Cryptocurrency exploded in 2017. As the price and market value of cryptocurrency soared, its value was recognized by an increasing number of investment organizations and investors. Many have profited from this rise of digital currency, and as a result criminals had their eye on the possibilities, scheming up various ways to con investors. This article lists some common fraudulent methods, which can hopefully remind investors to perform rational investments. There are four types of fraudulent methods, namely phishing, fraud, theft, and vulnerability, with each type comprising different fraudulent means.
This article mainly explain the first type of fraudulent methods, Phishing, which includes counterfeit websites and propagation modes.
Counterfeit websites-Airdrop websites
By posing as official websites, these counterfeit websites get users to enter their addresses and private keys in exchange for airdrops.
The following figure shows a fake TRON airdrop website requiring users to enter their wallet addresses and private keys in order to receive Tronix.
Counterfeit websites-Wallet Websites
Phishing websites are disguised as the popular online wallet Blockchain.info through this fraudulent method. Specifically, attackers create a website similar to Blockchain.info but with a different domain name such as “block-clain.info” or “blockchien.info,” which might not be noticeable to users. Then, the attackers “use Google AdWords to pollute user search results,” directing more traffic to these forged pages in an attempt to steal funds from the users’ wallets. Also, some attackers target users’ Gmail accounts to obtain their Google advertising keywords and place the fake Blockchain.info account at the top of the search results through SEO (Search Engine Optimization).
Counterfeit websites-Exchange Websites
The figure below shows the counterfeit Binance website, which is extremely similar to the official site. Without putting the URL under a magnifier, you can barely notice the two dots right beneath both “n” letters in the string of “binance”, which denotes and points to a totally different target website than Binance. In addition, the content of the counterfeit page is exactly the same as that of the authentic official website, so visitors to the site do not sense anything amiss and enter their accounts and passwords.
Counterfeit websites-ICO websites
These counterfeit websites pose as ICO project sites and post fake addresses to trick users into transferring coins.
As the “overseas version of WeChat,” Telegram has entered the blockchain market and is about to launch an ICO (Telegram is About to Launch the Largest ICO in History), providing cyber criminals with a prime opportunity. The figure below shows the fake Telegram ICO launch website.
The fraudulent address where investors transfer funds.
Fake ICO addresses
In this case, the official website where an ICO project will be launched is intercepted and hijacked, and the authentic official ETH address is replaced with a fake phishing ETH address for scamming purposes.
In July 2017, the Coindash team launched an ICO. Later, hackers took control of the Coindash’s official website and modified the previously published text to replace the authentic Coindash address with their own wallet address. When users invested in Coindash, they were actually transferring coins to the hackers. During this attack, the hackers stole Ethereum valued at $7.4 million US dollars.
Propagation modes-Email
During the project ICO, hackers sent phishing emails containing fake ETH addresses to all whitelisted users.
With the mailing list of Bee Token, the hackers sent out an e-phishing email stating that the ICO had then started, that it had established a partnership with Microsoft, guaranteeing investors that the Bee Token would double in value, and that investors could then transfer coins to the address in the email for investment. The figure below shows the content of the phishing email:
Propagation modes-Social media and Telegram
Thieves impersonated company authorities, and manage Telegram groups or Slack communities, and sent a fake crowdfunding address to investors ahead of the actual ICO launch.
By posing as authorized company executives, the thieves claimed ICO “pre-sale” funds from the investors and stole funds valued at 500,000 US dollars.
Above is a summary of Phishing, the following suggestions are provided for investors to reduce the probability of being defrauded:
Improve the awareness of fraud prevention by not transferring money to any strangers or unknown addresses to avoid great losses for small gains.
Choose the most secure wallet to manage your digital assets.
SafeWallet, which is a trustworthy wallet with high security.
1)When your wallet is opened, it initiates a security scan to detect viruses in time avoiding asset loss.
2)SafeWallet provides a blacklist address database and checks if the target transfer address is authenticated during funds transfer with a prompt.
3)The wallet provides a complete defense system against potential attacks.
About us
Telegram: https://t.me/safewalletgroup
Official Website:https://www.cmcmbc.com
Twitter:https://twitter.com/safewallethelp
Youtube:https://www.youtube.com/channel/UCGgAmQhnx6ijeqnDaPKL3Rw