skip to Main Content
bitcoin
Bitcoin (BTC) $ 98,165.30 0.64%
ethereum
Ethereum (ETH) $ 3,424.16 2.14%
tether
Tether (USDT) $ 1.00 0.14%
solana
Solana (SOL) $ 258.09 0.85%
bnb
BNB (BNB) $ 659.08 1.92%
xrp
XRP (XRP) $ 1.47 2.65%
dogecoin
Dogecoin (DOGE) $ 0.438474 6.55%
usd-coin
USDC (USDC) $ 0.998956 0.19%
cardano
Cardano (ADA) $ 1.08 2.10%
staked-ether
Lido Staked Ether (STETH) $ 3,421.97 2.19%

Fraudulent Site Impersonates Encrypted Messaging Service to Steal Bitcoins

A new Bitcoin-related scam emerged through a phishing site that impersonates a self-destructing encrypted notes service.

656 Total views

31 Total shares

Fraudulent Site Impersonates Encrypted Messaging Service to Steal Bitcoins

Cybercriminals have reportedly created a fake site version of the legitimate encrypted self-destructing notes service privnote.com. The fake version can be shared with other users to steal Bitcoin.

According to a June 14 report from KrebsOnSecurity, the creators of the encrypted notes service complained about a fake clone site, privnotes.com, whose scam scheme consists of the following:

“Any messages containing Bitcoin addresses will be automatically altered to include a different Bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.”

Privnote.com said in the report that the phishing site does not apply encryption systems. Instead, the cybercriminals can read and/or modify all messages sent by users, in addition to using an automated script that scours messages for Bitcoin (BTC) addresses, and replaces them with scammers’ wallet address.

A ”smart” scam

On the fake site, Allison Nixon, chief research officer at cybersecurity firm Unit 221B, said the scam is “pretty smart,” explaining: 

“Because of the design of the site, the sender won’t be able to view the message because it self destructs after one open, and the type of people using privnote aren’t the type of people who are going to send that bitcoin wallet any other way for verification purposes.”

One of the factors that alert the company is the fact that because both URLs are similar, when doing a Google search with the term “privnotes,” the user will see the first shot of a Google’s paid aid, which is the phishing site. The second result is the legit website.

Recent Bitcoin-related scams

In May, Harry Denley, a crypto-security researcher, discovered almost 22 Google Chrome web browser extensions built to steal their users’ cryptocurrencies. The extensions he found impersonated well-known crypto firms such as Ledger, KeepKey, MetaMask, and Jaxx.

Cointelegraph reached out to privnote.com but received no reply as of press time. This article will be updated should a response come in.

Loading data ...
Comparison
View chart compare
View table compare
Back To Top