I think the idea is to get those people who search for related to what is discussed on Bitcointalk through google. They would then be tricked to click on mirror links of threads similar to those on bitcointalk after which they will be prompted to log in onto the phishing website.
That's indeed the case. This already happened multiple times with the Bitcointalk.TO website, which was a third-party random mirror of the forum. I already clicked on it by mistake multiple times. And I'm not the only one.
If you click on "Login" button, you navigate to real bitcointalk. But if you open one of the threads and then click on "Login" button you will navigate to the fake "login" page.
Seems that they are still working on their website.
I tried logging in with some random username and password and looks like when you click the "Login" button, the request is sent to the real BitcoinTalk. While this doesn't mean the website isn't stealing our data (at least not stealing through the POST request from the login form), I agree that we sould treat it as a scam.
TIP: Add the website to your hosts file to block it and avoid clicking on it by mistake.
I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Now my computer can't access that phishing site anymore.
Just do the above but with
bitinfo.cc instead of
bitcointalk.to.