Fake ‘Ripple Insights’ page used by scammers for phishing racket
If something seems too good to be true, it probably is.
The gullibility of some when it comes to money has cost them a lot of funds and the crypto-space is no different. Fake giveaways and airdrops seem like an everyday affair now.
In what is a recent development, an article on the web monetization platform Coil has warned users about a new kind of rampant, fraudulent activity on the XRP Ledger.
According to ‘xrplorer,’ author of the aforementioned article titled “Alert: XRPL Memo Phishing,” the scammers preyed on the viewers of a fake Ripple Insights page, one created by making subtle changes to the original page and using special characters to give an impression of ingenuity. The scammers then filled the fake Ripple Insights page with fake articles on airdrops and giveaways.
“The attackers had a plan. First, Make a replica of Ripple Insights, using special characters in the domain name to make it look legitimate [rippłe != ripple]. Secondly, add an article about a massive airdrop, promoting a new “Claim” feature in XRPL. Thirdly, link to a replica of the Bithomp website, from the article, with a tool to use said “Claim” feature. A fake tool, which only serves to send secret keys to the attackers’ website so that they can take full control of the account.”
Further, ‘xrplorer’ noted that on the afternoon of 16 January, the attackers executed the “first tests” in which small payments of 88 drops [0.000088 XRP] were sent through the ledger, with memos that said “Welcome magic!” and “Magix!!”
After the initial testing was over and the fake websites were ready, thousands of 88 drop payments were sent out to XRP accounts directly, which, according to ‘xrplorer,’ were targeted by balance. It also had a link that promoted a fake airdrop, “with no purpose other than to lure secret keys from the recipients.”
While the exact figure of the stolen funds is yet to be determined, this isn’t the first time some users have fallen prey to an XRP scam. Last year, there were reports of scammers creating fake live streams of Ripple and XRP in an attempt to defraud people by convincing them to send funds to fake projects. The scammers in question would then promise them returns exceeding their initial investment, typically via an ‘airdrop.’