What happened

This is a reminder to you all to be careful how you store your Bitcoins. The following story is taken from reddit, where someone who started accepting Bitcoins for his services was wiped clean of his coins after a simple phishing site got his credentials for the wallet. The phishing website imitated Blockchain.info which is a popular Bitcoin wallet site. The site showed itself on the front page of google when you would search for blockchain. It used AdWords to rank up high in the search and when a person typed blockchain in the search window the sponsored site would show up. Now, when you go to the phishing link you will see all types of warnings so you do not have to worry about not accessing the real blockchain site. Here is what shows up when you go to the imitated site:

phishing

 

phishing-2

 

thanks to this reddit post the site has since been reported to google and it took care of it. Here is a look at how the site actually looks, as you can see it draws a very similar resemblance to the original blockchain site and the imitation site did a great job copying it.

phishing-site

 

How can we prevent this

The obvious answer is that you need to be more careful about accessing sites. The best practice is so input the direct URL of the site you are trying to visit into the browser navigation bar, this will eliminate any risk of phishing. However, the other side is that Google needs to be more careful about the types of websites that are allowed to posts for AdWords. The main issue here was that Google allowed the phishing site to display a clean blockchain.info link however, the original site is a redirection through a goo.gl url. For a better explanation here is a comment from reddit written by toshitomiballza:

The ad is removed now apparently, but it was there when I wrote the comment 2 hours ago. The green text URL clearly said http://blockchain.info/

, but when you clicked the link, it redirected through goo.gl URL shortener to a subdomain on vallornegocios.com.br.

That’s why my initial comment of it being irresponsible of Google to allow advertisers to manually enter the URL, instead of Google automatically generating it.

See also image proof from yesterday when somebody had 5.3 BTC stolen: http://www.reddit.com/r/Bitcoin/comments/27j1gd/i_had_53_btc_stolen_in_blockchain_now/

In short, it’s strictly a matter of not letting advertisers to enter the URL address manually. Is your product/service hosted on x.com? The URL address will automatically be set to x.com, and not allow you change the URL address displayed to y.com. If you liked this article follow us on twitter @themerklenews and don’t forget to subscribe to our newsletter.