Phishing Scam is one of the most effective scams until today; not only in the cryptocurrency space but on the world wide web in general.
A phishing scam is an attempt to steal account login information, credit/debit card information, your bitcoin or crypto wallet’s recovery phrase, or whatever valuable information that a bad actor can take advantage of, mostly through fake clone websites and software.
How the scam works
One simple way of scammers spreading phishing sites is through the Google ads platform. You do a simple Google search query, typing up “Binance”, and if you don’t use an ad blocker, there’s a decent chance that the top search result would be an advertisement.
For example : You search for ‘Binance’ in Google and first result you see is “www.binance.com/“, when you actually click on the link and take look at your browser’s address bar, there’s a decent chance that the site you’ve just opened is going to be something like “binancel.com“, “binancesite.co“, or something else that isn’t the legitimate “binance.com“.
Some of these methods are so tricky, as they use domains like “biṇaṇce.com“. You might not have noticed it immediately, but it’s actually an ‘ṇ‘, a Latin character.
Google ads is just one way of spreading phishing sites and software though. Other ways and methods of them spreading phishing sites and software include:
–Social media: scammers could create fake accounts Facebook, Twitter, Instagram, or other social media sites and communities in general, masquerading as certain companies(Ledger, Coinbase, Trezor, etc).
–Hacked YouTube accounts: scammers have been hacking YouTube accounts with a decent number of subscribers and changing the YouTube channel name to a certain company. They would then say that they’re conducting a “crypto giveaway” or something similar while posting a video(live or not) with a link to a phishing site or to a download link of fraudulent software.
–Fake customer support : this is mostly happening on Reddit and Twitter, but it could happen on all social media sites. Scammers would target people who had made a post concerning issue(s) with certain services(Binance, Ledger Nano S/X hardware wallet, etc) by messaging them and sending them a link to a phishing site or to a download link of fraudulent software.
Always keep your eyes peeled. Some hackers and scammers are extremely smart, and they can create other more convincing ways to trick people into opening their phishing links. It’s heavily recommended for people to always check their browser’s address bar if they’re actually on the legitimate website.
Fraudulent mobile apps
Pretty much the same with phishing sites, but in the form of apps. Especially on the Google PlayStore for Android devices, there are A LOT of fraudulent mobile apps made to steal your funds.
Mostly faked apps include:
How to protect yourself
-always do a double or triple check on your browser’s address bar to confirm that you’re actually on the legitimate website.
-install a well-known and reputable adblocker like uBlock Origin your browser, or use the Bravw browser instead.
-Prevent from clicking on ads.
-Make sure that you’re downloading legitimate apps.