Something Phishy

We could all use some good news in crypto lately, but it did not come on this year’s Friday the 13th. A number of websites frequented by crypto users were targeted in a phishing attack Friday. At the top of the list were CoinGecko and Etherscan.

• Etherscan is the most used block explorer while CoinGecko is one of the most popular price and activity aggregators in the space. Block explorers function as online blockchain browsers which are used to examine transaction details happening on a network.
• The attacker targeted traffic to the popular sites by displaying a malicious pop-up enticing users into connecting their Meta-Mask wallets.
• This phishing attack looks to have come from a domain impersonating association with the Bored Ape Yacht Club, and was taken down shortly after the threat was identified.

Vigilance never goes out of style. Phishing attacks are some of the most easily preventable.

1. Never click links received in unknown emails. Even if the sender is familiar, if something seems off, it probably is. Verify before opening.
2. When visiting sites, pay extra attention to anything unexpected. If you’re directed to a page you’ve never seen, retrace your steps. Don’t click on any unfamiliar pop-up advertisements.

Bad actors count on complacency. The only way to avoid an eventual catastrophe is to take ownership of your security.