For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered…
Another novel sophisticated phishing scam; what can we learn?
* Don't use browser based "secure" messaging services
* Use bookmarks to visit important web sites, not search engines
* Verify bitcoin addresses out-of-band when sending large amounts of value!
In other news, targeted phishing attacks have a shelf life of 7mins while bulk phishing campaigns last 13 hours (source:Google).
And we wonder why cyberattacks are on the rise despite the rise of security investments.
We need Zero Trust for web addresses. @MetaCerthttps://t.co/TBu8ChoijF