Scammers make big in misspellings

Companies peddling cryptocurrency online say one of the biggest enemies of scams involving stolen passwords and money come down to bad spelling.

As reported by The Washington Post, phishing scammers are buying such domains as “wwwblockchain.com,” “hlockchain.com” and “blpckchain.com” hoping that someone wishing to access their account at www.blockchain.com will misspell the domain, access a fake site, supply their passwords, and give the dark web easy access to their online assets.

“There’s a very real monetization opportunity,” Nick Nikiforakis, a computer science professor at Stony Brook University who has studied such scams, told the Post. “If someone steals your credentials, they can immediately start transferring your money out of your account.” 

Mr. Nikiforakis went on to warn: if scammers manage to steal, users have no recourse because they’ve lost cryptocurrency rather than regular money. 

Last month, Coinbase.com announced 6,000 of its customers had their cryptocurrency stolen through a phishing attack in which fake log-in pages are used to steal passwords, according to the Post.