Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Cybercriminals always follow the money, and it’s no wonder that Bitcoin’s skyrocketing popularity has made it a massive target for malicious hackers. These criminals are stalking and hunting Bitcoin wallet owners in many devious ways, and one of the most popular tactics is phishing. If a hacker succeeds in gaining access to a target’s Bitcoin wallet, they can steal all of the victim’s cryptocurrency in seconds, and the easiest way to get a victim to give away their credentials is to trick him or her with a fake email and website.
Recently, specialists of the Comodo Threat Research Labs stopped one of these cunning attacks. The attackers used tricky, multi-step technology to deceive the victim. Let’s take a closer look at this fraud chain.
It began when one of Comodo’s clients received this email:
The subject line reads “Security Upgrade” and says:
“Dear customer,
Your Blockchain wallet has to be upgraded immediately due to an important security update. Blockchain has confirmed your 1-step Blockchain wallet verification. In order to validate and update your Blockchain wallet, please access your Blockchain wallet by clicking on below link and enter your Blockchain wallet ID for verification.”
The email looks like a valid message from Blockchain, one of the most popular sites Bitcoin owners use to operate their accounts. If you look at the “From” field, you find the real email address of the Blockchain site: support@blockchain.info.
But if you click on the “Verify Your Wallet” button, here is where the black magic begins. First, you will be redirected to this page:
At first sight, everything seems to be okay, doesn’t it? Click on the “Log In” button, and a new pop-up appears with “email” and “password” boxes.
Now, all you have left to do is to put in your credentials, and the problem is corrected, right?
Stop! Before you click “Verify,” look carefully at the address bar: this site is not blockhain.info. It’s blockcnailn.org.
Yes, you are quite right. It’s a phishing site belonging to cybercriminals. Had you given away your credentials, your Blockchain wallet would be cleared out in seconds.
How can this be possible? Indeed, the email was sent from the real support@blockchain.info address. Unfortunately, most users don’t suspect that any email address can be impersonated or spoofed through very common and easy methods. Thus, after checking the address and ensuring it’s valid, a person hardly notices that one-letter difference in the site’s URL. This is why many users become victims of phishing.
The attack above was aimed at one distinct person, and the phishing email was sent from one IP address 203.189.232.65 in Seoul, South Korea. The domain blockchailn.org is registered in China.
“We were faced with a rather high-level phishing attack here,” said Fatih Orhan, the head of Comodo Threat Research Labs. “When stakes are extremely high, like in the case of the spear-phishing attack on Bitcoin wallets, cybercriminals perform their dark jobs very carefully and inventively. For effective protection from sophisticated attacks of this kind, individuals and companies need a strong combination of technical and human forces. Our client was protected by Comodo technologies, for example, so cybercriminals were powerless, unable to access their Bitcoin wallet.”
Live secure with Comodo!
Related Resources:
Tags: phishing email,Phishing Scams
Reading Time: 3 minutes What Is Phishing? Phishing is a method employed by cybercriminals to access email accounts and systems using deception rather than defeating security protections. In basic phishing attacks, cybercriminals send an email that appears to be legal, tempting the victim to open an attachment or click on a link. This click could result in loading malware…
Reading Time: 3 minutes Phishing trap for One Drive users. How to avoid falling prey? Cybercriminals often use very cunning and inventive tricks to manipulate victim’s mind in phishing attacks. They aimed at eliciting data in such a way the victim doesn’t aware of it. For that purpose, the crooks use social engineering tricks. Recently Comodo specialists discovered a…
Reading Time: 3 minutes Cybercriminals’ big hunt for users’ credentials is gaining momentum rapidly. Their strategy usually stays the same: get attention of the victim, use social engineering techniques to make her run a malicious file, and then steal logins and passwords. But the tactic and the malware hackers use constantly changes. Let’s consider in detail the freshest example…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP