WATCH OUT MALICIOUS PAGE CLAIMS TO BE BLOCKCHAIN.INFO WALLET PAGE!!

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: bitbollo on May 22, 2019, 02:39:46 PM

...It seems they are using a new url for their scam...

Thanks for the update. I think they are protecting themselves from the Google bots and change already reported links.

it is obvious that they use multiple links for this scam and from what I see they target foreign languages.

The best way to be safe is AdBlocker or Brave browser with all these privacy tools built in.

I would never spot this scam but I was using a fresh install of Firefox and there were no add-ons installed.

This is just insane that Google let them advertise these links until they are not reported multiple times.

Last time it took a few long weeks to take this site down. I think is too long especially when I have reported and informed Google correctly about this multiple times and I know that other members did this same.

Is just a conflict of interest and Google will act like until now because this is a lot of money for them.

I think advertising is the main profit maker for this moloch giant business.

bitbollo

legendary

Activity: 3248

Merit: 3485

Nec Recisa Recedit

Old url:

Code:

blóckcháin.com

It seems they are using a new url for their scam.

Code:

https://login-bblockchain.com/

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Watch out this malicious web page is back online again. This time on Google Search pages with different languages like Polish and Czech.

I was able to find this malicious page as always on the first place of Google search displayed as advertising.

The best way to be safe from this type of scam is to use an Ad Blocker add-on in browsers. They remove these ads and we don't see them anymore.

Is quite powerful because I am using Ublock Origin for quite some time and haven't seen any of these ads.

Lately downloaded a new version of Firefox and launched with no AdBlocker. After the first search for Blockchain info wallet, I have found this malicious page again.

Another way to protect yourself is to bookmark all important pages.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: Fortify on April 19, 2019, 03:43:26 PM

...Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users...

This is exactly what I thought when sent the report and after 2 weeks I have seen this page as still advertised in Google search at first place on the top of the screen.

I can only guess but I assume that scammers were able to generate a lot of clicks to this malicious website.

I couldn't believe that after my report this is still advertised but as you said the money is most important for Google, not the users.

Fortify

legendary

Activity: 2646

Merit: 1176

Well spotted - Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users. The thing with these scams is they work on volume, so if they were able to fool just one big whale out of 10,000 people who click it - that is a major result for them. I have a feeling that advertiser actually got their account hacked and will be facing a rather large bill.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: Avirunes on April 17, 2019, 04:29:31 AM

...They don't come to know unless someone like us reports about it.

Finally, this malicious page is down but took almost a month and multiple reports from random people for Google to take the action.

This is not how to report feature should work and I recommend to use AdBlocker (uBlock Origin) add-on or app of any kind to filter these ads.

This is the first step to protect yourself from malicious web sites.

I have just published a [GUIDE]Beginners Protect Yourself from Ransomware!!!, Please check it if you want to know what I do to stay safe online.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: lobcmt2 on April 17, 2019, 02:55:49 AM

...I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:

Maybe because this message is/was not visible for them?

When I found this malicious Blockchain.info wallet page this message was not shown and only thanks to my browser I realized that something is wrong.
My password was not filled in automatically. That was for me the first sign that the link I have used is malicious because has to be different from the bookmarked one which is saved in my browser that is why password feature doesn't fill the password when the site is fully loaded.

I was only one step away from sharing my password but luckily I use strong and suggested by the app passwords which I don't remember and have to look for if not filled automatically.
Of course in such circumstances, I check everything twice. The best way to avoid such a malicious page is to bookmark your links and use strong passwords together with apps like Lastpass or 1Password

Avirunes

legendary

Activity: 3094

Merit: 1468

Quote from: lobcmt2 on April 17, 2019, 02:55:49 AM

-snip-

Well initially that kind of page doesn't shows until google receives report that the site ahead is instead a phishing site. Just think again: how would google know that a site is actually a phishing site. They don't come to know unless someone like us reports about it.

lobcmt2

full member

Activity: 462

Merit: 155

I appreciated the author of the topic by sharing a phising site of blockchain.com (official one). However, I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:

Moreover, they can apply my tips to discover other phissing sites and protect themselves from such dangerous sites.
Steps to check potential phising links

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: coinlocket$ on February 25, 2019, 05:57:51 AM

This is a good reason on why we need to use ad block or similar scripts

Agree and I am using uBlockOrigin with Google Chrome but this happened after fresh Firefox update and that is why it surprised me so.

