Connect with us

Coin Market

Netskope Discovers Hackers Are Using Google Sites and Microsoft Azure to Steal Crypto

Published

on

Attackers are taking advantage of certain SEO techniques to direct users to phishing sites for wallet apps like Metamask and exchanges such as Coinbase and Kraken. These sites, created in Google Sites and Microsoft Azure, fool users into introducing their personal information, allowing malevolent entities to siphon their funds from these services, according to Netskope.

Cryptocurrency Phishing Scheme Uses SEO, Google Sites, and Microsoft Azure, According to Netskope

A new kind of cryptocurrency phishing scam scheme has been detected by Netskope, an online security company, that involves SEO techniques and copycat pages. According to a report from the company, throughout 2022, it has been detected that attackers are using blogs as tools to distribute links to phishing sites.

In these blogs, the attackers post links with SEO content that allows them to rank high in search engine queries. This means that the links will be reviewed by many people, which can then open them to believing these are linking to real crypto sites. However, the links are directing the users to phishing sites that are very similar to crypto-based sites, such as the website for Metamask.

Other sites also mimic exchanges such as Coinbase, Gemini, and Kraken.

Phishing Mechanism

These phishing sites, which are hosted either on Google Sites or use Microsoft Azure, are designed to fool the users and take their personal information in two different ways. The first one has to do with acquiring the private seeds of the wallets of the users directly by prompting them to import this data. This is the method that the Metamask phishing site is currently using.

The second one has to do with obtaining the info of the users’ accounts in any of the exchanges being phished. When the users input their info, the sites return an error and prompt them to contact a support operator that will try to obtain more info about the users to successfully acquire their funds.

Netskope stated:

Netskope strongly recommends users never enter credentials after clicking on a link. Instead, always navigate directly to the site you are trying to log in to. For organizations, we also recommend using a secure web gateway, capable of detecting and blocking phishing in real-time.

Phishing scams are not new in the cryptocurrency world. Binance detected and warned about a massive phishing scam involving SMS in February.

What do you think about the new phishing scheme involving SEO, Google Sites, and Microsoft Azure-hosted webpages? Tell us in the comments section below.

The post Netskope Discovers Hackers Are Using Google Sites and Microsoft Azure to Steal Crypto first appeared on RealTimeBit.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Coin Market

Why Ethereum traders are closely watching ETH/BTC charts — Spoiler alert, it's bullish

Published

on

By

After lagging Bitcoin for most of 2024, Ethereum appears to be in the early stages of a bullish trend reversal. Here’s why traders are closely watching the ETH/BTC pair.

Continue Reading

Coin Market

Republicans won the Senate, but 2 crypto races are still up for grabs

Published

on

By

Democrat Ruben Gallego was leading in a race for Arizona’s Senate race, while Republican Sam Brown trailed in Nevada. 

Continue Reading

Coin Market

Singapore, France monetary authorities test quantum-proof security

Published

on

By

The MAS and BDF experimented with post-quantum email security as a first step in securing payment networks.

Continue Reading

Trending