all about cryptop referances
Attackers exploit certain SEO techniques to lead users to phishing sites for wallet apps like Metamask and exchanges like Coinbase and Kraken. These sites, created in Google Sites and Microsoft Azure, trick users into introducing their personal information so that malicious entities can extract their money from these services, according to Netskope.
A new type of cryptocurrency phishing scam has been discovered by Netskope, an online security company, involving SEO techniques and copycat sites. According to a report from the company, throughout 2022 it has been discovered that attackers are using blogs as a tool to distribute links to phishing sites.
In these blogs, the attackers post links with SEO content that allows them to rank high in search engine searches. This means that the links will be reviewed by many people, who may then open them up to believe that these are links to real crypto sites. However, the links direct users to phishing sites that look very similar to crypto-based sites, such as Metamask’s site.
Other sites also mimic exchanges such as Coinbase, Gemini and Kraken.
These phishing sites, either hosted on Google Sites or using Microsoft Azure, are designed to trick users and take their personal information in two different ways. The first has to do with obtaining the private seeds for users’ wallets directly by asking them to import this data. This is the method that the Metamask phishing website is currently using.
The second has to do with obtaining information about users’ accounts in any of the exchanges being phished. When users enter their information, the sites return an error message and ask them to contact a support operator who will try to get more information about the users to get their money.
Netskope stated:
Netskope strongly recommends that users never provide credentials after clicking on a link. Instead, always navigate directly to the website you’re trying to log in to. For organizations, we also recommend using a secure web gateway capable of detecting and blocking phishing in real time.
Phishing scams are not new to the cryptocurrency world. Binance detected and warned of a massive phishing scam involving SMS in February.
What do you think of the new phishing scheme involving SEO, Google Sites and Microsoft Azure hosted websites? Tell us in the comments section below.
Image credit: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or an endorsement or recommendation of products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on content, goods or services mentioned in this article.
Annual T3 FinTech Report highlights paperclip solutions
NFT Weekly: NFT monkeys make bad securities
Estonia-based fintech firm Admirals enters SA
The 5 Best Crypto Tax Filing Software
Safe haven to buy Cannabis FinTech Abaca
How has market volatility affected cryptocurrencies like Dogetti, Shiba Inu and Bitcoin?
Will MercadoLibre’s Crypto Bet Pay Off?
5 of the best crypto Youtube channels to follow
California DMV uses Tezo’s blockchain for digital car title transfers
Miami NFT Week returns to 305 in March 2023
