IMG-LOGO

Netskope Discovers Hackers Are Using Google Sites and Microsoft Azure to Steal Crypto

News Feed - 2022-08-13 05:08:50

Netskope Discovers Hackers Are Using Google Sites and Microsoft Azure to Steal Crypto


Attackers are taking advantage of certain SEO techniques to direct users to phishing sites for wallet apps like Metamask and exchanges such as Coinbase and Kraken. These sites, created in Google Sites and Microsoft Azure, fool users into introducing their personal information, allowing malevolent entities to siphon their funds from these services, according to Netskope. Cryptocurrency Phishing Scheme Uses SEO, Google Sites, and Microsoft Azure, According to Netskope


A new kind of cryptocurrency phishing scam scheme has been detected by Netskope, an online security company, that involves SEO techniques and copycat pages. According to a report from the company, throughout 2022, it has been detected that attackers are using blogs as tools to distribute links to phishing sites.


In these blogs, the attackers post links with SEO content that allows them to rank high in search engine queries. This means that the links will be reviewed by many people, which can then open them to believing these are linking to real crypto sites. However, the links are directing the users to phishing sites that are very similar to crypto-based sites, such as the website for Metamask.


Other sites also mimic exchanges such as Coinbase, Gemini, and Kraken. Phishing Mechanism


These phishing sites, which are hosted either on Google Sites or use Microsoft Azure, are designed to fool the users and take their personal information in two different ways. The first one has to do with acquiring the private seeds of the wallets of the users directly by prompting them to import this data. This is the method that the Metamask phishing site is currently using.


The second one has to do with obtaining the info of the users’ accounts in any of the exchanges being phished. When the users input their info, the sites return an error and prompt them to contact a support operator that will try to obtain more info about the users to successfully acquire their funds.


Netskope stated:


Netskope strongly recommends users never enter credentials after clicking on a link. Instead, always navigate directly to the site you are trying to log in to. For organizations, we also recommend using a secure web gateway, capable of detecting and blocking phishing in real-time.


Phishing scams are not new in the cryptocurrency world. Binance detected and warned about a massive phishing scam involving SMS in February. Tags in this story Coinbase, Crypto, Gemini, google sites, Kraken, metamask, Microsoft Azure, netskope, Phishing


What do you think about the new phishing scheme involving SEO, Google Sites, and Microsoft Azure-hosted webpages? Tell us in the comments section below. Sergio Goschenko


Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price rise happened during December 2017. Having a computer engineering background, living in Venezuela, and being impacted by the cryptocurrency boom at a social level, he offers a different point of view about crypto success and how it helps the unbanked and underserved. Leaked Personal Data of 1 Billion Chinese Citizens on Sale for 10 Bitcoins — Hacker Claims Stolen From Shanghai Police SECURITY | Jul 5, 2022 Opensea CEO Dismisses $200 Million Hack Rumor, Claims Incident Was a Phishing Attack SECURITY | Feb 20, 2022


Image Credits: Shutterstock, Pixabay, Wiki Commons Previous articlePhilippines’ Unionbank to Support Cryptocurrency Exchange via Mobile App Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItRipple CEO: SEC Lawsuit Over XRP "Has Gone Exceedingly Well"


The CEO of Ripple Labs says that the lawsuit brought by the U.S. Securities and Exchange Commission (SEC) against him and his company over XRP "has gone exceedingly well." He stressed: "This case is important, not just for Ripple, it’s ... read more.Following a Brief Fee Spike, Gas Prices to Move Ethereum Drop 76% in 12 Days Today"s Top Ethereum and Bitcoin Mining Devices Continue to Rake in Profits Privacy-Centric Monero Plans for July Hard Fork, Plans Include Ring Signature, Bulletproof Upgrade Survey: Adoption in Argentina Grows, With 12 out of 100 Adults Having Invested in Crypto