Cryptocurrency scams are running rampant online today. Many crypto users have relied on using only reputable, well-established platforms to avoid falling victim to these scams. However, many such scams are now using elaborate copies of official websites to trick their victims. These fake websites are becoming a major problem as crypto users are left not knowing who they can trust.
How Do These Fake Websites Work?
Any website you visit is simply an arrangement of text, images, and other elements. It isn’t difficult for tech-savvy scammers to copy these elements and create a new website that looks identical to the real thing. If they can manage to get victims to visit these websites, then those
victims might not realize they’re dealing with a fake.
The websites will typically feature a URL that is almost identical to the real thing, so a cursory glance doesn’t raise any red flags. They might change a single letter, substituting it with one that looks very similar. They could also use the same website name but with a different domain, substituting “.com” with something else.
The scammers copy the websites of mainstream crypto services like Coinbase, Kraken, MetaMask, Gemini, and many others. When a user visits a legitimate website, they’ll either log in or grant access to their crypto wallet. If they provide that information to a fake website then it all goes to the scammers, who can then use that information to access the user’s accounts on the legitimate website.
Once inside, scammers can quickly drain any cryptocurrencies or NFTs being held on the platform or digital wallet. Because cryptocurrency transactions are permanent, there’s no recourse for users to reverse these transactions. When fake websites successfully steal a user’s credentials, they can lose everything in a matter of seconds.
It’s also important to mention that there are shady services like “Immediate Edge” which present themselves as legitimate coin exchanges. However, some websites have made some convincing arguments that this service is a scam.
How Do Scammers Get People to Visit These Websites?
Scammers still need a method to draw people to a fake website in the first place. They have many methods to do so, and some of them are taking advantage of vulnerabilities in how search engines like Google work.
The scammers use the same search engine optimization methods that legitimate businesses do to promote themselves. They make their websites target phrases that users might search about exchanges. They can also simply pay for ads that elevate their search results. While Google and other search engines have measures in place to remove scams, the websites can stay up long enough to entrap many victims.
These fake websites are also spread through other methods, including social media and email. Scammers will often make social media posts advertising free giveaways on major platforms. They can even make the social media account have a similar or identical name to the real account of the platform, along with copying their profile picture.
Other cases include directly sending victims an email or message that says their account has been compromised or there is some other issue that requires them to log in. The supposed link included in the message leads to the fake website, not the real one.
No matter what method the scammers use to drive traffic to the website, the end result is the same. The user provides sensitive information thinking that they’re on the real website, and the scammers use that information to compromise the user’s account on the real platform.
How Can I Avoid These Fake Website Scams?
There are a few simple tips that you can follow to avoid these kinds of scams. Whenever you visit any kind of service, whether a cryptocurrency exchange or regular online banking, make sure that the URL in the address bar of your browser is the official URL of that organization.
Beside the address bar, you’ll also find an icon that will let you check the digital certificates associated with the website. Make sure that the URL starts with HTTPS, not just HTTP. This ensures that SSL certificates are being used. You can click the icon, a padlock on most browsers, to verify that the SSL is properly registered and verified.
Finally, be careful about what you click. If you receive a link through an email or social media, don’t follow it. Instead, access the website another way. Simply type in the URL if you remember it, or search for the name of the company to find the official website.