Pages:
Author

Topic: WATCH OUT MALICIOUS PAGE CLAIMS TO BE BLOCKCHAIN.INFO WALLET PAGE!! (Read 565 times)

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...It seems they are using a new url for their scam...

Thanks for the update. I think they are protecting themselves from the Google bots and change already reported links.

it is obvious that they use multiple links for this scam and from what I see they target foreign languages.

The best way to be safe is AdBlocker or Brave browser with all these privacy tools built in.

I would never spot this scam but I was using a fresh install of Firefox and there were no add-ons installed.

This is just insane that Google let them advertise these links until they are not reported multiple times.

Last time it took a few long weeks to take this site down. I think is too long especially when I have reported and informed Google correctly about this multiple times and I know that other members did this same.

Is just a conflict of interest and Google will act like until now because this is a lot of money for them.

I think advertising is the main profit maker for this moloch giant business.  
legendary
Activity: 3276
Merit: 3537
Nec Recisa Recedit
Old url:
Code:
blóckcháin.com

It seems they are using a new url for their scam.

Code:
https://login-bblockchain.com/



legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
Watch out this malicious web page is back online again. This time on Google Search pages with different languages like Polish and Czech.

I was able to find this malicious page as always on the first place of Google search displayed as advertising.

The best way to be safe from this type of scam is to use an Ad Blocker add-on in browsers. They remove these ads and we don't see them anymore.

Is quite powerful because I am using Ublock Origin for quite some time and haven't seen any of these ads.

Lately downloaded a new version of Firefox and launched with no AdBlocker. After the first search for Blockchain info wallet, I have found this malicious page again.

Another way to protect yourself is to bookmark all important pages.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users...

This is exactly what I thought when sent the report and after 2 weeks I have seen this page as still advertised in Google search at first place on the top of the screen.

I can only guess but I assume that scammers were able to generate a lot of clicks to this malicious website.

I couldn't believe that after my report this is still advertised but as you said the money is most important for Google, not the users.

legendary
Activity: 2688
Merit: 1192
Well spotted - Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users. The thing with these scams is they work on volume, so if they were able to fool just one big whale out of 10,000 people who click it - that is a major result for them. I have a feeling that advertiser actually got their account hacked and will be facing a rather large bill.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...They don't come to know unless someone like us reports about it.

Finally, this malicious page is down but took almost a month and multiple reports from random people for Google to take the action.

This is not how to report feature should work and I recommend to use AdBlocker (uBlock Origin) add-on or app of any kind to filter these ads.

This is the first step to protect yourself from malicious web sites.

I have just published a [GUIDE]Beginners Protect Yourself from Ransomware!!!, Please check it if you want to know what I do to stay safe online.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:


Maybe because this message is/was not visible for them?

When I found this malicious Blockchain.info wallet page this message was not shown and only thanks to my browser I realized that something is wrong.
My password was not filled in automatically. That was for me the first sign that the link I have used is malicious because has to be different from the bookmarked one which is saved in my browser that is why password feature doesn't fill the password when the site is fully loaded.

I was only one step away from sharing my password but luckily I use strong and suggested by the app passwords which I don't remember and have to look for if not filled automatically.
Of course in such circumstances, I check everything twice. The best way to avoid such a malicious page is to bookmark your links and use strong passwords together with apps like Lastpass or 1Password
legendary
Activity: 3094
Merit: 1472
-snip-

Well initially that kind of page doesn't shows until google receives report that the site ahead is instead a phishing site. Just think again: how would google know that a site is actually  a phishing site. They don't come to know unless someone like us reports about it.
full member
Activity: 462
Merit: 155
I appreciated the author of the topic by sharing a phising site of blockchain.com (official one). However, I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:

Moreover, they can apply my tips to discover other phissing sites and protect themselves from such dangerous sites.
Steps to check potential phising links
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
This is a good reason on why we need to use ad block or similar scripts



Agree and I am using uBlockOrigin with Google Chrome but this happened after fresh Firefox update and that is why it surprised me so.

I want to update that just recently this ad was removed from Google Search.

I assume is removed only because the campaign is over and not because Google blocked it  Wink, despite multiple raports.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms...
[/quote]

I was curious about this subject and did a little research on how Google checks advertisements and accepts google ads.

Like I thought they have so many ads approval requests that they use algorithms which sort this out quickly.

A Google AdWords Help thread has Google's Charvi explaining how long an AdWords ad can take to be approved.

"All new ads are submitted to us for review. We reviewed these as quickly as we can - usually within 3 business days and most often within 24 hours! If your ad complies with our policies and guidelines, it should be approved automatically. Sometimes, we need a human to confirm that your ad can be served."

So hackers use all tricks available to pass the algorithm and they are successful as we see.

The only problem I have with Google is that it takes so much time to take such ad out fro the search results after complaints.
legendary
Activity: 3094
Merit: 1472
Quote
Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.
It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?

I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms. They should be actually doing a review before they allow.

While in the end I also agree with magneto above said that they could actually avoid if they are cautious enough and keep certain things in mind before falling for it.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?
hero member
Activity: 1666
Merit: 753
Quote
Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.
It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.

Of course, you are right but think how many times daily are you using google search?

I am using it non stop from years only this time was without AdBlocker installed.

This is just insane that most used search service is the most dangerous one and so easy to exploit.
legendary
Activity: 3220
Merit: 1374
Slava Ukraini!
Thanks for warning. Personally, I never click on these type of ads shown in Google search results because I know that majority of such ads promote fake or scam websites. And it's not only about crypto. In most cases scammers promote fake online shops and similar stuff.
But we all know that Google doesn't allow ads related to cryptocurrency. But I'm wondering how they accept all these scam ads... Legit crypto projects don't have chance to promote themselves on Google, but there is no problem to advertise scams, phishing websites and similar shit. Seems weird to me.
legendary
Activity: 2646
Merit: 3911
This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.
They are lazy but in the past scam was done with more effort such as creating a blog and analyzing a lot of trusted wallets and then inserting a scam link as an official link and making the result appear first in Google search.
Some offer a download of the wallet through a fake hidden URL and lots of stories.

In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.

I know that this is an ad but despite this, if people are reporting this page as a malicious Google shouldn't wait and earn money on clicks only takedown immediately.

I am using AdBlocker on almost all my computers but this one I bought a few days ago and haven't installed one.

This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.
legendary
Activity: 2646
Merit: 3911
When I put "blockchain" in a google search I saw this in the first place:
The risk is not limited to the "Blockchain" word, but when conducting any search, be careful to click on the word ad. You clicked on ad links used for advertising and scamming, report to Google.

Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
I can still see this phishing web page in the google search in first place.

Be aware that Google doesn't do anything despite many people have reported this link or this takes very long to take such a page down.

Anyways the best solution is to bookmark all important URL or check them every time before using especially when using google search with no ad blocker.
Pages:
Jump to: