ALERT! Elaborate EOS Airdrop SCAM!

3년 전

Happy New Year Steemians!

Hate for this to be my first post of the year, but I just found what could be one of the more elaborate scams I've seen in crypto. It involves a fake CoinTelegraph article/website and a fake MyEtherWallet site. Haven't seen much discussion on it, so please like and comment below so we can spread the word on this! DO NOT visit any links shown in this post, or input any information if you do.

It started when I received an article about an EOS Airdrop from what looked like CoinTelegraph. It showed up just like any other article (for some reason I can't seem to find the source now. I'm curious to know how they would've gotten my contact info):

SM1.PNG

Upon closer inspection, you can notice a "." underneath the "t" that stays with the link if you copy/paste it to the clipboard. Had you not noticed that, clicking the link brings you to the following article:

SM2.jpg

which, at first glance, almost looks like the real CoinTelegraph:

SM3.jpg

The bottom of the article has a link that takes you to fake EOS website:

SM4.PNG

SM5.jpg

SM6.jpg

Plugging in numbers for ETH shows the amount of EOS they claim they would airdrop. ETH wallet address links you to a fake MyEtherWallet:

SM7.jpg

I didn't explore past this point, and I don't use MEW so I'm not sure how the credential system works, but I'm assuming it would attempt to collect any credentials that could compromise the wallet.

Additionally, the fake CoinTelegraph site has a comment section that allows for one to input facebook, twitter, disqus, and gmail. Some of the links on the fake site redirect to the real CoinTelegraph as well.

It's blatantly suspicious if you take the time to notice a few details, but someone not paying attention, in a rush, or new to crypto might be especially vulnerable here.

I am not aware of any malware that can be downloaded from visiting, but if anyone has further input on this please let me know. It would also be greatly appreciated if anyone can explain:

  1. How this scam could successfully steal from your MyEtherWallet account
  2. Whether or not there are any other risks associated with this (keyloggers, malware, etc.)

If this is your first time hearing about this, please resteem! It may just help someone else!

Stay safe out there, and lets have a great 2018!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
STEEMKR.COM IS SPONSORED BY
ADVERTISEMENT
Sort Order:  trending

Good eye. I'm going get some people to look at this as well

·

Upvoted! please inform when you get some information.

·

Thank you @oraclefrequency! Definitely interested to know if you find anything

Seems like an attempt at spear phishing. Which essentially is a form of regular phishing (creating a fake scammer ran site mimicking an official one to steal information) but, is targeted to a specific person or group of people. You might want to spend some time to think about where your address could have been compromised.

If you could post the email address that would be of great help also! Either way good find and thanks for posting, you just might have saved someone A LOT of cryptocurrency.

·

Yep, I agree. Familiar with spear phishing as well. And hope this helped others too!

Thing is, I got this through Telegram not email. It came up as a notification on my phone. Source looks like it's been deleted but I'll keep looking.

I would assume if this was just spamming Telegram users there would be more information about it online. So far, I've only seen a couple of --short--Reddit posts about it.

I'll keep checking though. If I find anything, I'll post an update!

It amazes me to see how innovative these scammers can be. Hope people don't fall pray to this. Problem is it's very hard to notice what you noticed

·

Agreed; honestly I might've missed this myself but started digging deeper after talking with @extrospect and @grapthar. So many layers to this and I assume many people could fall victim to it. Hopefully we can spread this knowledge and prevent that!

It can steal from your ether wallet only and only if they get a malware inside your computer/any device you're using to get the private keys of your wallet. If they get your private key, you're done.

So many scams trying to get ya every day. gotta stay wary. good lookin!

·

Yeah no joke. This one surprised me because most of the scams I've seen are fairly blatant, but this has multiple layers and some links went to legit websites. It's only gonna get worse in 2018 with all the new investors coming in that can be easily exploited.

Please spread this around so people don't fall for it!

Here's the question on my mind. This phishing theft seems so rampant. Is there any law enforcement trying to hunt these guys down?

·

Crypto is still pretty much the Wild West. I'm sure if people reported it there would be a glance, but unless it's something major I doubt anything serious would come out of it.

Plus even if LE did get involved, it would still be almost impossible to recover any stolen coins :/

Almost. Thank god I checked and saw your post. I later noticed on a twitter post that the cointelegraph article site is like xn--coinelegraph-wk5f.com

·

Thank you @cokiemon!

Glad you saw it this too and that it helped. Hope it does the same for others too!

Warning taken and much appreciated.

·

No problem! Haven't seen much talk about this so hopefully it helps someone!

To send money out of a paper wallet on MyEtherWallet you have to enter your private code. MEW has had a lot of problems with phishing lately. Thanks for the tip, I probably would have never thought to look for a tiny dot below the letters.

·

I actually didn't notice it until the second look. Pretty subtle. Thanks for reading though and hope it helped!

Wow! Thanks for the eye opener

·

Sure thing! If I notice anything else about this I'll post an update

Good call on this! Thanks for the heads up.

·

No prob @mrwolf! Please spread the word so others don't get caught up in this! Hope it helps

I'm sorry for being such a noob, but can someone please explain to me what an "air drop" is?

·

Airdrop is basically a "marketing" strategy in crypto where you get free coins of another, often newer crypto, if you hold a certain crypto.

Most recent example I can think of is if you held NXT in bittrex, you were airdropped free IGNIS tokens at a rate of 0.5 per 1 NXT.

The scam I presented here claimed that for each ETH you held, you would get a certain number of EOS for free.

Hope that answers the question!

·
·

Yes! Thanks that answered my question very well. Thanks.

Thank you for your reminder! It is nice to know it!

·

Glad to help!

Thanks a lot. The scumbags that make this kind of stuff are evil

·

No prob! Let's get the word out and help prevent other people from falling for this!

That's a pretty elaborate scam indeed. Anyone not paying attention will most likely fall for this trick. Thankfully there are observant people like you that alerts others to this type of scams. You have my gratitude. Thank you.

·

No problem @riovanes, and yeah this is one of the most layered, elaborate scams I've seen so far. Hopefully we can spread this knowledge and prevent others from falling victim to it. Thank you for the comments, and stay safe!

Upvoted!Thanks Pal I got Nailed by USI-Tech..Not in 2018

·

Funny, I actually attended a USI-Tech "investment meeting" to see how they sold that to people. Was going to make a warning post on steemit about that before they ceased operations in the USA. Might write it anyway..

Thank you for the upvote!

·
·

Yor Welcome - Best to you

·

How did they get you?

An interesting comment, but it is more profitable to start a new day every day;)

Yesteraday i analyze eos bought at $9 next target $20
check my profile for more detail
EOS will break $12 next target $20

Damn gonna be looking at this

Nice catch - upvoted for awareness

မိုက္​တယ္​

Thanks for this

Thanks, almost fell for this and checked google as metamask reported the url as a phishing site... thanks! Glad I found this!!