Scam-game: Clone website emerges to prey on users of Bitcoin payment processor, CoinGate
January 2018: the golden age of the cryptocurrencies. The age when everyone wanted to have a stake in the market, make a quick buck, and become the next billionaire to be featured on CNBC or Bloomberg.
The golden age has now become a tale of ‘Once upon a time,’ with the hopes and dreams of these very naive investors being crushed by the brutality of the highly volatile market. However, not all of their dreams were crushed. Bitcoin’s market did take pity on some investors, granting one of their wishes; to make headlines.
The dream was fulfilled, but there was a catch; a slight yet significant change. Some wanted to be featured in mainstream media as the next billionaire, drawing on the legacy of the Winklevoss brothers before ruefully, they left as Bitcoin paupers. Along with the market bloodbath came the scams, draining every ounce of blood left in these gullible investors.
The scam-game saw an evolution from impersonating popular influencers to impersonating popular cryptocurrency platforms. Ever since scammers ventured into this, there have been numerous clone websites that have emerged to copy leading crypto-businesses. This in turn, has resulted in several investors falling victim to the scheme.
The latest to fall victim to such a scam were the users of CoinGate, a cryptocurrency payment gateway. The clone website has an uncanny resemblance to the real one, with the number of victims increasing as each day passes by. Unlike how the official CoinGate functions, the clone website comes across as an exchange, even offering a token listing option.
Notably, it’s increasingly easy to fall for this sort of a scam as even the link has a resemblance to the official website, with the only difference being .uk and .com. On one hand, the logos for both the websites are entirely different, and on the other hand, the way the brand name was displayed was in the same manner.
In an email to AMBCrypto, Veronika Mishura from CoinGate, said that they had noticed the clone website using their brand name a few months ago. Following this, the platform has raised awareness about the scam by even releasing an official statement on its website.
Mishura said,
“A few months ago, we noticed the website that uses our brand name. It also uses our branding pattern – CoinGate with C and G Capitalized. Pease note that our trademark is registered under the regulation of EU, US, Canada, China, and other countries.”
Another key factor that was brought to attention was the referral links on the clone website that redirects to the official site. In the privacy policy section of CoinGate.uk, the mentioned email ID is the one administered by the official website.
Interestingly, this was not an off-set factor about the clone website. When clicked on the wallet option provided on the site, the webpage redirects to another site called Arwen, a decentralized settlement platform for cryptocurrency exchanges and OTC trading; with the design of the website having a resemblance to that of KuCoin. In fact, CEO Kent Li even brought up the issue on Twitter.
On the method used to get hold of customers’ cryptocurrencies, Mishura explained,
“Usually, they [users] say that they deposit the funds, which then get locked without the possibility to withdraw. One person claimed that he lost around 1500 LINK like this, but most victims did not specify the amount.”
Since the number of scams taking place via this clone platform have continued to rise, the official platform has taken several steps to reduce the number of victims. The platform took down the clone site’s social media accounts, yet again because of the similarities to the official platform, by notifying Facebook and Twitter support teams.
In addition to this, Mishura told AMBCrypto that CoinGate has also issued a cease and desist letter to the clone site. However, the impersonators have refused to agree to their demands.
She said,
“For the record, we have already notified their service providers with cease and desist letters, took action with Company Name Tribunal at the UK domain name registry and sent an official letter to them requesting to forbid using our brand name.”
Further, when asked about whether there were any other measures to mitigate this sort of a situation, Misura told AMBCrypto,
“The only measure that could potentially work is to buy all the similar domain names, which is infeasible in practice. However, what we can do is to monitor the Internet for phishing sites, report them, and inform our clients about them, all of which we did and will continue to do.”
Notably, CoinGate is not the only victim of the scammers’ new game. Binance, one of the largest exchanges in the market, has also been a target for a long time. While the official website link is https://www.binance.com, an exact replica of the exchange goes by the link https://binance.co. The UI/ UX of both websites have a striking resemblance, with the fake website registering a traffic of 67.33k for the month of September on Similar Web, with about 85 percent of the traffic drawn from China.
If Mr. Robot and all the hacking movies have taught us anything, it is that no matter how secure we think we are, we’re just one mistake away from being virtually unlocked. Remember, “awareness without action is worthless” ~ Phil McGraw.