Users of MEW and Electrum Cryptocurrency wallets facing Phishing Attacks
Users of MEW and Electrum cryptocurrency wallets are at present facing phishing attacks, as per the posts published on Twitter and Reddit on February 4, 2019.
Phishing attack is an illegal and fraudulent attempt to obtain the confidential data such as users' banking or personal details by illicit means, where the attacker disguised himself as trusted entity and then sends the user an email or a message that contains a malicious link. Clicking this malicious link generally opens a page where user is being asked to enter the personal data, or sometimes clicking this link initiates installation of software that is malicious on user's device.
On February 4, 2019, team behind the MyEtherWallet tweeted a warning regarding phishing emails, asking the users to share their personal information. The message of MEW developers' states: "Attention #MEWfam, There's another phishy email going around asking users to give up personal information. Don't believe the hype! #1. We will never email you first (only reply to support). #2. We will never ask for your private key (or other sensitive info). #3. Be skeptical!".
Similarly, a Reddit user has discovered a phishing scam posing as security update is attempting to steal the sensitive data from customers of Electrum. Redditor exa61 has posted a system message image, allegedly from the Electrum wallet, saying security update required to Electrum 4.0.0. Currently, the latest wallet version is Electrum 3.3.3.
The team of Electrum reported that: "the latest version of Electrum (version 3.3.3) will notify users when a new release of Electrum is available. Release announcements are signed by us, and verified by Electrum using a hardcoded Bitcoin address. This feature is optional and can be disabled".
In the thread, a user has pointed that it was "the second cluster of reports of the same phishing, and the first one was at the end of December 2018," adding that this would-be hacker might have 100 accounts of GitHub.
The website of Electrum has also posted a warning that Electrum versions older than 3.3.3 were susceptible to the phishing attacks, i.e. cases where the malicious servers might display a message suggesting you to download fake version of the Electrum. The company further warns that one should avoid downloading updates of the software from various other sources as well.
» SPAMfighter News - 2/21/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!