Popular Browsers Like Google Fail to Catch Copycat Crypto Sites, Scams Make the Top Results
As the digital asset economy grows popular and a number of crypto companies become well known, copycat scammers appear in greater numbers. There are a number of websites that are clones of the official web page from companies that provide mining device sales, wallets, full nodes, paper wallet tools, and popular trading platforms.
Just recently, news.Bitcoin.com wrote a report on mining devices, and one of the links we found looked like it belonged to a reliable mining manufacturer, but the URL really went to a copycat site that looked identical to the original URL. People make mistakes and the fact of the matter is some of these scams can be awfully hard to catch. That’s because oftentimes these web pages look exactly the same as the official website, minus a few minor details.
Some shady websites are quite obvious, like when news.Bitcoin.com’s Terence Zimwara wrote about Bitcoin Inc. and the ostensible fractional share tokens. However, some web pages are straight-up copycat web pages, and are nearly identical to the official page. For instance, there is a copycat website of the mining rig manufacturer Strongu’s official page. Google happens to keep to have the sketchy website posted at the very top of the results page.
The site is called “strongutech.com” and the real web page is really called “strongu.com.cn/.” The copycat website, which uses the word “tech” in the name, was created to be a phony sales site. It also managed to make it to the top of Google’s browser results with little effort. It should be known that the copycat website is not the company’s official mining store. News.Bitcoin.com has reported it to Google’s anti-phishing page which allows people to report suspicious websites.
Spoofing reliable crypto company websites has been happening for years. For instance, six years ago the popular cryptocurrency exchange Coinbase was spoofed by a web page called “coinbase.re/,” and everything was real except the sign-in button. Which means, after an unsuspecting Coinbase customer used it the hacker would steal login credentials. The website also was the very first “sponsored” post on the top of the Bing browser’s results page.
Last summer, law enforcement in Europe arrested a group who spoofed the website Blockchain.com. The hackers managed to empty the wallets of 4,000 victims. All the malicious actors did was leverage a technique called “typosquatting,” which uses a domain name but with one small typo. There are fake paper wallet generator sites people have been complaining about over the years. Three months ago, a Reddit user also reported on a phony Ian Coleman BIP39 page on the top of Google’s results.
Day in and day out, scammers are using spoof websites and typosquatting to steal people’s cryptocurrencies. Scammers are also appearing on Google’s Play Store copying reputable brands and creating fake apps. Just recently, Satoshilabs, the company that manufactures the Trezor hardware wallet tweeted about an Android app that was pretending to be the official application.
“A warning to all the Android users owning Trezor devices,” the company tweeted on December 2, 2020. “This app is a scam and has no relation to SatoshiLabs and Trezor. We’ve already reported it to the Google team. Always confirm any action on your device and never type seed words until your Trezor asks you to,” the hardware wallet manufacturer added.
The fact of the matter is that as cryptocurrencies become more popular, copycats, scammers, and website spoofers will grow in number. Always make sure the URL is 100% correct when accessing the wallet, exchange, mining company, or any service you use with crypto. There have been plenty of cases where Google, Bing, and other popular browsers allow copycat spoof websites at the top of the results page, and some scams are even sponsored.
You can report phishing websites to Google and other browsers, so other individuals can have a safer browsing experience surfing the web. Moreover, many crypto companies like Coinbase offer people methods to report phishing and spoof sites as well.
What do you think about the growing number of copycat and spoof crypto sites? Let us know what you think about this subject