Bitcoin is money, so are altcoins or the alternative currencies that are all competing with Bitcoin for the attention of investors in the coin market. This is why all sorts of scammers are swarming around the industry in the quest to steal as much as they can from investors in digital currencies.
One smart way internet crooks have devised is taking advantage of the traffic they can buy from Google to drive traffic to cloned versions of legitimate and popular sites such as the hot wallet site Blockchain.com. Blockchain.com used to be Blockchain.info but both domains lead to the same wallet provider.
A New Phishing Wallet Site
Some cybercriminals have just launched the cloned version of this wallet with the intention of harvesting private keys and passwords of users who may not notice the difference between the original, Blockchain.com and the fake domain, Bloçkchaín.com.
Obviously, for someone that is reading this post, the difference would be clear with the mark under the C and I, but this would not be so obvious to another person who has not seen this post and uses Blockchain.com to store their cryptocurrencies.
This is why every user of hot wallet must cross-check the domain in the browser address bar to avoid exposing their wallet’s private key and password to scammers who own the phishing site.
An Observable Difference
Even though from there is no physical difference in the features of the login pages of the genuine Blockchain.com from the fake Bloçkchaín.com, I observed that the links on the fake page don’t work. Apparently, the scammers are just interested in harvesting as many private keys and passwords as possible from distracted users as they possibly can.
Now this is no reason to infer that if the links work that you’re on the genuine site. It is better to have the site you’ve been using bookmarked on your device and take guesswork out of your wallet transactions.
My device security effectively blocked the fake site:
Difference in Sites Descriptions
Another observable difference between the two sites is that the original Blockchain.com site has description of “The Most Trusted Crypto Company” while the scam site’s description is “Most Trusted Currency Storage”
As earlier stated, the scammers can easily make necessary adjustments such as editing their description and linking the blank pages to the genuine pages of the main site, but for now, it seems that their focus is on phishing for passwords to steal cryptocurrencies.
Authentic Site Displays Blockchain Luxemburg [LU]
One other difference between the phishing site and the original is that the latter displays “Blockchain Luxemburg [LU] with a sitelock icon (a padlock). You won’t notice this with the phishing site.
However, do not develop a false sense of security. Sometimes, expert hackers could imitate a target site perfectly, except for the correct domain name. Nevertheless, we have seen that a dot or an apostrophe could make a huge difference if a user is deceived or not.
Hazard known To The Community
There are many user of this wallet that would not be aware that sites such as Bloçkchaín.com exist. Phishing sites have been among the most devastating in terms of theft because the users may inadvertently reveal their password and other critical data that results in the loss of all their funds.
This is why it is important that when benign users discover such sites that they are exposed as quickly as possible to reduce the damages they cause.
Safety Measures For Blockchain.com Users
With the rampancy of phishing site, it makes sense not to depend on Google searches to locate important and sensitive sites that house your hot wallets such as Blockchain.info or Blockchain.com. Google ads are usually taken advantage of by scammers to harvest passwords.
Bookmarking is a good idea. It is a good idea not to depend on Google Suggest while typing financial sites like wallets. The best strategy would be to memorize the address of such important sites and manually type in all completely.
Also do not play around with phishing sites because your browser cache could store the scammer’s site in your address bar causing you to use the phishing site when you’re not focused or attentive to notice the difference.
Move Most of Your Crypto Assets To Cold Wallets
The only reason you should have large sums of cryptocurrencies such as Bitcoin and Ethereum is if you’re investing them in a reputable site such as this. Otherwise, it makes no sense leaving them all in a hot wallet such as Blockchain.com.
In the real sense of the word, a wallet is what you use to store the case you move around with. The way you do not move around with all your balance in the bank is the same way you shouldn’t keep your entire cryptocurrency horde in a hot wallet such as Blockchain.com.
This is the essence of a cold wallet. It is the best way to secure your assets in case you made the mistake of using a phishing site.This is very important! Purchase a hard wallet for cold storage to keep your cryptocurrency safe.
Avoid Google Ads in Your Searches
As you must have known, Google is the king of traffic so every site owner and information seeker depends on the internet king for traffic. Google search results usually return 10 sites that are organically generating their traffic.
However, Google ads supplement these results. Scammers can take advantage of the adword by Google to make phishing sites such as Bloçkchaín.com appear on the front page.
The scammers accomplish this by bidding highly on adword. The best approach to avoid clicking on phishing scam sites is by avoiding Google ads. These ads always have Ad below them.
Install Meta Mask or Phishing Free
MetaMask does a good job at alerting you on sites that have been flagged as phishing sites. This may not be automatic if the site is new, but if some users already flagged it, you may be warned by MetaMask to avoid using such sites.
Another tool you can use to be alerted on visiting phishing sites is Phishing free, you can download it here.
Someone Nearly Lost Their Cryptocurrency
A user of the site shared his encounter,
“When I found this malicious Blockchain.info wallet page this message was not shown and only thanks to my browser I realized that something is wrong.
My password was not filled in automatically. That was for me the first sign that the link I have used is malicious because has to be different from the bookmarked one which is saved in my browser that is why password feature doesn’t fill the password when the site is fully loaded.”
I was only one step away from sharing my password but luckily I use strong and suggested by the app passwords which I don’t remember and have to look for if not filled automatically.”
That is it with the new scourge of phishing for your wallet passwords by scammers. Just be sure that the site you’re giving your passwords are the right ones.
If you’d like to share your experience with phishing sites, please use the comment box below.