Unfortunately, criminals always try to exploit the weaknesses of the common user and the lack of lightness they offer to emails involving services related to the crypto and blockchain world, such as centralized exchanges. In most cases we find ourselves being contacted for various problems or updates to be done on our account on the exchange and with a lot of links to follow to take us quickly to the relevant platform so as to log in with our credentials but unfortunately we are only doing the criminal game because in that case we are handing over our data to the criminals and that way they will be able to access our account. Obviously we are talking about a technique called phishing, that is to make the victim believe that they are on legitimate platforms, of which they have all the graphic aspect, but behind the criminals are hiding and therefore ready to recover the credentials of the unfortunate. Criminals use various systems to get in touch with victims, and one of this is obviously e-mail, where they send messages repeatedly and in various forms, and today we will analyze just one of these emails that happened in my e-mail address electronics. Scrolling through the received mail, I notice one relating to the Blockchain.com platform, a platform famous for exchanging crypto and more, and I see that in the object I can read " " and therefore I can deduce that someone may have entered my Blockchain.com account somehow, and have access to my crypto: An application has been linked to your account Who hasn't seen me get warning messages about suspicious account movements? Surely to many, and therefore precisely on this lever the criminals are operating, that is to make the victim believe that someone has entered our account X and is operating, but none of this is true. Going to analyze the content of the email, I can immediately check that the sender is strange and presents itself as " " which is completely strange since the correct address for these notifications is " "and moreover the content is more complete with also our ID of the wallet we have but also various information with access data, IP address, time, type of browser used and also the operating system . arturo@tago.com.py notify@wallet-tx.blockchain.com While in this case we can only see that a third-party application has been linked to our account, Yahoo Finance, notifying us that if we have not carried out this operation, invites us to remove the related application: It is true that I have an account on , but it is equally true that it arrived at the wrong email address and that I usually use, so this already shows how it is sent to all those who have an email address and not to who has an account on that platform, taking advantage of the probability that someone may have an account of that type, as in my case. Blockchain.com But let's go on in this analysis and as a good programmer that I am, and as a virus collector for my , I take the necessary precautions to see where the link takes me once I click on the remove app button, which in this case takes me to a simple page where I have to , i.e. the seed of my wallet to enter the site: Spam & Virus Database enter my 12-word backup phrase Unfortunately none of this is true because there are other credentials to access the platform and for sure the seed of my wallet is not one of them, but this shows how instead the criminals want to get the seed to take all our crypto associated with that wallet. With this we can demonstrate that the relative email that arrived to us was nothing more than an innovative system to recover the credentials of the victims who follow the relative attached link. In these cases, small precautions are enough to defend oneself, such as: Check the sender's address Check for any suspicious elements in the email and compare it with other previously received Do not follow any links in these emails but in general in any type of suspicious email Remember " " Don't Trust, Verify!

2022 - HackerNoon Contributor of the Year - Crypto Adoption

2022 - HackerNoon Contributor of the Year - Crypto Trading

2022 - HackerNoon Contributor of the Year - Tokenization

Check my free book Mastering EOS

Read My Stories

All my books (over 100)

My StartUp

1 NFT = 1 Book 

A must-read book

Invest in my StartUp

Nominated for 2022 - HackerNoon Contributor of the Year - Crypto Trading

Nominated for 2022 - HackerNoon Contributor of the Year - Tokenization

Nominated for 2022 - HackerNoon Contributor of the Year - Crypto Adoption

Too Long; Didn't Read

Questions about cloud security? Get answers here.

Phishers In Crypto Are Getting Smarter - And So Should You

Phishers In Crypto Are Getting Smarter - And So Should You

Too Long; Didn't Read

Alfredo de Candia

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

Phishers In Crypto Are Getting Smarter - And So Should You

Too Long; Didn't Read

Alfredo de Candia

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES