With the latest boom where a growing number of users trading Cryptocurrencies has caught the attention of cyber-criminals who dares to take advantage of this craze in order to gain their own fortune. It is quite alarming to acknowledge that scammers were on the loose to bring misfortune for their own fortune through methods such as phishing.
It is quite simple to execute such phishing activities preying those who has no knowledge of anti-phishing. One simple way for criminals to phish for credentials is to start off with well-crafted sophisticated email messages sent to either random targets or well-planned targets that are customers of a Cryptocurrency exchange.
So what’s next after getting baited? It will take you to a page which was well programmed to look legitimate and take information from you enough to take your identity to take over your account, and then make transfers to a different crpyto wallet. The social engineering technique done to make unsuspecting people voluntarily give their information away is one of the oldest trick in phishing attacks, and recently before the cryptocurrency ad ban left and right, there were fake websites mimicking some legitimate cryptocurrency sites which were being strongly advertised within popular social media tools such as Twitter and Facebook more frequently than the real websites of some exchanges.
Stealing credentials of cryptocurrency e-wallets will sure fetch more fortune rather selling leaked email accounts in the black market. This is why we have seen lately that cyber-criminals are investing more into sophisticated email messages. This is almost equal to the fortune of being able to compromise a banking login account.
Fighting Phishing Sites
The fake websites are often referred to as phishing sites especially those that have forms to input information. While it is an individual’s responsibility to have anti-phishing knowledge to protect oneself, the fight against phishing scams must be done hand in hand by both consumers and corporations. So what can these corporations do to protect their own business and reputation?
Businesses must have their own anti-phishing team to protect their own intellectual property and watch over the internet for any malicious sites that imitates their website which is most likely going to be used for scams. Although prevention is always the best option but in this vast digital world where it is easy to imitate websites, then that would be rather more difficult than taking them down.
The best way to fight phishing sites is to have the technology to detect imitations of your site and get your anti phishing team to take it down rather than turning a blind and hope that people will be vigilant enough to differentiate a fake or real, because there are people who can fall victim no matter what if these sites are left unattended. Information drive through email and newsletters helps but is never enough.