According to reports out recently, hackers are creating phishing sites that look identical to the main site in order to steal funds.
Website hacking has been on the rise lately, especially concerning cryptocurrency exchanges.
What started as finding ways of stealing people's login information has taken on a slightly new twist...
Now cyber criminals are creating fake websites sites that look very similar to the original site, with hopes that people will mistake their site as the real site.
Then once they enter their login credentials, the hackers have their information to then go into the legitimate exchange and steal their funds.
What sites are being targeted?
Specifically Bittrex has been in their cross hairs as of late.
The fake site used the name "Blttrex" to confuse people trying to login to Bittrex.
Replacing the "i" in Bittrex with an "l".
According to the website who.is (https://who.is/), the IP address of Blttrex is registered to a Russian with the name of "Sergey Valerievich Kireev".
As of writing this, the fake website is down. It is unclear if it was taken down by it's owner or by the hosting firm.
How are people being fooled by scams like this?
Cyber criminals are using Google AdWords to get their fake sites ranking high on Google search.
Which means when people do a search for their intended site, scam sites show up high on the list and get their fair share of clicks.
That is how they getcha!
Steemit.com knows all about that
Changing around the letters on a reputable site is not something all that unusual for steemit.com users. We have seen the account @blocktardes created trying to "trick" people who are trying to send funds to @blocktrades.
We have also seen the account @randomwhale and @randowale created with the intent of stealing people's funds that are trying to do business with @randowhale.
There are all kinds out there folks, make sure you are paying attention to what you are doing with your money. No one is going to take more care of it than you, especially in the crypto world.
Stay informed my friends.
*Pictures don't seem to be working for me today, sorry for the lack of visual excitement on this post :)
Sources:
Follow me: @jrcornel
Thanks for sharing
@jrocornel How to SPOT & Stay away from fake POLONIEX and BITTREX Sites or any Other Trading Sites
Always make sure that the HTTPS (HyperText Transfer Protocol Secure) Green mark is there right before the website address on the Browser address bar. (Also called Secure socket layers)
Never Ever search from Google about POLONIEX or BITTREX. U may get the fake one on the Google search result.
Always make sure that HTTPS green mark is there on the Address Bar of Browser and bookmark that page. So u don't have to find it thereafter.
Most of the times these fake sites come with poloniex.me / bittrex.me instead of .com
5.Don't ever Attach your trading account to any third party software. No matter how secure that third party software is.
Thank you so much! My eyes are on green marks!
Great advice! Thanks!
Just save your exchange as a link or a favorite and always use 2FA when offered. This is a pretty low sophistication attack so simple housekeeping should keep you safe.
Yep, I would imagine it is mostly new users that are falling for this... or someone accessing an account from a different location/computer.
Thank you for the heads up.
Wow, thanks so much for keeping our community informed. Always appreciated!!
Thank you for warning recationary measures thank you
Create advice
Wow, that is devious. Thanks for the warning; you might have prevented a number of people getting hacked ... !
It actually almost happened to me until I asked someone how the actual place looks . Sad what people do for money . Make your own , learn your way up !!
Fun times! In our quest for a decentralized world we must police ourselves. Stay informed and diligent my friends!
Thanks to warn us against these fake websites that are run by scammers to steal our altcoins.
Due diligence is important! Thanks for the PSA!
one must know the information you have provide in this blog
I now check every time, above is written Bittrex or Blttrex.
But I want to say - Russian hackers are stubborn. They will probably come up with another site where they will replace some other letter.
I am sure Bitttrex and Bitterx both exist as well ;)
Thank you!
Thank you for the hacking alert. I'll keep this in mind if I ever plan to deposit any money in any cryptocurrency exchange.
always keep your coin in private wallet.it is safe than any exchanges
its a terrific .thanks for warn us
I am having so much trouble with Bittrex lately. I don't think I've been scammed but I have verified my account with ID and my account is still disabled after a week.
Good advice my friend! I've bookmarked my frequently used sites so am sure of getting the right one when I want to log on.
unless a link is crystal clear where it goes (and not alot of junk at the end) I will type in the name manually.
Thanks for the heads up. I know I get spam phishing messages sent via slack on occassion. Tells are the message asks you to use your private keys and log into a popular wallet while showing a link to regular http instead of the https address.
Thanks @jrcornel for this useful information. Stay strong.
Thank you for the heads up! A misleading typo that could easily go a miss!
Good advice....information is key...thanks
thx for the heads up!
Thank you @jrcornel for this post! I am going to check the IP address more often from now on!
I have a saved bookmark and always use 2FA whenever possible. Thanks for the heads up. Last month, there was also a bunch of attacks on Slack servers trying to get people scammed into transferring their Etherium. Damn scammers, work for your stuff!!!
There is also an account on steemit named @bitrex with only one T that people have mistakenly send SBD and steem to
Good catch! I forgot about that one. Thanks!
Thank you for you information
way to keep us safe out there
The great increase in the values that have achieved the criptomonedas have motivated the unscrupulous always want to take advantage of the ingenuity of people who act in good faith, today more than ever you have to be very careful with these things, there are several accounts created Pretending to be Bittrex.
Thank you very much dear friend @jrcornel for spreading this news.
I wish you a beautiful weekend
I would know something was up as soon as they didn't ask for my 2FA.
Everyone should have some form of 2 factor authentication enabled. This is money we are taking about here. Great job pointing this out and keeping people safe man.
Thank you!! 👍🏿
This would definitely be something happening to people rushing into crypto FOMO style.
Thanks for the info @jrcornel
Upvote and resteem
Great post them for you can save a lot of people from losing their a$* up voted and following. Thank you!
Good to know, thanks!!
Little bit confused , its been 2h+ and my steam funds on Bittrex are still frozen for '' Maintenance ''
Is this expected behaviour?
Thank you for the information. I have been trying to connect to Bittrex but something was not quiet right, but reading your post I have full understanding. If those hackers are targeting the crypto space would that be saying to the exchanges that their is a weakness in their system therefore it need attention. Maybe it goes as far back to the blockchain.
After reading nearly all the post, I do question, does the exchanges have any accountability for the funds that they. Can you really expect ordinary people to police their funds 24 hour per day
Thank you so much for these infos!
They are very useful for anybody who deals with cryptos.
My message is: Keep your eyes always open!
Thank you friends for the very very important information, in the internet world we have to share useful things. The experience you describe will be a learning like me that is still a beginner in the world of steemit.
Greetings from Aceh
@bukharisulaiman
@jrcornel here is a post from @cyrixboy how he got hacked by a phishing site https://steemit.com/cryptocurrency/@cyrixboy/bittrex-account-robbed-of-usd1-500-00