Happy New Year Steemians!
Hate for this to be my first post of the year, but I just found what could be one of the more elaborate scams I've seen in crypto. It involves a fake CoinTelegraph article/website and a fake MyEtherWallet site. Haven't seen much discussion on it, so please like and comment below so we can spread the word on this! DO NOT visit any links shown in this post, or input any information if you do.
It started when I received an article about an EOS Airdrop from what looked like CoinTelegraph. It showed up just like any other article (for some reason I can't seem to find the source now. I'm curious to know how they would've gotten my contact info):
Upon closer inspection, you can notice a "." underneath the "t" that stays with the link if you copy/paste it to the clipboard. Had you not noticed that, clicking the link brings you to the following article:
which, at first glance, almost looks like the real CoinTelegraph:
The bottom of the article has a link that takes you to fake EOS website:
Plugging in numbers for ETH shows the amount of EOS they claim they would airdrop. ETH wallet address links you to a fake MyEtherWallet:
I didn't explore past this point, and I don't use MEW so I'm not sure how the credential system works, but I'm assuming it would attempt to collect any credentials that could compromise the wallet.
Additionally, the fake CoinTelegraph site has a comment section that allows for one to input facebook, twitter, disqus, and gmail. Some of the links on the fake site redirect to the real CoinTelegraph as well.
It's blatantly suspicious if you take the time to notice a few details, but someone not paying attention, in a rush, or new to crypto might be especially vulnerable here.
I am not aware of any malware that can be downloaded from visiting, but if anyone has further input on this please let me know. It would also be greatly appreciated if anyone can explain:
- How this scam could successfully steal from your MyEtherWallet account
- Whether or not there are any other risks associated with this (keyloggers, malware, etc.)
If this is your first time hearing about this, please resteem! It may just help someone else!
Stay safe out there, and lets have a great 2018!