Phishing is an old method of scamming someone. It is simple to execute, but it does not work very well if the victim knows the basics of digital hygiene. The essence of phishing is to create a complete copy of a website that will collect data entered by the user. Hackers most often use this method on social networks, as well as in SMS or emails.
The phishing scam is as follows:
- The hacker sends the user a link and an enticing message. Moreover, the link is often designed to look similar to the link of the legitimate site. For example, instead of "facebook.com" it might be written as "faceboook.com".
- If the user clicks on the link, they are directed to a site that looks nearly identical to the original. A form for entering login and password information appears on the site.
- If the user does not notice anything strange, they may enter their information. This information is then sent to the hackers.
Here is such a simple scheme, designed to take advantage of the user's negligence. There are even more complex types of phishing, where the user doesn't need to enter anything at all, but just needs to open a link so that the hacker can gain access to data or even the device. Therefore, you shouldn’t open any links or files if you don't trust the person who sent them.
Hackers are now using this old scam to deceive users of various crypto technologies. Recently, the ETHDenver project website fell victim to such a sting, as tweeted by Blockfence.
Blockfence CEO, Omri Lahav, told Cointelegraph the details of this scam. According to Lahav, hackers have been using the fake ETHDenver website since mid-2022. During which, they were able to steal over 177 ETH.
If Omri Lahav is correct, then ETHDenver did not notice the fake site for six months, because they wrote about its existence a few hours before the Blockfence message. Additionally, it is strange that Google placed an advertisement for a fake site when searching for "ethdenver".
Dear reader, if you do not want to become a victim of phishing, then always carefully examine the name of the site in the address bar. Do not open links and files from unknown sources, and do not enter your data until you are sure that everything is safe. And we continue to observe.