One of the world’s largest bitcoin exchanges, Kraken, published a warning on its blog regarding a potential phishing website. The company warns that the fake Kraken website appears everywhere and looks exactly like the real one, which is rather confusing, especially for beginners.
A number of cryptocurrency users have reported this fraudulent platform, which appears in ads across all the major search engines (Google/Yahoo/Bing). What is more, phishing ads look just like the organic search results for the real site, and even appear above the real site.
For instance, when doing a Google search for “Kraken Bitcoin”, users will get two results. The first link is an ad, which is not the real Kraken website. The one below it is the actual cryptocurrency exchange platform, which includes the proper description, as well as HTTPS certificate.
The website responsible for the recent phishing attempts shows up in the browser address bar as “kraken1.com” – the domain contains an extra character and does not support https.
Obviously, the criminals behind the phishing website are trying to trick users into giving up their account usernames and passwords. Three weeks ago, Kraken notified many clients of actual or attempted breaches of their accounts. The attackers appeared to be operating from a list of usernames/passwords obtained from another Bitcoin company. So, possibly these two events are related.
In addition, Kraken says its puts much effort into getting those misleading ads down, however, it is not easy, as the internet seems to be littered with malicious advertisements for clone sites and most of them are being removed only temporarily.
Earlier this year, Kraken acquired Dutch cryptocurrency exchange CleverCoin, and before that – Coinsetter and Cavirtex to expand in US and Canada. Back In April the company received a significant investment from the Japanese forex brokerage Money Partners Group and in May launched ether dark pool trading and updated its margin trading program.