Author

Topic: WATCH OUT MALICIOUS PAGE CLAIMS TO BE BLOCKCHAIN.INFO WALLET PAGE!! (Read 568 times)

legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...It seems they are using a new url for their scam...

Thanks for the update. I think they are protecting themselves from the Google bots and change already reported links.

it is obvious that they use multiple links for this scam and from what I see they target foreign languages.

The best way to be safe is AdBlocker or Brave browser with all these privacy tools built in.

I would never spot this scam but I was using a fresh install of Firefox and there were no add-ons installed.

This is just insane that Google let them advertise these links until they are not reported multiple times.

Last time it took a few long weeks to take this site down. I think is too long especially when I have reported and informed Google correctly about this multiple times and I know that other members did this same.

Is just a conflict of interest and Google will act like until now because this is a lot of money for them.

I think advertising is the main profit maker for this moloch giant business.  
legendary
Activity: 3276
Merit: 3537
Nec Recisa Recedit
Old url:
Code:
blóckcháin.com

It seems they are using a new url for their scam.

Code:
https://login-bblockchain.com/



legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
Watch out this malicious web page is back online again. This time on Google Search pages with different languages like Polish and Czech.

I was able to find this malicious page as always on the first place of Google search displayed as advertising.

The best way to be safe from this type of scam is to use an Ad Blocker add-on in browsers. They remove these ads and we don't see them anymore.

Is quite powerful because I am using Ublock Origin for quite some time and haven't seen any of these ads.

Lately downloaded a new version of Firefox and launched with no AdBlocker. After the first search for Blockchain info wallet, I have found this malicious page again.

Another way to protect yourself is to bookmark all important pages.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users...

This is exactly what I thought when sent the report and after 2 weeks I have seen this page as still advertised in Google search at first place on the top of the screen.

I can only guess but I assume that scammers were able to generate a lot of clicks to this malicious website.

I couldn't believe that after my report this is still advertised but as you said the money is most important for Google, not the users.

legendary
Activity: 2688
Merit: 1192
Well spotted - Google really should be better at catching these things by now, but they are clearly more interested in earning money than protecting search users. The thing with these scams is they work on volume, so if they were able to fool just one big whale out of 10,000 people who click it - that is a major result for them. I have a feeling that advertiser actually got their account hacked and will be facing a rather large bill.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...They don't come to know unless someone like us reports about it.

Finally, this malicious page is down but took almost a month and multiple reports from random people for Google to take the action.

This is not how to report feature should work and I recommend to use AdBlocker (uBlock Origin) add-on or app of any kind to filter these ads.

This is the first step to protect yourself from malicious web sites.

I have just published a [GUIDE]Beginners Protect Yourself from Ransomware!!!, Please check it if you want to know what I do to stay safe online.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:


Maybe because this message is/was not visible for them?

When I found this malicious Blockchain.info wallet page this message was not shown and only thanks to my browser I realized that something is wrong.
My password was not filled in automatically. That was for me the first sign that the link I have used is malicious because has to be different from the bookmarked one which is saved in my browser that is why password feature doesn't fill the password when the site is fully loaded.

I was only one step away from sharing my password but luckily I use strong and suggested by the app passwords which I don't remember and have to look for if not filled automatically.
Of course in such circumstances, I check everything twice. The best way to avoid such a malicious page is to bookmark your links and use strong passwords together with apps like Lastpass or 1Password
legendary
Activity: 3094
Merit: 1472
-snip-

Well initially that kind of page doesn't shows until google receives report that the site ahead is instead a phishing site. Just think again: how would google know that a site is actually  a phishing site. They don't come to know unless someone like us reports about it.
full member
Activity: 462
Merit: 155
I appreciated the author of the topic by sharing a phising site of blockchain.com (official one). However, I don't know why people keep intentionally visit, and log in on phising site by ignoring the security message, like this:

Moreover, they can apply my tips to discover other phissing sites and protect themselves from such dangerous sites.
Steps to check potential phising links
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
This is a good reason on why we need to use ad block or similar scripts



Agree and I am using uBlockOrigin with Google Chrome but this happened after fresh Firefox update and that is why it surprised me so.

I want to update that just recently this ad was removed from Google Search.

I assume is removed only because the campaign is over and not because Google blocked it  Wink, despite multiple raports.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms...
[/quote]

I was curious about this subject and did a little research on how Google checks advertisements and accepts google ads.

Like I thought they have so many ads approval requests that they use algorithms which sort this out quickly.

A Google AdWords Help thread has Google's Charvi explaining how long an AdWords ad can take to be approved.

"All new ads are submitted to us for review. We reviewed these as quickly as we can - usually within 3 business days and most often within 24 hours! If your ad complies with our policies and guidelines, it should be approved automatically. Sometimes, we need a human to confirm that your ad can be served."

