 1-2 such e-mails while I didn't even had blockchain account 

[DdmrDdmr]

The site, where presumably one is lead to once clicking the "Reclaim airdrop" goes on to asking for your email and your 12 word recovery phrase, associated to your Blockchain account (I presume). In case you’re not sure how the procedure goes, they provide a nice illustrative video of how to become a gullible victim.
 
The site claims to already have given out 547.1 BTC, has 14 675 visitors today, and 495 609 total visitors. A so called Anthony Kirk provides the TX id to the 7 BTC airdrop he received today. With of these facilities and incentives, who can resist right? Well, the real question is who will fall for the trap, and that is anyone inexperienced enough (other terms come to mind, but let’s leave them aside) and prone to jump on board excited to get stripped of his assets.

Code:

https://who.is/whois/bcairdrop.info

[Maus0728]

Thanks your the warning but I wonder (and you should too) how your emails is attacked like that. Did you arbitrarily share your email address publicly somewhere? It is a big risk when you or anyone else do so.

I honestly don't remember what I have done when it comes to giving my email on the internet but I am certain that I do not give or use them on signing airdrop forms or any other scam giveaways that are scattered on the internet since I am not a fan of doing those kinds of stuff nor interested in their altcoin giveaways.

OP can answer and give more details. When OP does it, please add phishing link with code (people don't click on phishing link with code line)

I just reported the email directly as a "phishing attempt" and gmail automatically move the reported mail to my spam box so I decided not to click any of the links associated with it.

[jossiel]

Thanks for this reminder. Blockchain.com has always been used by these scammers. The scammer's email domain is still ".info" but it's been long that they've migrated to ".com".

I think the scammer is probably using a .info domain mostly because .info domains are mostly significantly cheaper than the .com counterparts. Since I assume that these email domains(that are being used for these kinds of purposes) are going to be sort of "flagged" real quick, it's more feasible for them to be purchasing cheaper domains.

You are right, .info is much cheaper. I've tried to search for an .info domain and it's just around $3-$4 per year.

Thanks for this reminder. Blockchain.com has always been used by these scammers. The scammer's email domain is still ".info" but it's been long that they've migrated to ".com".

For someone who uses a blockchain.com wallet frequently, they'll notice it. But for newbies, they won't. That, "Hi[[firstname]]" is also an indication that these scammers are only copy-pasting their messages.

I hope that many newbies will see this reminder and they won't click links attached to these scammer's email.

If what you mean is blockchain.info they still own that domain and made a redirection to their main page blockchain.com and so is blockchain.net this is to avoid confusion they own literally the word blockchain top-level domain except for blockchain.org that redirect to tronscan.org.

Since they are using getresponse newsletter they should be reported for abuse and  it seems the scammers do not know how to use a code on how to convert the

"Hi[[firstname]]

so it will convert to the receiver's username now that's also a big warning that people should be aware of.

Yes, they even used the acronym for blockchain and added airdrop which "bcairdrop.info". It's easy for us to avoid that domain but someone who's just starting might actually bite on it.

[BrewMaster]

I wonder how they would get your 0.005BTC. They're just saying "you need to have at least 0.005 BTC in your Blockchain Wallet..." They're not even providing a BTC address where you will make a deposit.

it's just numbers chosen to play on people's greed. it is like this so that they see that they can pay $50 and receive $50k in return and may get greedy enough to not think about anything else and click on the link there.
then they will be redirected to a scam site looking like blockchain.com that asks them to enter their login information which they steal.

their broken English is funny though.

[Harlot]

Thanks your the warning but I wonder (and you should too) how your emails is attacked like that. Did you arbitrarily share your email address publicly somewhere? It is a big risk when you or anyone else do so.

As one of the people receiving these kind of emails I honestly don't know but these fraudsters definitely have their ways on getting your email addresses. From getting the contact list of the ones they have previously hacked to buying email lists in the dark web and as well as maybe this one time we have publicly posted our email we can say that there is various ways for a fraudster to get out email, they can just basically guess it just by typing in the inbox and the email service will say whether or not that email exists. Mostly spam mail like this is not on the user's fault as based from my personal experience I know a lot of people are not posting their emails publicly.

[BrewMaster]

Thanks your the warning but I wonder (and you should too) how your emails is attacked like that. Did you arbitrarily share your email address publicly somewhere? It is a big risk when you or anyone else do so.

As one of the people receiving these kind of emails I honestly don't know but these fraudsters definitely have their ways on getting your email addresses. From getting the contact list of the ones they have previously hacked to buying email lists in the dark web and as well as maybe this one time we have publicly posted our email we can say that there is various ways for a fraudster to get out email, they can just basically guess it just by typing in the inbox and the email service will say whether or not that email exists. Mostly spam mail like this is not on the user's fault as based from my personal experience I know a lot of people are not posting their emails publicly.

majority of them are using the very huge database that the ICO scams have been building over the past 3 years. that was part of their earning method specially during the end when people weren't falling for any of those and they started asking for fake KYC. all of that information has been sold on dark net multiple times already.

that is why we see this type of targeted scamming meaning it is very rare that a person who has never been into cryptocurrencies receiving such scam Emails.

[D3F4L7 RAT]

Just got this message yesterday in my email and this is clearly a phishing attempt for blockchain accounts. It's funny that they still haven't fix their letter before sending their attempt to every users.

I also reported them as a "phishing attempt" on google.

Regardless if you've used or given your email to somewhere or not, it is still safe to stay vigilant and skeptical at all times.
There are rumours that Google sells our basic info including email address. Their main purpose for this is for businesses to easily penetrate their target market.

[tbct_mt2]

majority of them are using the very huge database that the ICO scams have been building over the past 3 years. that was part of their earning method specially during the end when people weren't falling for any of those and they started asking for fake KYC. all of that information has been sold on dark net multiple times already.

that is why we see this type of targeted scamming meaning it is very rare that a person who has never been into cryptocurrencies receiving such scam Emails.

With ICO bounties in 2017, 2018 and IEO bounties in 2019, many bounty hunters submit application forms with email addresses and scammers can use it to abuse when they finished their scam projects.

In bounties, they have to finish KYC to receive bounty payment (not all bounties require KYC but after the AML enforcements, more bounties require to do that). The bad thing is scammers can sell database or use it to send phishing emails later.

Why KYC is extremely dangerous – and useless