Phishing

When a scammer pretends to be a trusted institution or person to trick people into revealing sensitive information often through a malware link disguised as legitimate.


When a scammer pretends to be a trusted institution or person to trick people into revealing sensitive information often through a malware link disguised as legitimate.

What Is Phishing?

Crypto phishing is a popular way to attack victims to reveal their private keys unknowingly. The victim is scammed into trusting the attacker, pretending to be a legitimate website or email. After obtaining the information, the victim’s funds are drained from their wallet. 

Crypto phishing is becoming an increasingly big phenomenon in the industry, with attackers targeting the victims’ wallets and exchange accounts.

How Does Crypto Phishing Work?

A common crypto phishing attack is sending mass emails or messages. The emails or messages are specifically designed to look as realistic as possible to dupe the victims into believing they are receiving a real message. Often these emails target the users of a crypto exchange or protocol. 

The message generally contains a link to a fake website that looks real. The aim of the phishing attack is to get the victim to click on the link and enter their login information, believing they are accessing the real website. The message is often sent under a false pretext of an emergency or a requirement to change login details. Once the victim enters their login information, the attacker obtains all the necessary data needed to access the account and drain it of all funds. In DeFi, a victim may also sign a transaction with a malicious protocol and unknowingly allow access to their wallet. 

What Are Common Crypto Phishing Attacks?

There are several different types of crypto phishing attacks.

Spear Phishing

Spear phishing attacks are one of the most typical crypto phishing attacks and should be on anyone’s shortlist when it comes to understanding how to stay safe online. They refer to the type of attack that is run through a real-looking fake email or message. 

DNS Hijacking

DNS hijacking is difficult to recognize and has thus grown in popularity among crypto phishing attacks. They hijack authentic websites and replace the real website with a fake interface, aiming to get users to enter their login information on the fake site. 

Users can defend themselves from DNS hijacking by using a VPN and transferring their information via an encrypted channel. Another way is double-checking that the website is legitimate and has a trusted certification. Fake websites will often reveal themselves through little typos or other inaccuracies.

Fake Browser Extensions

Fake browser extensions target popular extensions like MetaMask wallets. The principle is the same as in the other attacks: the victims are being duped into entering their login information into a fake interface. These fake extensions use names that are similar to the real ones and try to get novice users to confuse them for the real thing. You can avoid fake extensions by ensuring their legitimacy in the app store through user reviews and checking the team. You may also want to download extensions only from their official websites. 

Crypto Malware

Another type of crypto phishing attack is malware installed through one of the previous options. This attack may not be related to cryptocurrency at all. Instead, the attackers try to get users to click on a seemingly innocuous link, which, unbeknownst to them, installs malware like a keylogger. This is later used to obtain the necessary information and drain the funds. 

Phishing Bots

Phishing bots are automated programs that mass-message victims to obtain their information. They are used together with other types of attacks to spam users and dupe them into revealing their details

Ice Phishing

Ice phishing attacks may use fake transactions to get victims to reveal their private keys. For instance, these attacks may use airdrops to trick victims into signing a transaction and unknowingly relinquishing their private keys and funds to the attacker.

How to Recognize a Crypto Phishing Attack 

There are several ways how you can recognize someone is trying to phish your data:

  • Typos and grammar errors: The emails and messages by phishers may contain typos and language that has a different tone than what you receive from the real entities.
  • Copycats: The phishers often use logos or brand colors that are similar but not entirely identical to the real ones.
  • Fake links: The used links are almost always different from the real websites. For instance, the attackers may use a typo in the domain name or try to obscure it through a shortened link.
  • Fake email accounts: The sender addresses are different from the real ones and may contain public email addresses instead of corporate ones. 

How to Protect Yourself From Crypto Phishing Attacks

You can protect yourself from crypto phishing attacks with a few simple steps:

  • Double-check the validity of a seemingly real email from a crypto exchange or similar.

  • Don’t click on links or download attachments if you haven’t verified the email is legitimate. 

  • Use strong passwords and two-factor authentication. 
  • Don’t share your personal data like your private keys.

  • Download extensions only from official sources and check their validity.

  • Don’t click on links in direct messages or from senders you do not know.

  • Use a VPN whenever possible.