Bitcoin Scammers Make Their Way to BBC, Disguising False News Websites to Mine Bitcoin
Hackers seem to always find a way to trick consumers, but the use of false websites and networked computers make it possible for them infiltrate for mining profits.
In a new hacking situation, scammers have programmed illegitimate BBC News websites to perform mining for Bitcoin rewards. This scam was found by researchers at the first week of the new year. The scammers use a “Display Message” button embedded in an email sent to users. By displaying that message, the user goes to an affiliate website, while continues to generate Bitcoin as more users view the page.
My Online Security found that Outlook clients appeared to be excluded from using the emails, while Mac users were directed to fake login pages. They were not directed to the false BBC News websites as expected.
TheNextWeb, which originally reported on this story, noted that spoofing is a common practice among malicious actors, because it gives them the ability to steal login credentials. It also lets them mine Bitcoin without getting caught.
There is a technique these scammers use called “typosquatting,” where they misspell the names of websites in a subtle enough way that users do not usually notice. Other times, they add words to a website that actually exists, maintaining the format but taking the user to a different actual website.
The email scam involved with these scammers deduced that the users succumbed to the second method. They were directed to https://business-news.bbc-1.site/landers/bbc-business-news/#forward. Even though it is easy to believe that these websites are real for individuals that do not know what to look for, getting a deeper look shows that everything comes back to Bitcoin.
Other smart techniques are used in the ploy, usually making them believe that the email comes from someone they know. At this point, however, there is no information about how many people were impacted, but there’s now a scam alert on Cloudfare to warn users of what happened.