Bitstamp Phishing Mail Targets Unsuspecting Bitcoin Users

Bitcoin remains a high-value target for criminals and hoodlums, regardless of whether they operate in the real world or online. In January of this year, European Bitcoin exchange Bitstamp got hacked and lost a fair chunk of money. Earlier today, Bitstamp informed its customers about a new phishing email making the rounds, asking users to submit a “verification request”.

The Phishing Attempt

Phishing emails are nothing new under the sun, as these type of hacking attempts have been around for as long as the Internet exists. And Bitcoin has become a target of this kind of phishing attempts on more than one occasion as well, as Bitcoin is untraceable and irreversible money, after all.

The choice to go after Bitstamp customers may be a smart move on behalf of the people behind this phishing attempt though. Many, if not all of Bitstamp’s user base are aware the exchange has been hacked little over a month ago, and seeing an email from BitStamp – which looks rather legit (more onthat in a bit) to be honest – asking users to comply with a change in free structure is not that strange.

Plenty of Warning Signs About Its Origin

However, as we all know, no Bitcoin-related service will ever ask you to confirm details by creating a link[ed button] sent via email. Unfortunately for all of us, once you have an operation that involves a human factor, there is always a chance of people clicking the button & getting hacked. In turn, they will blame Bitstamp for sending out this email, and we will see mainstream media claiming how Bitstamp “remains insecure after the security breach” et cetera.

But that is not all, as there are other clues to be found as well as to why this email is not coming from Bitstamp themselves. Granted, you have to look a bit closer, but it’s not that hard to do or even time-consuming.

For starters, the address where the email is supposedly coming from. Official Bitstamp emails are always sent from “support@bitstamp.net”, at least when updates regarding the service is concerned. For example, when Bitstamp sent their official email regarding the change in fee structure, it came from that email address.

This phishing email, on the other hand, is being sent from no-reply@bitstamp.net [which is obviously a spoofed email address], and is not an address Bitstamp ever uses. Granted, withdrawal and deposit confirmation emails are sent from noreply@bitstamp.net, but there is no hyphen in that email address, is there?

Regarding the spoofed email address, if your mail client/webmail has mail headers enabled, you can also see through which mail server the message was relayed. Bitstamp will never send any email relayed by Gmail servers, as they have their own mailing servers to take care of outgoing communication to their customers.

Also, why would Bitstamp ask their users to SUBMIT a verification request? If this email was legitimately coming from Bitstamp themselves, shouldn’t be we CONFIRMING a request to begin with? And what kind of verification are we talking about in the first place, as this is just about a change in the fee structure?

Regardless of how you look at it, there are plenty of signs that this is not a genuine Bitstamp email but rather a phishing attempt.

Source : https://twitter.com/Bitstamp/status/577399660005978112