skip to Main Content

Netskope finds hackers using Google Sites and Microsoft Azure to steal crypto

Attackers take advantage of certain SEO techniques to direct users to phishing sites for wallet apps like Metamask and exchanges like Coinbase and Kraken. These sites, created in Google Sites and Microsoft Azure, trick users into entering their personal information, allowing malicious entities to divert their funds from these services, according to Netskope.

According to Netskope, cryptocurrency phishing scheme uses SEO, Google Sites and Microsoft Azure

Netskope, an online security company, has detected a new type of cryptocurrency phishing scam scheme, which involves SEO techniques and copy pages. According to a company report, throughout 2022 attackers were detected using blogs as tools to distribute links to phishing sites.

In these blogs, attackers post links with SEO content that helps them rank well in search engine queries. This means that the links will be reviewed by many people, which can then lead them to believe that they are linking to real crypto sites. However, the links direct users to phishing sites that are very similar to crypto-based sites, such as the Metamask website.

Other sites also mimic exchanges such as Coinbase, Gemini, and Kraken.

Phishing mechanism

These phishing sites, which are hosted on Google Sites or use Microsoft Azure, are designed to trick users into taking their personal information in two different ways. The first is to directly acquire the private seeds of users’ wallets by enticing them to import this data. This is the method currently used by the phishing site Metamask.

The second relates to obtaining user account information in one of the phishing exchanges. When users enter their information, the sites return an error and prompt them to contact a support operator who will attempt to get more information from the users to successfully acquire their funds.

Netskope said:

Netskope strongly recommends that users never enter credentials after clicking on a link. Instead, always go directly to the site you are trying to connect to. For organizations, we also recommend using a secure web gateway that can detect and block phishing in real time.

Phishing scams are not new to the world of cryptocurrencies. Binance detected and warned of a massive phishing scam involving text messages in February.

What do you think of the new phishing scheme involving SEO, Google Sites and Microsoft Azure hosted web pages? Tell us in the comments section below.

Sergio Goschenko

Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late in the game, entering the cryptosphere when the price surge happened in December 2017. Having a background in computer engineering, living in Venezuela and impacted by the cryptocurrency boom at social, it offers a different point of view. on the success of crypto and how it helps the unbanked and underserved.

Image credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. This is not a direct offer or the solicitation of an offer to buy or sell, or a recommendation or endorsement of any product, service or company. does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Back To Top