Cryptocurrency users have seen their fair share of phishing scams over the years. In most cases, those scams involve fake exchange or wallet websites. Users are often contacted through an email campaign, which is often somewhat successful. This is a big problem that needs to be addressed. Things only get worse when the top Google Search result for the Bittrex exchange is a phishing site as well. This method of attack has become more prevalent in recent months.
Rest assured cryptocurrency users will see more phishing attempts in the future. Criminals know exchange users often use lackluster account security. All they need is a login and password to empty account balances with ease. In the case of Bittrex, that has become a lot more difficult. In a new update, the company introduces mandatory email-based 2FA for all users upon logging in. A great move forward, especially considering the growing number of phishing scams in circulation.
Phishing Clone of Bittrex Dominates Google Search Results
More specifically, the top search result for Bittrex on Google in a phishing scam. This is one of the sponsored ads which show up during most people’s searches. The domain name in question is bittrex.ltd. It also uses a fake description which makes it look somewhat legitimate, though. People need to be very careful when Googling for website address rather than entering them manually. It’s not hard to remember the Bittrex.com domain name, though. Still, novice users often struggle with this concept, which makes them prone targets for such phishing scams.
It has to be said, this fake Bittrex website looks like an exact copy of the original. However, a closer look at the address bar unveils you are using Bilttrex.com. This domain was registered about two weeks ago, indicating this scam has been going on for some time now. It is unclear who registered the domain, though, but we do know they use CloudFlare protection. It also appears the ad is no longer showing up for some people depending on their region, which shows Google is taking action against this scam.
Unfortunately, we will probably see more of these phishing sites in the future. Cybercriminals know users store a lot of money in an exchange wallet. It is up to individual users to take the necessary security precautions. Enabling 2FA in your account is an obvious first step. Not keeping funds in an exchange wallet is the better strategy, though. There are dozens of mobile, desktop, and hardware wallet solutions out there. Keeping your funds safe should be the number one priority for every cryptocurrency user. Otherwise, phishing attempts like these will remain far too successful.