Reports are coming in that many darknet shoppers are falling for a very sophisticated phishing attack aimed at stealing login credentials. While phishing websites are not uncommon in the world of darknet marketplaces, one recent site has been able to dupe even experienced shoppers.
AlphaBay is currently the largest operating Darknet Marketplace and with the large number of daily transactions taking place it’s understandable why it would be a prime target for script kiddie hackers. The end goal of course to steal bitcoins from AlphaBay’s buyers and vendors.
According to NetCraft.com the sophisticated phishing site looks indistinguishable from the real darknet marketplace and uses a very similar url address. However the address leads to a phishing site hosted by a German web hosting company called AttractSoft GmbH.
Currently the phishing website is still operational and was only pointed out last Thursday. Clicking on the phishing url will send visitors to a clone of the AlphaBay Market’s login page in hopes market users will enter their credentials. The website even includes a CAPTCHA field, similar to what AlphaBay uses to deter DDOS attacks and bots. Though it has been noted that the CAPTCHA field is merely for show and entering any characters into the answer field will act as a correct value.
The easiest way to spot the phishing site is by double checking the url prior to logging into your account. Rather than ending in the .onion TLD, the phishing site ends with “.me.pn” a free domain which is not hosted on the darknet.
While this may be common sense to many veteran users, this tactic still easily fools unsuspecting new users. It is vital to make sure you utilize caution when it comes to darknet websites and there are a few important measures one should take each time they plan on logging into their account. While this may seem like a waste of time it could potentially save users a lot of money and frustration in the long run. Remember to always check the URL to make sure it’s 100% accurate. Keep a copy of the url or better yet memorize it, this way you do not need to put yourself at risk by reaching AlphaBay through a link hosted on someone elses website. When you log in to your account, make sure your secret welcome message displays. These are a few ways to keep your account secure and safe from phishing sites and links.