Netskope Finds Hackers Using Google Sites and Microsoft Azure to Steal Crypto

0

Attackers use certain web optimization methods to redirect customers to phishing websites for handheld apps like Metamask and exchanges like Coinbase and Kraken. According to Netskope, these websites, created on Google and Microsoft Azure websites, trick customers into providing their personal data, allowing attackers to withdraw money from these providers.

Cryptocurrency phishing program Uses web optimization, Google and Microsoft Azure websites, according to Netskope

Netskope, a web-based security company, has identified a brand new type of cryptocurrency phishing scam that offers web optimization methods and bogus pages. According to a report by the company, throughout 2022 attackers were found to use blogs as software to distribute links to phishing websites.

On these blogs, attackers post hyperlinks with web optimization content which leads them to get excessive ranking in search engine queries. For this reason, the hyperlinks may be scrutinized by many people, which may lead them to imagine that they are referring to genuine crypto websites. Nonetheless, the hyperlinks lead customers to phishing websites which may be similar to crypto-based websites, just like the Metamask website.

Different websites also emulate exchanges like Coinbase, Gemini, and Kraken.

Phishing mechanism

These phishing websites hosted on Google websites or using Microsoft Azure are designed to cheat customers and get their private data in two other ways. The main one is to acquire the non-public seeds of clients’ wallets by instantly asking them to import this information. This is the tactic that the phishing website Metamask currently uses.

The second concerns the acquisition of customer account data on any phishing trade. When customers enter their data, the websites return an error and ask them to contact a support operator who will try to find out more about the customers in order to get their funds efficiently.

Netscope mentioned:

Netskope strongly recommends that customers never enter their credentials after clicking on a hyperlink. Instead, always go to where you’re trying to connect. For organizations, we also recommend using a secure network gateway that can detect and block phishing in real time.

Phishing scams are not new to the world of cryptocurrencies. Binance detected and warned of a serious phishing scam involving text messages in February.

What do you think of the brand new phishing scheme, which incorporates web optimization, Google websites and Microsoft Azure hosted web pages? Tell us in the remark part below.

Sergio Goschenko

Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late in the game, entering the cryptosphere when the price soared in December 2017. With a background in laptop engineering, residing in Venezuela, and socially affected by the rise in cryptocurrency, it offers a unique perspective. on the success of crypto and how it helps the unbanked and underserved.

Image credit score: Shutterstock, Pixabay, Wiki Commons

disclaimer: This text is for informational purposes only. It is not a direct provision or solicitation of an offer to buy or promote, or a recommendation or endorsement of any product, service or company. Bitcoin.com does not present funding, tax, authorized or accounting recommendations. Neither the company nor the creator is liable, instantaneously or otherwise, for any damage or loss allegedly caused by or in reference to the use of or reliance on any content, material or provider mentioned in this article.
Share.

Comments are closed.