Don't Get Phished for Your Bitcoin

Don't Get Phished for Your Bitcoin


According to a recently published report Kaspersky Lab,  the top Phishing and Spam target in 2017 was Bitcoin.  It is projected to remain the top target in 2018 as well. 

Phishing is a scam in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

What makes Phishing so dangerous (and effective for criminals) is that it is carelessness and lack of attention to detail that ultimately proves to be the gateway to loss.  In most cases, users are quite literally handing over passwords or access without even knowing it.

This aritcle is designed to help you watch out and protect against malicious attacks that can ultimately rob you of your entire crypto holding and is very difficult to recover. 

Phishing scams becoming more sophisticated


The cybercriminals have evolved quite a bit from the days of Nigerian Prince's emailing people to send large sums of money.  And more alarmingly, the scams are showing up in a variety of different forms that make it difficult to build safeguards and monitoring to proactively protect against.  But in every instance, deception is the primary tactic behind the attack.

In this very recent case, impersonators called T-Mobile purporting to be the account holder saying that he lost his phone and needed a new SIM card.  The real user happened to be out of the country at the time, which was probably known to the assailants, so as his phone in his possession lost connectivity he assumed this was a roaming issue and thought nothing of it.  But this meant he was not getting any of the reset password confirmation texts he setup - including on his Coinbase, Xapo, and Bitstamp accounts. 

In another case, an email appearing to come from Coinbase with security warning to download the wallet with a link that actually showed it was from  However, hovering over the link (or worse clicking it) showed the actual destination of the link took the user to a non-Coinbase related site that was stealing bitcoin.


URL Deception

blockchain phis.png

In a third recent and very public case that has netted cybercriminals over $50 million worth of Crypto over the last 3 years, Scammers behind the attack would create websites similar to Blockchain but with different domain names - "" and "" among them - that the casual user may not notice. They then "leveraged Google Adwords to poison user search results in order to steal users' wallets," thereby directing more traffic to those pages.

The campaign was very simple and after initial setup the attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims,” they wrote. “This campaign targeted specific geographic regions and allowed the attackers to amass millions in revenue through the theft of cryptocurrency from victims. This campaign demonstrates just how lucrative these sorts of malicious attacks can be for cybercriminals.
— Dave Maynor and Jeremiah O'Connor, Cisco employees, on the 'Coinhoarder' phishing scam

Twitter Impersonation Scams

After every tweet by an influential crypto voice, a slew of twitter accounts syncronize their efforts to impersonate the tweeter (same profile appearance and name) and promote an airdrop scam that says if you send X amount of cryptocurrency to an address you will receive X + Y back in return.  Then hundreds of likes and other accounts post messages confirming it's real to give the appearance of legitimacy.  They also flood the post with likes to move it right under the orignal post, gaming Twitter's popularity algorithm.

 An example of a twitter impersonation phishing scam on Ethereum founder Vitalik Buterin

An example of a twitter impersonation phishing scam on Ethereum founder Vitalik Buterin

Tweets emploring users to never trust these types of scams have also been sent out as PSA warnings but they are prevalent on just about every tweet from these sources right now.


Steps to take to prevent Phishing and losing crypto

  1. Always verify the URL of sites you are visiting and Sender of emails.  Double and triple check if you are going to be entering passwords anywhere.
  2. Rollover links in emails and on social to verify the authenticity of the destination where the click or tap SHOULD be taking you. 
  3. Never send your Bitcoin or crypto to an address you don't know off a promise to get more of that crypto.  If it sounds too good to be true it is, and a scam.  NOBODY GIVES AWAY FREE CRYPTO
  4. Check for verified check marks when interacting on sites like Twitter.  This is also important when making decisions based on news you are reading - don't get hooked by fake news from impersonator accounts.
  5. Try to minimize the devices, browsers and sites you handle your crypto with.  The more places you use to access your crypto the more doors you are opening for attackers to eventually enter
  6. Report bad accounts, emails as spam etc.  It will take a community effort to fight against the small but resilient group of cyber criminals. 
Invest in Bitcoin on the Stock Market? ...Sort Of

Invest in Bitcoin on the Stock Market? ...Sort Of

Pro-crypto bills PASS in Wyoming House

Pro-crypto bills PASS in Wyoming House