My last two articles focused on two sophisticated scams I recently come across. The first was an XLM scam: https://www.publish0x.com/protect-your-crypto/beware-of-this-sophisticated-xlm-scam-stay-safe-xojpng

The last one was a similarly sophisticated EOS scam: https://www.publish0x.com/protect-your-crypto/beware-of-a-new-wave-of-eos-scams-stay-safe-xjnely

Compared to these two scams, the latest one I have come across looks completely amateurish. It is a scam targeted as users of the Blockchain wallet. I did download the Blockchain wallet, so I wonder if somewhere along the line, they managed to hack a list of user emails.

The Blockchain wallet scam

The scam starts with an innocent looking email (Fig 1). The email is formatted to look like an official email from Blockchain.com. It uses the right fonts and the page design is line with official emails from them.

The big red flag here is the email sender. It is from ‘Blockchain centre’ and not from Blockchain.com and the domain sending the email looks very fishy. This alone should alert you the fact that this is a phishing email and stop you from going any further.

The email advises you that your wallet password has expired, and it invites you to go update your password. The other links on this page don’t work. This again should be screaming ‘scam’ to you at full volume!

Fig 1. The invitation email

In the interests of research, I clicked on the link. This directs you to a simple page below. Bizarrely, this is not even a web page it’s a Google document. Again, this should be a red flag.

Fig 2. Redirect page from invitation email

I didn’t get auto directed from this page and so had to click on the link. I assume this would be the case for everyone. You are then directed to the landing page below where they attempt to harvest your account. Here they request your wallet ID and your password and if you provide this, you have lost your wallet. With this information they have control of your wallet and with it, any crypto in it!

Fig 3. The ‘harvesting’

This page could only more obviously alert you its a scam if it had ‘SCAM ALERT’ flashing in bold neon font. The web page address is mis-spelt. The links to the App stores for Apple and Google do work though, so thanks for making the effort there guys!

Conclusion

Relative to some of the other scams I have recently seen, this one is decidedly amateurish. Whilst the screens look professional and authentic its obvious that it’s a phishing scam. I think this was a bit of a scam FAIL and I would only give it a 3 out of 10 for effort. (And I think i am being quite generous here).

I think with a little care and education, I would hope that you would all be able to see the tell-take signs here of a scam and that you could easily avoid it. The only way we can stop this type of malicious antisocial behaviour is to ensure that it doesn’t pay off. If the scammer catches zero fishes, then hopefully they will realise that its just not worth the effort. Like the dreaded RONA, if we take concerted effort, we can stamp this virus out too! Please stay safe and always check for the tell-take signs I have highlighted.

Thank you for your time and I hope that you enjoyed reading this article. If you would like to contribute to COVID lockdown income, I would be grateful for any small contributions you might like to make.

ETH: 0x08047f48e9ec9FA4BA4584e2C5C273Ca23170196

EOS: gu3dgmzqg4ge

BTC: 3C9QWhSYexerWeKqP4keS4N3nZZrsMiEGd