I want to update that just recently this ad was removed from Google Search.

I assume is removed only because the campaign is over and not because Google blocked it Wink

, despite multiple raports.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: Avirunes on March 05, 2019, 10:42:30 AM

I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms...
[/quote]

I was curious about this subject and did a little research on how Google checks advertisements and accepts google ads.

Like I thought they have so many ads approval requests that they use algorithms which sort this out quickly.

A Google AdWords Help thread has Google's Charvi explaining how long an AdWords ad can take to be approved.

"All new ads are submitted to us for review. We reviewed these as quickly as we can - usually within 3 business days and most often within 24 hours! If your ad complies with our policies and guidelines, it should be approved automatically. Sometimes, we need a human to confirm that your ad can be served."

So hackers use all tricks available to pass the algorithm and they are successful as we see.

The only problem I have with Google is that it takes so much time to take such ad out fro the search results after complaints.

Avirunes

legendary

Activity: 3094

Merit: 1468

Quote from: wwzsocki on March 05, 2019, 07:37:46 AM

Quote from: magneto on March 04, 2019, 06:21:23 PM

Quote

Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.

It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?

I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms. They should be actually doing a review before they allow.

While in the end I also agree with magneto above said that they could actually avoid if they are cautious enough and keep certain things in mind before falling for it.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: magneto on March 04, 2019, 06:21:23 PM

...These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?

magneto

hero member

Activity: 1666

Merit: 753

Quote

Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.

It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: hugeblack on March 03, 2019, 08:01:59 AM

...In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.

Of course, you are right but think how many times daily are you using google search?

I am using it non stop from years only this time was without AdBlocker installed.

This is just insane that most used search service is the most dangerous one and so easy to exploit.

LTU_btc

legendary

Activity: 3038

Merit: 1330

Slava Ukraini!

Thanks for warning. Personally, I never click on these type of ads shown in Google search results because I know that majority of such ads promote fake or scam websites. And it's not only about crypto. In most cases scammers promote fake online shops and similar stuff.
But we all know that Google doesn't allow ads related to cryptocurrency. But I'm wondering how they accept all these scam ads... Legit crypto projects don't have chance to promote themselves on Google, but there is no problem to advertise scams, phishing websites and similar shit. Seems weird to me.

hugeblack

legendary

Activity: 2506

Merit: 3645

Buy/Sell crypto at BestChange

Quote from: wwzsocki on March 02, 2019, 11:13:49 AM

This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.

They are lazy but in the past scam was done with more effort such as creating a blog and analyzing a lot of trusted wallets and then inserting a scam link as an official link and making the result appear first in Google search.
Some offer a download of the wallet through a fake hidden URL and lots of stories.

In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

Quote from: hugeblack on March 02, 2019, 01:54:35 AM

...Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.

I know that this is an ad but despite this, if people are reporting this page as a malicious Google shouldn't wait and earn money on clicks only takedown immediately.

I am using AdBlocker on almost all my computers but this one I bought a few days ago and haven't installed one.

This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.

hugeblack

legendary

Activity: 2506

Merit: 3645

Buy/Sell crypto at BestChange

Quote from: wwzsocki on February 25, 2019, 05:47:56 AM

When I put "blockchain" in a google search I saw this in the first place:

The risk is not limited to the "Blockchain" word, but when conducting any search, be careful to click on the word ad. You clicked on ad links used for advertising and scamming, report to Google.

Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.

wwzsocki

legendary

Activity: 2744

Merit: 1708

First 100% Liquid Stablecoin Backed by Gold

I can still see this phishing web page in the google search in first place.

Be aware that Google doesn't do anything despite many people have reported this link or this takes very long to take such a page down.

Anyways the best solution is to bookmark all important URL or check them every time before using especially when using google search with no ad blocker.

Topic: WATCH OUT MALICIOUS PAGE CLAIMS TO BE BLOCKCHAIN.INFO WALLET PAGE!! (Read 516 times)