Cryptocurrency Scams Are Getting Harder to Spot. Here’s What to Look For
Hackers are getting better at mimicking a website’s address, making it especially difficult to tell it’s fake.
Reddit/chrysotileman
What you’re looking for is a green “Secure” and “https” before the website’s URL address, which is a sign that the site and company obtained the proper SSL (secure sockets layer) certificates. Obtaining an SSL certificate shows that the company behind the site is trusted.
Coinsmarkets.com doesn’t have either the green “Secure” or “https” before its URL address. Instead, it has a grayed out “Not Secure” and a regular “http” before the URL.
Usually, scam sites are identified and taken down pretty quickly. If you try to visit coinsmarkets.com now, you’ll be met with an error message.
Reddit/Games_sans_frontiers
At first glance, this URL for the popular cryptocurrency exchange Binance looks perfectly legitimate. You can clearly see the green “https” before the Binance website URL.
It isn’t clear how scammers obtain an SSL certificate, which allows them to add that re-assuring green “https” to the front of the URL. At the same time, it’s also pretty easy to get an SSL certificate from a less reputable certificate issuer.
Reddit/Games_sans_frontiers
Those two dots under the Binance URL mean that you’re not actually looking at or using the real Binance site. Instead, you’re looking at a totally different site made And since the site looks familiar and the URL checks out at first glance, unsuspecting users type in their login credentials, which can then be recorded Reddit user “evantIndeed, those dots can easily pass off as specks of dust on your monitor.
In this case, scammers used the regular letter “n” with an added so-called dot diacritic, or an underdot, which is used in central European languages and Vietnamese, according to Wikipedia.
It’s far more deceiving and effective than using a number that appears similar to a letter, like using the number “1” instead of the letter “i.”
Twitter user Lukas Stefanko took screenshots of a fake Bittrex site that has the green “https” before the site’s URL address.
The fake URL has a cedilla, which looks like a comma under the “r” in Bittrex. You’ll have to click into the tweet below to see the larger screenshots.
Lukas Stefanko@LukasStefanko
Cedillas are widely used in languages like French and Portuguese. That’s not to say that the scammers are from those countries, as anyone can use any alphabet that a web browser supports.
Scammers can leave links that lead to their scam sites in online places like forums, social media, email, or even on Google. So even if you’re expressly looking for an abnormality in the link, like an underdot or cedilla under a letter, it could be hidden The best way to avoid a scam site is to manually type the URL address to the site you want in your browser’s address bar. If you frequently visit that site, you can create a shortcut on your browser’s bookmarks toolbar. Still, after seeing this kind of scam, I’m now double-checking the website URLs on most of the sites I visit, especially those where I have accounts.
There are also web browser extensions you can download that help prevent phishing scams specially designed for “crypto enthusiasts,” like the Cryptonight extension for Chrome.
This post originally appeared on Business Insider.