Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response

Phishers Claim to Ensure Security for Digital Currency Users

Created: 25 Jun 2013 15:57:38 GMT • Updated: 23 Jan 2014 18:06:11 GMT • Translations available: 日本語
Mathew Maniyara's picture
0 0 Votes
Login to vote

Contributor: Avdhoot Patil

Digital currency, a form of electronic money, is a relatively new concept to the world. Many of these currencies have arisen during the past decade and digital currency in general has always been a subject of controversy. In recent years, the world witnessed the suspension of some digital currencies due to legal issues such as money laundering. However, phishers are not concerned about the controversies; instead they are busy seeking opportunities to steal digital currency or money in any form whatsoever. In May 2013, we found a phishing site that spoofed a popular digital currency company.

The phishing site alerted users of an account security update. According to the notice, the company wanted to ensure the integrity of their transaction system by reviewing user accounts. Users were notified that their accounts might be restricted due to multiple failed login attempts. The alert message instructed users to enter their confidential information in order to avoid any restrictions. A button was placed below the message for users to initiate the bogus verification process. After the button is clicked, users are redirected to the next page that asked for user account information.

Phish1.jpg

Figure 1. User details requested for account security

The user information asked for included user name, password, email, and currency of user’s country of origin. The phishing page warns users that if the details are not submitted, the account would be temporarily closed.

Phish2.jpg

Figure 2. User credential request

After the required information is entered, the phishing page redirected to an acknowledgment page confirming the account information. The page also mentioned that the information will be further verified by the company’s account management department within 24 hours.

Phish3.jpg

Figure 3. Confirmation

The phishing site was hosted on an IP domain (for example domains like http://255.255.255.255). If users fall victim to the phishing site, phishers would have successfully stolen their information for financial gain.

Users are advised to follow best practices to avoid phishing attacks:

  • Do not click on suspicious links in email messages
  • Do not provide any personal information when answering an email
  • Do not enter personal information in a pop-up page or screen
  • Ensure the website is encrypted with an SSL certificate by looking for the padlock, “https,” or the green address bar when entering personal or financial information
  • Use comprehensive security software such as Norton Internet Security or Norton 360, which protects you from phishing scams and social network scams
  • Exercise caution when clicking on enticing links sent through email or posted on social networks