Users of the cryptocurrency platform CoinSpot are being warned about a phishing campaign that’s designed to steal passwords.
The bogus emails claim that the recipient has withdrawn funds from their account, and asks them to either confirm or cancel the transaction.
No matter which button the recipient clicks, they are taken to a landing page that clones the CoinSpot login page and uses the URL ‘coinspotswap.com’ – adding the word ‘swap’ to the genuine domain
Users who enter their credentials are then prompted to enter a one-time password as part of the two-factor authentication process. Doing so gives criminals everything they need to access the victim’s legitimate account, and indicates that the scammers are actively monitoring traffic.
Because one-time passwords are typically only valid for a minute or less, attackers must act quickly to enter the necessary credentials.
A similar level of dedication is evident in the attackers’ use of a digital certificate on their website. This gives the site an HTTPS domain, which many people mistakenly believe means that the website is genuine.
However, it simply means that the site provides end-to-end encryption, which makes it harder for a cyber criminal to intercept traffic.
HTTPS is often associated with genuine sites because scammers usually don’t go to the extra effort of purchasing a digital certificate. The fact that this scam does indicates that the attackers are willing to invest in what they believe to be a lucrative scam.
Sem comentários:
Enviar um comentário
Comente de forma construtiva...
Nota: só um membro deste blogue pode publicar um comentário.