Did you receive an email from Gyft informing you about an exciting offer on their gift cards? If yes, then you were probably one of those people who were targeted by scamsters. According to a report on social media, unknown individuals have tried to capitalize on the ongoing Black Friday weekend shopping spree to scam few bitcoins out of unsuspecting customers. In order to do so, they used a phishing website resembling Gyft.
Few Bitcoin users have reportedly received a mail claiming to be from Gyft— the popular online gift cards platform. The email claimed that Gyft is offering a 30 percent discount on gift cards bought from the platform using Bitcoin. In order to avail the offer, users were asked to visit www.buygyft.com instead of the actual www.gyft.com .
After the incident was shared by one of the Redditors, it was discovered that the mailer was a scam, a phishing attempt. A user claimed to have reported the incident to Gyft’s support team and shared a transcript of the communication with the platform’s representative. Soon after the incident was reported, the Gyft team sprang into action and had the phishing site taken down.
The phishing site used images and the design from Gyft to make it as if the user is actually on the real website. They had gone to an extent of even including a security certificate. In spite of immediate action, the scamsters did manage to make some profit out of their phishing exercise. Transaction history of the wallet address provided on the phishing website shows 5 incoming transactions amounting to 1.4113 bitcoin.
This is not the first time a Bitcoin platform has been targeted by a phishing attack. Popular cryptocurrency platforms like BitPay and Blockchain.info have been targeted in the past as well. Last year BitPay lost over $1.8 million after its CFO was targeted using the CEO Stephen Pair’s compromised account. Earlier this year, the cyber security platform, OpenDNS Security Labs also reported an increase in phishing attempts targeting Blockchain.info wallets.
It is advisable for the users to verify the website’s authenticity before making any transactions. Users will have to particularly pay attention to the URL and security certificate of the web page. When in doubt it is advisable to seek assistance from the community in identifying the website. Users can also navigate to the site through a search engine or links from trusted sources and verify with the customer support.
The golden rule, if the offer is too good to be true, then the chances of you being on a fake site is much higher.
Ref: Reddit | Image: Shutterstock