Fake websites are posing as crypto exchanges to drain victim wallets

Your top search results could be predatory, say researchers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybercriminals are reportedly using fake versions of popular websites such as Coinbase, Gemini, Kraken, and MetaMask in an attempt to drain thebitcoin walletsof victims dry.

According to Netskope, criminal groups are using search engine optimization (SEO) techniques, that involve an extensive network of bots posting links to phishing pages on other websites (mainly blogs) to boost their rankings in search engines such asGoogle.

In some instances, the researchers claim these fake websites are ranking better than the legitimate sites being copied.

How does the campaign work?

When the victim clicks on a malicious link, they will be greeted by relatively realistic-looking imitation websites hosted on either Google Sites orMicrosoftAzure, which will often include a detailed FAQ.

Using the popular Crypto wallet MetaMask as an example, Netskope researchers said users would be directed to either “Download now” or “Login”, where the site will try and dupe users out of their crypto wallet or their username and password.

How can I avoid getting compromised?

Netskope had some advice for those who don’t want to end up as the latest phishing attack victims.

This includes never entering credentials after clicking on a link, and instead, always navigating directly to the site you are trying to log in to.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

For organizations, Netskope also recommends using a secure web gateway to detect and block phishing.

This unfortunately isn’t the first time that crypto exchanges have been used as part of a ploy by cybercriminals, in fact, these seem to be getting more inventive.

SaaS platforms are facing more phishing attacks than ever>Cloudflare says it was almost fooled by a phishing attack>Our guide to the best cloud firewalls

A group of cybercriminals recenty created a deep fake ofBinance chief communications officer (CCO) Patrick Hillmannto extort money out of firms, attempting to convince them they were in the running for a listing on the crypto exchange.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Huge Black Friday Samsung sale: save up to $1,900 on QLED, OLED TVs, and more