Another cryptocurrency exchange that has become a target for hackers and cybercriminals is Bittrex, based in the US and known for buying and selling cryptocurrencies and digital tokens.
Recently, the users of Bittrex have been complaining about a website that is trying to come off as the official site for the Bittrex exchange. The fake website is actually a phishing domain that steals users’ login credentials as well as the money saved in the exchange.
The original, official site address for the exchange is Bittrex.com, while the fake version is found on the Blttrex.com. As it has been proven by the scammed victims, the simple similarity of the two different letters is more than enough to trick people into getting targeted.
As if this wasn’t enough, the fake site is copying the login page of the official Bittrex site which helps cyber criminals carry out their attack.
The first person to discover something phishy about the website was, unfortunately, its victim known as Tourpaul on social media, where he wrote of his experience with the scammers that left him with $2000 less in his pocket.
He wrote on August 15 that his Bittrex account got hacked and that during that he lost all of his money, which was about $2000. He continued by explaining that the hackers created a fake website that looks just like the real one, with the exact same login page, in order to get your password and authenticator code. This all happens in less than five minutes, he added. The person tried to contact Bittrex but the company did not respond immediately to him.
Tourpaul also spoke of his pessimistic views about the return of his money due to the fake website being gone the next day he checked it. He is sure though that more of these types of sites will pop up in the future and warned the readers to be careful since he doesn’t want anyone to go through what the went through.
This has also become a topic for Reddit users where people warn each other to be careful of these sites. What’s interesting is the fact that the data of the site’s owner is right there on the internet, including the name, address, email, phone number and other data that can be easily used to track the person, Sergey Valerievich Kireev from Russia.
At the time of writing this article, the fake website was offline and Google Chrome browser identified it as a phishing site. It still remains unclear if the site has been taken down by its hosting company or the scammer decided to shut it down.
There has been another phishing scam noticed by the users of Steemit. In this scam, the cyber criminals were actually using Google AdWords service to rank their site on the first page of Google.
Funnily enough, the scam website appeared on top of the actual Bittrex site. But at the time of writing this article, that domain has been shut down also.
In these instances, users are advised not to be lazy and bookmark the official websites they visit, use password managers as they only auto fill saved login details for websites where users set it up. And if a user isn’t on the correct URL, it won’t auto fill since the password was saved on the original website only.