Coinbase, Gemini to MetaMask, Crypto Scammers Use Fake Websites to Dupe Customers

tech.hindustantimes.com:

Scammers in recent weeks have employed up fake cryptocurrency web pages to attempt to steal money from users, the latest tactic to emerge in what's already been a costly year for crypto-related hacks.

The sham websites – which masquerade as pages for popular services such as Coinbase, Gemini, Kraken and MetaMask – aim to dupe visitors into providing information that helps hackers break into their cryptocurrency wallets, according to researchers from the security firm Netskope Inc. Fraudsters deployed search-engine optimization tactics to promote the websites, which used URL addresses that closely resembled the legitimate sites and propelled the fake pages to the first page of Google's search results, the researchers said.

Google searches for phrases such as “kraken wallet” or “coinbase not working,” in the event the Coinbase site appears to be down, return results with the phishing links on the first page, according to a Bloomberg analysis. A fraudulent version of the Kraken wallet appeared in a Google search in a more prominent position than Kraken's Twitter feed and Play store app.

In another case, a Google search for the “metamask ios” app yielded results that included one website that five popular antivirus services flagged as malicious, according to the Bloomberg analysis.

“A lot of people are making fake versions of real websites and directing users to those pages so they can take their money,” Erin Plante, senior director of investigations at the blockchain-analysis firm Chainalysis Inc., adding that such techniques have been used in other types of cyberattacks. “A lot of this is age-old hacking. ”

The findings come amid a flurry of security incidents in cryptocurrency. Financial losses from