So hackers use all tricks available to pass the algorithm and they are successful as we see.

The only problem I have with Google is that it takes so much time to take such ad out fro the search results after complaints.
legendary
Activity: 3094
Merit: 1472
Quote
Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.
It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?

I have this feeling that they actually don't review the content while allowing apps or advertisement on their platforms. They should be actually doing a review before they allow.

While in the end I also agree with magneto above said that they could actually avoid if they are cautious enough and keep certain things in mind before falling for it.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.

This is just insane for me that Google knows about this and do nothing to stop this. This should be prohibited and banned when found.

I think Google wants that people trust them.

If this situation will be ongoing many people will finally switch to another safer browser and of course use AdBlockers which will have a significant impact on google ads and their revenue.

Don't you think?
hero member
Activity: 1666
Merit: 753
Quote
Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.
It's not just something that is done with blockchain.info either.

There has been plenty of phishing sites that have been hosted on google ads, including exchanges and other wallets. I'd always steer clear of clicking on any google ads from the results as well as from website advertisements. Usually, the top natural search results are the legit sites (but even that is not 100% foolproof), which means that you should always cross examine the URL with the official one to avoid being phished.

These scams can come in all shapes and sizes, ranging from google ads to emails, but at the end of the day, they can be avoided. As you suggest, having a bookmark folder for common used sites or memorising the site URL instead of searching it up on google all the time greatly reduces the risk of falling into one of them.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.

Of course, you are right but think how many times daily are you using google search?

I am using it non stop from years only this time was without AdBlocker installed.

This is just insane that most used search service is the most dangerous one and so easy to exploit.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
Thanks for warning. Personally, I never click on these type of ads shown in Google search results because I know that majority of such ads promote fake or scam websites. And it's not only about crypto. In most cases scammers promote fake online shops and similar stuff.
But we all know that Google doesn't allow ads related to cryptocurrency. But I'm wondering how they accept all these scam ads... Legit crypto projects don't have chance to promote themselves on Google, but there is no problem to advertise scams, phishing websites and similar shit. Seems weird to me.
legendary
Activity: 2702
Merit: 4002
This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.
They are lazy but in the past scam was done with more effort such as creating a blog and analyzing a lot of trusted wallets and then inserting a scam link as an official link and making the result appear first in Google search.
Some offer a download of the wallet through a fake hidden URL and lots of stories.

In short, do not trust Google first search page, Google does not help scammers but they know how to misuse it.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.

I know that this is an ad but despite this, if people are reporting this page as a malicious Google shouldn't wait and earn money on clicks only takedown immediately.

I am using AdBlocker on almost all my computers but this one I bought a few days ago and haven't installed one.

This is just insane how easy it is for hackers to be on the first page of Google search with a fully cloned malicious page.
legendary
Activity: 2702
Merit: 4002
When I put "blockchain" in a google search I saw this in the first place:
The risk is not limited to the "Blockchain" word, but when conducting any search, be careful to click on the word ad. You clicked on ad links used for advertising and scamming, report to Google.

Many scammers buy Google ads to promote their ads, and they put up fake links "of famous web wallets or platforms" to scam others.
Be careful and prefer to modify the HOST file when you visit Google.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
I can still see this phishing web page in the google search in first place.

Be aware that Google doesn't do anything despite many people have reported this link or this takes very long to take such a page down.

Anyways the best solution is to bookmark all important URL or check them every time before using especially when using google search with no ad blocker.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
...Which one on you image? Am I missing something?

Don't click on that link in google search only copy and paste and you will be redirected to this shop. I know strange and that is why I shared this.

If you come with the cursor on that link in google search you will see a google link. I wanted to share this link here and that is why I copied him. Later I wanted to open this page so I go to search bar and choose paste and go.

This is the link you will see when you put your cursor on the google search link:

https://www.google.com/aclk?sa=L&ai=DChcSEwib8d2Jx9bgAhVD-FEKHckmB50YABAAGgJ3cw&sig=AOD64_3S7eTz6qslz2C_evltwnR37O1sXA&q=&ved=2ahUKEwj88NmJx9bgAhVMxxoKHc0RAEoQ0Qx6BAgEEAE&adurl=

Now copy and paste this link in a fresh window and you will see this car parts shop and if you click on that link in google search you will be redirected to this phishing wallet page.

Maybe this is why they were not detected by Google bots?

I hope this helps.
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
~snip~

I just don't understand how Google can do it?

They are taking money from obvious scammers and put their phishing links on the top of search results.

You don't need any skills to know that this is a phishing scam.

How Google can do it??? Anybody?
Google may not be aware of it. It's the bot which verified it and approved the ad. There must be a way to report it to google. They will have a manual review team and if they can spot it then they will ban it, I think.

