ForexMinute.com – Cryptocurrency exchanges have become a central hacking spot for most of the money stealing hackers. Less than a month ago, we heard the successful hacking attempt on BTER, in which over 51 million NXT coins were stolen. Even before BTER, many cryptocurrency exchanges have faced similar security breaches – the most famous being Mt. Gox which ultimately became the cause of its demise.
The latest to join the list of these exchanges is BitPay which was recently targeted by a bunch of amateur hackers. However, no coin was reported stolen as the hackers were relying on the highly detected method called “phishing”, but it still made the exchange to come out in the open and instruct its customers not to fall under such scams.
As it was the second similar attempt, the BitPay representative took CoinTelegraph.COM as the medium to inform users about phishing websites. As known to almost every internet junkie, phishing is one of the most common methods to steal information, ranging from user passwords to credit card details. This sort of attack takes place when a webpage wrongfully imitates another webpage in order to steal information (or money) from the unware users. Basically, the success of such hacking attempts relies solely on the alertness of users.
“There has been an email phishing attempt spoofing BitPay’s late payment notification email,” said the representative. “As always, BitPay’s security is the main priority. There has not been a breach to our system. It’s very unfortunate that these malicious attacks have been made on the bitcoin community.”
Here is the copy of the phishing page:
As you can see the image, there is an email address mentioned, firstname.lastname@example.org. The BitPay’s representative has clearly instructed the customers to ignore clicking on the link. It is not a legitimate BitPay email address. The real email address which sends system mails to customers is email@example.com, lacking an underscore. He later added:
“To stay vigilant and avoid any breaches, always look for the green BitPay, Inc. SSL certificate indicator in the browser window. Always be extra cautious about checking the domain name and EV SSL certificate when entering a password. If you use a personal computer with good password protection, let your browser store and populate user ids and passwords for you – the browser will not mistakenly enter your password on a phishing site. BitPay also strongly advises all of its merchants to enable Two-Factor Authentication on their accounts.”
To contact the reporter of the story: Yashu Gola at firstname.lastname@example.org
Subscribe to our daily forex newsletter for free by visiting www.forexminute.com/newsletter