How Crypto Scammers use Fake Websites

This year has been challenging for crypto markets, with many cryptocurrencies’ prices dramatically declining several months ago. Naturally, hackers remain tireless, using every means necessary to steal people’s money, virtual or otherwise. Hacks are surging and reaching record highs – and the year isn’t over yet.

Crypto scams continue

The latest crypto crime updates by Chainalysis show that crypto hacking is increasing. The blockchain analysis firm found that cybercriminals stole a whopping $1.9 billion worth of crypto from January 2022 to July 2022. The loss for the entire 2021 was $1.2 billion.

As if that isn’t alarming enough, hackers are now using more sophisticated methods than ever to steal crypto enthusiasts’ digital assets – websites masquerading as legitimate crypto platforms.

That wouldn’t be surprising if scammers didn’t exploit SEO and live chat features to create a believable ruse that hardly anyone would detect until it’s too late.

Here’s more about this illicit tactic and the essential tips to prevent falling victim to it.

Attack of the clones

Cloning websites to scam people by stealing username and password credentials to their bank accounts is nothing new. It’s regular hacking we hear about all the time.

Anyone who can write code knows how to create a website mirroring all the content and features of another.

However, creating clones of world-famous cryptocurrency platforms like Coinbase, Kraken, MetaMask, and Gemini wasn’t something hackers could boast about – until recently. They could and maybe have created them before but didn’t launch them until reaching an exceptional level of credibility, making them nearly impossible to detect.

Fake copies of these websites have allowed hackers to access users’ crypto wallets and steal their assets, although how many users fell victim to the scams is still unknown. Google acted swiftly to remove the bogus websites from search results and prevent scammers from spreading their malicious attempts.

We wouldn’t go so far as to say that will stop them, but at least we now know what they’re doing and can spread the word.

How did they use the clones of such prominent crypto websites to scam people? By pushing them to the top of search engine results pages (SERPs).

Exploiting SEO

Hackers typically inject code into legitimate websites and compel people to click on ads or links leading to malicious platforms. That’s your run-of-the-mill hacking. Exploiting search engines is another story.

Crypto scammers used good old search engine optimization to climb to the top of SERPs, causing people to click through, thinking they were accessing legitimate sites.

Creating nearly identical URLs and implementing relevant keywords into their sham sites enabled them to snatch high SERP positions.

For instance, the “Kraken wallet” keyword allowed a fake Kraken site to rank higher than the legit Kraken’s official Twitter account.

Moreover, crypto scammers used Google Sites to build their website clones, making them seem even more credible. Posting malicious links across websites has also tricked Google’s search algorithm into deeming cloned platforms authentic.

Live chat phishing

Typical crypto phishing attacks involve malicious links people click on ads and email attachments. Using live chat is a new tactic.

Crypto scammers who created fake websites of popular crypto platforms leveraged live chat features to steal people’s credentials. Once a user accessed a fraudulent site, a message popped up, initiating a conversation with a hacker posing as a legit customer service representative.

The most significant red flag was asking for users’ phone numbers. That’s how they could access their crypto wallets and steal the assets.

There’s not much information about those interactions, but we can assume scammers also asked for usernames and other credentials, and people obliged. Why wouldn’t they share those details when the platforms were perfect clones, and they thought they were chatting with trusted representatives?

How to avoid crypto scams

Coinbase is one of many crypto platforms that started sharing security tips considering recent events. Besides providing essential information to help users keep away from search engine scams, it has a dedicated page with tips for avoiding cybersecurity scams.

The critical fact to remember is no reliable platform will ever ask for your passwords, 2FA security codes, phone numbers, or remote device access. They’ll never call or ask you to send crypto to an external address.

Such requests and outbound calls are tell-tale signs of a scam.

Besides being on alert for fraudulent attempts, you might want to download VPN services to protect your online experience. A Virtual Private Network encrypts your data, which protects it on unsafe websites (lacking HTTPS). Furthermore, it can block cryptojacking scripts capable of abusing devices and mining crypto without owners’ knowledge.

Final words

Using fake crypto websites to steal people’s assets is only one in the sea of cybersecurity scams. However, detecting them isn’t as challenging as you may think. Follow the tips above, triple-check the websites you visit, and you’ll avoid scammers’ fraudulent attempts to steal your funds.

Pankaj Kumar
Pankaj Kumar
Articles: 209