Bitcoin phishing attack targets Blockchain users

BlockchainIf you’re an advocate for the Bitcoin digital currency be on your guard, because phishers are after your cash.

Just like fraudsters try to trick you into handing over your login passwords for your online bank, your eBay account, or your Apple iCloud credentials, it seems they’re not above trying to dupe you into opening the door to your Bitcoin accounts as well.

Check out this example of a phishing campaign that was spammed out this weekend, targeting users of – which claims to be the world’s most visited Bitcoin website with over a million registered users and 200 million pageviews each month:

Blockchain phishing email

Sign up to our free newsletter.
Security news, advice, and tips.

The social engineering in this example is pretty elementary, but I have no doubt it works.

After all, who wouldn’t want to receive an email out of the blue telling them that they’ve been unexpected given some Bitcoin?

So, no doubt, many people will click on the link without thinking.

And, at first glance, you may not realise that the site you are taken to is a phishing trap rather than real Blockchain website.

Blockchain phishing site

But take a closer look, and you (hopefully) should have alarm bells ringing.

Pay close attention to the URL

This isn’t the real website, but a domain suspiciously named (notice the double “i”) instead.

Take greater care about your online passwords and reduce the chances of your being phished by checking the link URLs you about to click on *before* you click on them.

Furthermore, when online services give you the option, enable two-factor authentication which means any raider of your account will need more than just a username and password to gain access (details of Blockchain’s two-factor authentiction system are available here).

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

4 comments on “Bitcoin phishing attack targets Blockchain users”

  1. As you mentioned, two factor authentication is definitely something you want to setup, and most Bitcoin-related sites have the ability to enable two factor authentication. By enabling two factor authentication, you will (hopefully) have enough time to change your password before any unauthorized user gains access.

    Bitcoin phishing e-mails will start to become common, although, I wonder if they will be as effective considering most people probably don't have an idea what a Bitcoin is.

  2. Still there, now it's last night it was a IP.. i can't believe google is propagating these links as a PAID ADVERTISEMENT

    1. Jean Bergeron · in reply to Eric Kennedy

      they are also using

      beware over $45,000 have been stolen in a few days

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.