Ethereum phishing scams have been on the rise recently. In October 2017, an Ethereum phishing scam managed to net criminals more than $15,000 USD in less than two hours. The phishing attack directed victims to a URL that looked extremely similar to the MyEtherWallet website, using a unicode trick that made the fraudulent MyEtherWallet website look near-identical to the real thing.
We’ve recently noticed the registration of a new MyEtherWallet phishing domain, listed at “www.myetherewallet.com”. While there is currently no phishing attempt set up on this domain, it joins an ever-growing list of phishing attacks that are focused on the popular MyEtherWallet platform.
As you can see, the fraudulent domain attempts to direct users to “My Ether Wallet”, not My Ether Wallet, which perhaps is not obvious at first glance to newer users. If this domain was to attempt to gather the details of unsuspecting MyEtherWallet users, it’s likely that it would succeed in duping many people.
It’s possible to view a list of all currently identified Ethereum phishing scams at the Ethereum Scam Database. While this site does provide users with a comprehensive list of all of the Ethereum scams that have been spotted in the wild, it doesn’t prevent unsuspecting or unaware users from navigating to them.
The Importance Of URLs
The most important thing you can do to protect your Ethereum investment is always ensure you’re navigating to the correct MyEtherWallet domain every time. You can achieve this by simply bookmarking the legitimate MyEtherWallet website, or double-checking that you’ve typed the address correctly.
If you’ve received an email that appears to be from MyEtherWallet asking you to sign in, never click any links delivered in that email and log in from there- navigate to the legitimate MyEtherWallet site directly. If there are any important updates or account management tasks that need to be performed, MyEtherWallet will notify you.
Tools That Can Help
If you’re looking for assistance in avoiding Ethereum scams, there are a couple of tools that can help. EtherAddressLookup is a neat Chrome extension that provides users with the ability to view a non-intrusive pop-up container that delivers the ETH balance of an ETH address, the number of transactions, and whether the address is a smart contract.
This tool also attempts to protect users from phishing attacks by checking domains against a phishing blacklist that is constantly being updated. If you’re technically-minded, you may also want to check out the eth-phishing-detect project GitHub, an open-source project that is developing a utility for detecting Ethereum phishing domains.
How To Spot & Avoid Ethereum Wallet Scams Conclusion
Security is the number one most important element in the cryptocurrency world, as once transactions occur, they can’t be reversed. Keep yourself and your investment safe by always making sure you’re dealing with the legitimate version of whatever crypto service you’re using, or better yet invest in a secure wallet solution such as the Nano Ledger S.