Bitcoin Forum
December 12, 2024, 06:31:22 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitcoin Phishing : The Next Wave -Open Dns  (Read 783 times)
Patatas (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1115

Providing AI/ChatGpt Services - PM!


View Profile
September 22, 2016, 05:39:33 PM
 #1

The OpenDNS research team conducted an investigation into the latest phishing campaign trends. Get into the details here

->  https://blog.opendns.com/2016/09/15/bitcoin-phishing-next-wave/

Quite detailed information about the recent phishing activities including the Bitfinex Hack!
RodeoX
Legendary
*
Offline Offline

Activity: 3066
Merit: 1147


The revolution will be monetized!


View Profile
September 22, 2016, 05:50:49 PM
 #2

This is a growing issue.  Sad

I have been getting some attempts that look more like spearfishing than random mass emailing operations. Keep your coins tight brothers!

The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf
Free bitcoin in ? - Stay tuned for this years Bitcoin hunt!
Patatas (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1115

Providing AI/ChatGpt Services - PM!


View Profile
September 22, 2016, 05:55:38 PM
 #3

This is a growing issue.  Sad

I have been getting some attempts that look more like spearfishing than random mass emailing operations. Keep your coins tight brothers!
Correct.The reason I posted the topic is to make people aware of this chart.You can see how the sequences of events have taken a turn around in the same period of time.Security is a much ignored topic with rising bitcoins usage.I still see a lot of members having their wallets and savings stored on exchanges and third party websites.Social awareness is equally needed.

BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1806
Merit: 1164



View Profile WWW
September 22, 2016, 05:58:30 PM
 #4

Thanks for this. With hardware wallets so cheap now there is no excuse for leaving bitcoin on an exchange unless you are in a trade. Same goes for web wallets.

mobnepal
Legendary
*
Offline Offline

Activity: 1218
Merit: 1006


View Profile
September 22, 2016, 07:43:50 PM
 #5

Have got several phising emails with blockchain in the name and also same webpage for login. Better to always check the domain and SSL certificate, recently i have also seen paxful phishing site but domain name was not identical. I have also seen some guy in this forum lossing bitcoin to bitmixer clone site. Phising bitcoin related sites is like trend now because it will be easy for them to withdraw bitcoin and run away being anonymous.
unamis76
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012


View Profile
September 22, 2016, 08:11:25 PM
 #6

Interesting article. Not much to add. I can only say that fortunately I haven't been the target of phishing attacks. Only once, for a website I don't even have an account in Cheesy
shovon234
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
September 22, 2016, 08:16:23 PM
 #7

Have got several phising emails when blockchain in the make known and moreover connected webpage for login. Better to always check the domain and SSL endorse, recently i have moreover seen paxful phishing site but domain declare was not identical. I have along with seen some guy in this forum lossing bitcoin to bitmixer clone site. Phising bitcoin related sites is considering trend now because it will be easy for them to desist bitcoin and control away creature anonymous.

Wink Wink Wink Wink Wink
eternalgloom
Legendary
*
Offline Offline

Activity: 1792
Merit: 1283



View Profile WWW
September 22, 2016, 08:19:35 PM
 #8

Quote
From our previous investigations, we’ve seen that Bitcoin phishing campaigns are also delivered via legit google Adwords and Yandex ads redirecting to Bitcoin phishing. We searched for “buying Bitcoin” on google around August 18th, and we picked a few phishing sites in the returned results. One example is blockchln[.]info resolving to 143.95.239.55 which hosts a large number of other phishing sites targeting Paypal and Bitcoin wallets, Bitcoin mixers and sites selling fake European Union, Ukrainian, and Russian passports. - See more at: https://blog.opendns.com/2016/09/15/bitcoin-phishing-next-wave/#sthash.goJN6ml5.dpuf

I found this pretty interesting as well, not really something I would expect actually and it's something one might fall for if they were not aware of this.

I don't have a habit of searching on Google for the website I need to access, but it's something I've noticed my friends doing quite often.
For example by typing the name of a website in the address bar of their browser and just clicking a result on Google.