Edit:
I wanted to log in to my Blockchain wallet and made a fast google search for the link.

When I put "blockchain" in a google search I saw this in the first place:

~image removed~

What is strange that the link is not readable in google search when you put the cursor on it in there is only a google link visible:

https://www.google.com/aclk?sa=L&ai=DChcSEwib8d2Jx9bgAhVD-FEKHckmB50YABAAGgJ3cw&sig=AOD64_3S7eTz6qslz2C_evltwnR37O1sXA&q=&ved=2ahUKEwj88NmJx9bgAhVMxxoKHc0RAEoQ0Qx6BAgEEAE&adurl=

When you copy and paste this link you will be redirected to a car parts store I assume phishing too:

~image removed~

And if you click in a google search on that link you will be redirected to this link and this page:

https://blóckcháin.com/wallet/#/login

~image removed~

Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.


Ok wait OP. I think I am missing something. Taking to the site daspore.cf when you click on the add is ok. I think the company wanted to target Blockchain users.

But how do you find the following site from there website:
Code:
blóckcháin.com

I just checked and can not figure it out.

Quote
And if you click in a google search on that link you will be redirected to this link and this page:

https://blóckcháin.com/wallet/#/login

Which one on you image? Am I missing something?
hero member
Activity: 2604
Merit: 816
🐺Spinarium.com🐺 - iGaming casino
That is why we need always to be careful when we want to visit some links. Don't trust with the links you get, and you need to always double check before you make something. Related with blockchain, I think you can try to bookmark the blockchain links so whenever you want to log in into your account, you don't have to worry if you visit the wrong links. But I think you can try to move your balance into an offline wallet like bitcoin-qt or electrum or else so you don't have to visit any links that can make you confuse.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
Thank you for sharing that.

Phising websites have become rampant and scammers have found this new way of paying Google and promote them at the top. Something similar has happened with tronscan.org (it is the respective Block Explorer for the TRON network). Scammers have paid Google and when you type "tronscan" a phising link appears at the top.

Everyone Watch out... The best solution is to bookmark the websites that you have to access your wallets.

I just don't understand how Google can do it?

They are taking money from obvious scammers and put their phishing links on the top of search results.

You don't need any skills to know that this is a phishing scam.

How Google can do it??? Anybody?
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
~snip~
This is the reason of not to use Google search for a domain name which contains sensitive information. It's better to memories the domain name and type it in the browser's address bar manually.

I will also suggest the users not to copy the phishing address and try it in your browser. Your browser's cache memory may save the information and next time when you will try to type it will give you suggested url and by mistake you may find yourself in that phishing site.

Stay safe.


Cheers :-)
legendary
Activity: 2534
Merit: 1517
#1 VIP Crypto Casino
This is a good reason on why we need to use ad block or similar scripts

member
Activity: 980
Merit: 62
Thank you for sharing that.

Phising websites have become rampant and scammers have found this new way of paying Google and promote them at the top. Something similar has happened with tronscan.org (it is the respective Block Explorer for the TRON network). Scammers have paid Google and when you type "tronscan" a phising link appears at the top.

Everyone Watch out... The best solution is to bookmark the websites that you have to access your wallets.
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
I wanted to log into my Blockchain.info wallet and made a fast Google search for the link when I was using for the first time fresh installed Firefox browser with no add-ons at all.

When I wrote "blockchain" in a Google Search bar I saw this as a search result in the first place:



What is strange that the link is not readable in Google search when you put the cursor on it, there is only this Google link visible at the moment:

https://www.google.com/aclk?sa=L&ai=DChcSEwib8d2Jx9bgAhVD-FEKHckmB50YABAAGgJ3cw&sig=AOD64_3S7eTz6qslz2C_evltwnR37O1sXA&q=&ved=2ahUKEwj88NmJx9bgAhVMxxoKHc0RAEoQ0Qx6BAgEEAE&adurl=  WATCH OUT MALICIOUS DONT USE!!!

When you copy and paste this link you will be redirected to a car parts store, I assume phishing too:



And if you click in Google Search on that link, you will be redirected to this link and this page:

https://blóckcháin.com/wallet/#/login WATCH OUT MALICIOUS DONT USE!!!



Stay away from this site and always double check all links you click. The best way is to bookmark all the important links.


This is very strange, as you see when this link is copy and pasted, then redirects to a different page as clicked directly. I think somebody with a lot more extensive knowledge is needed to explain, why these links behave like this? I can only assume, that this has something to do with Google bots, but this is only my personal guess.



I have just published: [GUIDE]Beginners Protect Yourself from Ransomware!!!.

Please check it if you want to know what I do to stay safe online.
Jump to: