Phishing Campaign Targeting Ethereum Users

By   ISBuzz Team
Writer , Information Security Buzz | Nov 02, 2017 06:15 am PST

In response to new phishing campaign targeting users of the online Ethereum wallet website, Stephen Burke, Founder and CEO at Cyber Risk Aware commented below.

Stephen Burke, Founder and CEO at Cyber Risk Aware:

isbuzz author male 1 “The main points of note here are that cyber criminals are leveraging the same tricks as always

The URL closely matches the legitimate website which people clearly are not spotting or checking as they are under pressure timewise and their eyes see what they want to see. “Etherum” in this case. Staff are operating in a default “trust” position when In fact when it comes to money and personal data anything they should be in a “trust but verify” or better yet “don’t trust and verify” if we want to really tackle this. It is a mindset. People have become desensitised and banks refunding money easily is not helping as people think they will get it back. That is changing however and if you are negligent the bank won’t pay.

Web security courses can show people how to truly assess what makes up a URL so they have the skills to check. For home users and staff this lack of knowledge is a key issue. People just see URL’s as being a web site address but don’t fully appreciate how they can be made to look real when in fact they are dangerous, especially with shortened URL’s and subdomains. For example, is not Russian Facebook, it is with something about Facebook.