Doesn't Google check the websites that make use of Adwords? Are the malicious ones removed regularly at least?

calkob
Hero Member
*****
Offline Offline

Activity: 1106
Merit: 521


View Profile
September 22, 2016, 08:26:09 PM
 #9

thanks for the heads up i have had a few attempts at spoofing blockchain.info recently.   Roll Eyes
Milkduds
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
September 22, 2016, 08:39:05 PM
 #10

The evolution of bitcoin is going to attract more hackers to the field as we go forward,especially knowing that very few users fully understand bitcoin. The room for exploitation is quite vast for some one that is looking to make money off the backs of others. Comparable to hackers shifting to Mac users now I would think.
Stay diligent and we should be alright and adapting as the borders shift around us.
jhenfelipe
Hero Member
*****
Offline Offline

Activity: 1372
Merit: 647


View Profile
September 23, 2016, 02:24:52 AM
 #11

Nowadays there are lots of phishing activities out there. We really need to be aware and extra careful of the sites we visited. Sometimes there is a one letter different in the URL that if we won't recognize we can be a victim. I encounter a phishing site before on a Bitcoin group at Facebook offering some free bits, and since I'm aware of it, I haven't been a victim. The site uses an unfamiliar domain (I search it and yes, it's a phishing site), I click it just out of curiosity. It requires me to log in to my gmail account, the interface is not as good as the original gmail log in form so it's really obvious. What I did was put a fake gmail username & password and after that, the site loads then nothing happened. I think the account details had been recorded on their database and they will try to hack the email. Afterwards, they can also hack all of the accounts verified with the email including online BTC Wallet.
Wind_FURY
Legendary
*
Offline Offline

Activity: 3136
Merit: 1948



View Profile
September 23, 2016, 02:49:44 AM
 #12

Maybe the Brave browser should start black listing or start giving out warnings to unknown Bitcoin services by default to prevent these phishing attacks. They should start working with these services so that they could create a Bitcoin browser that is safe that will help prevent theft especially for the newbies who can be quite gullible.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
Shiroslullaby
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250



View Profile
September 23, 2016, 03:03:58 AM
 #13

Its really smart to see Coinbase register domains like co-inbase.com
Tons of people get scammed by a simple typo, visiting a phishing site cloned to look like the real site.
This is a smart business strategy that any big website should be doing. Very easy to protect their customers for a few dollars a month by registering the domain and re-directing to the main website when someone makes a typo.

marleybobthedog
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
September 23, 2016, 03:47:58 AM
 #14

Phishing is very undetectable for kid user they might not be aware of the url and could post their username password and could become a victim of hacker. So user should first check the url before posting and sort of user authentication detail.
ObscureBean
Legendary
*
Offline Offline

Activity: 1148
Merit: 1000


View Profile WWW
September 23, 2016, 04:43:27 AM
 #15

Well since Bitcoin requires an internet connection to work, phishing will always be a concern. Not much that can be done about this other than being careful. Online wallets do provide an extra layer of protection though with 2FA. It's of course not bulletproof but it certainly makes it harder for people to gain control of your account and access your coins.
Kakmakr
Legendary
*
Offline Offline

Activity: 3542
Merit: 1966

Leading Crypto Sports Betting & Casino Platform


View Profile
September 23, 2016, 06:47:31 AM
 #16

I do not copy and paste my URL's and I store the majority of my coins in cold storage. Almost 80% of my coins are stored on paper wallets and the <mobile> coins, or that is what I named them, are stored on a hardware wallet. <Trezor> They can Phish away, but I am not biting on those hooks. ^smile^

My advice is simple, buy a Trezor and do not store large amounts of coins on exchanges or online wallets. ^smile^

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
Patatas (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1115

Providing AI/ChatGpt Services - PM!


View Profile
September 23, 2016, 05:07:45 PM
 #17

Its really smart to see Coinbase register domains like co-inbase.com
Tons of people get scammed by a simple typo, visiting a phishing site cloned to look like the real site.
This is a smart business strategy that any big website should be doing. Very easy to protect their customers for a few dollars a month by registering the domain and re-directing to the main website when someone makes a typo.
I agree.Sad part is,even though the phishing websites are reported everyday,the official businesses don't take them off the web.I've reported blockchain.info's phishing links like 10 times to their support,sadly nothing was done about it.Even after 3 months,the domains are still live.
szpalata
Sr. Member
****
Offline Offline

Activity: 686
Merit: 253


View Profile
January 24, 2017, 01:39:36 PM
 #18

Its really smart to see Coinbase register domains like co-inbase.com
Tons of people get scammed by a simple typo, visiting a phishing site cloned to look like the real site.
This is a smart business strategy that any big website should be doing. Very easy to protect their customers for a few dollars a month by registering the domain and re-directing to the main website when someone makes a typo.
I agree.Sad part is,even though the phishing websites are reported everyday,the official businesses don't take them off the web.I've reported blockchain.info's phishing links like 10 times to their support,sadly nothing was done about it.Even after 3 months,the domains are still live.

I agree with you, phishing is gradually taking center stage in all Internet fraud activities. I have been phished before but luckily it was just at Facebook login and didn't hurt that much but until website hosting companies take down clone or forked sites their operations will continue and might get out of hand in afraid.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!