Hackers are everywhere. If you are fortunate enough, you be able to evade them, but if you use cryptos, chances are that the hackers are very interested in them and they try to take it from you. The latest case we’ve seen is a phishing campaign aimed at the clients of GMO Coin.
The users of the giant Japanese crypto exchange were targeted recently in a new scam that has become quite spread out in the last weeks. The goal was to trick the users into believing that they were using the exchange to get their login credentials.
It involved the Yahoo! JAPAN site in which some of the ads of the exchange were actual clones. The idea is that the users would enter them and would try to obtain to log, but as soon as the site would let the user give away the password, it would go directly to the hacker.
GMO Coin emitted an official statement about the scam, in which it affirmed that the ad on Yahoo! JAPAN would lead the client to a fake company. The scammers paid for the ads to Yahoo! JAPAN and they created a completely identical page as a way to trick the users.
On its announcement, GMO Coin reaffirmed how important it was to check the site always. The real address is https://coin.z.com/jp. The company affirmed that the best way to access the site is to always go there typing the address directly via the browser instead of going via sites like Google or Yahoo.
Also, it is important to be always sure that you are on the right site before giving any information like passwords, credit card details, etc.
This is a very common case of phishing attack. In fact, attacks like this one happen since the 90s. It is easy to create a clone site and find ways to encourage people to give their useful details because they already trust the site and they often do not perceive that the site is fake if they do not check things like the address.
As soon as the scammers got the passwords, they used to empty the accounts of the victims and to send the money to their own wallets. As soon as the transactions were confirmed, there was no way to undo the damage because crypto transactions do not allow for chargebacks.
Several Crypto Exchanges Are Victim To Phishing Attempts Or Clone Sites
Scams like this are very common mostly because the companies are not very well protected against them in any way since they target their image and brand, not actually them, so there is no way to be protected. The actual victims are the customers, which are easier to fool than the security department of these companies.
They generally start with fake links that lead the user to the wrong site. After that, they get the information. The information from the clients of GMO Coin is actually being stolen and that is worrisome because of the company’s new features to also allow lending money to the company, not only trading.
Unfortunately, we will see a lot of this kind of scam yet, since it is one of the easier ones to pull off. In order to avoid it, the best hint is to know the address of the sites and to always check the page carefully before inserting your password.