Bitcoin phishing attack targets Blockchain users

If you’re an advocate for the Bitcoin digital currency be on your guard, because phishers are after your cash.

Just like fraudsters try to trick you into handing over your login passwords for your online bank, your eBay account, or your Apple iCloud credentials, it seems they’re not above trying to dupe you into opening the door to your Bitcoin accounts as well.

Check out this example of a phishing campaign that was spammed out this weekend, targeting users of Blockchain.info – which claims to be the world’s most visited Bitcoin website with over a million registered users and 200 million pageviews each month:

The social engineering in this example is pretty elementary, but I have no doubt it works.

After all, who wouldn’t want to receive an email out of the blue telling them that they’ve been unexpected given some Bitcoin?

So, no doubt, many people will click on the link without thinking.

And, at first glance, you may not realise that the site you are taken to is a phishing trap rather than real Blockchain website.

But take a closer look, and you (hopefully) should have alarm bells ringing.

This isn’t the real Blockchain.info website, but a domain suspiciously named blockchaiin.com (notice the double “i”) instead.

Take greater care about your online passwords and reduce the chances of your being phished by checking the link URLs you about to click on *before* you click on them.

Furthermore, when online services give you the option, enable two-factor authentication which means any raider of your account will need more than just a username and password to gain access (details of Blockchain’s two-factor authentiction system are available here).

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.