According to reports, cybercriminals are employing phoney versions of well-known websites like Coinbase, Gemini, Kraken, and MetaMask in an effort to empty their victims' bitcoin accounts completely.
According to Netskope, criminal organisations are adopting search engine optimization (SEO) strategies that entail a vast network of bots publishing links to phishing pages on other websites (mostly blogs) in order to increase the visibility of their websites in search engines like Google.
The researchers assert that these bogus websites are sometimes doing better than the original sites that they are copying.
What is the campaign's procedure?
When a victim clicks on a malicious link, they are met with relatively lifelike copycat websites hosted on Google Sites or Microsoft Azure, which frequently have a comprehensive FAQ.
Researchers from Netskope used the well-known cryptocurrency wallet MetaMask as an example. They said that users would be driven to either "Download now" or "Login," where the website would attempt to trick users into providing their login and password or their cryptocurrency wallet.
What can I do to protect myself?
For individuals who don't want to become the current phishing attack's victims, Netskope offered some tips.
Among other things, this entails never inputting login information after clicking a link and always going directly to the website you're trying to connect into.
In order to identify and stop phishing, Netskope also advises utilising a secure online gateway for businesses.
Sadly, using cryptocurrency exchanges as a ruse is nothing new for hackers; in fact, they seem to be getting more creative with their schemes.
Cybercriminals recently built a convincing deep fake of Patrick Hillmann, the chief communications officer (CCO) of Binance, in an effort to defraud businesses by making them believe they were in the running to be listed on the cryptocurrency exchange.
Want to keep your business from being compromised? View our guide to the top endpoint security.
