14 DAY TRIAL // A recent phishing campaign was spotted to leverage typosquating for impersonating CryptoCoinsNews.com (CCN) in an attempt to deceive the website’s advertisers to pay for a fake ad option.
The cybercriminals registered the domain cryptocoinznews.com, which at a first look does not seem different from the original cryptocoinsnews.com; this is achieved by changing the “s” letter in the middle with “z.”
It is easy to miss one letter and spot the difference, especially in longer text strings. This is exactly that the crooks relied on when they started their targeted attack.
By creating an email address for CCN director David Parker on the same spoofed domain, they sent a message to 99bitcoins, the company’s advertisers, offering a new advertising option, that cost one Bitcoin (currently $481 / €363).
As such, the fake [email protected] could easily pass for the legitimate one with the “s” inside instead of “z.”
Either the writing style or the information in the message raised the advertiser’s suspicions and he alerted CCN.
Even if the scam attempt did not succeed, the crooks can try their luck on users that have a registered account with the website, and try to steal their credentials.
CCN said in a blog post that they were taking action against the domain and the domain owners.