⚠️ Security Warning: A suggestion from Google Chrome led to a $20,000 loss for a user after visiting a fake cryptocurrency website
🔍 What happened?
A user fell victim to an advanced phishing attack, where the Google Chrome browser suggested a fake site that looked exactly like the ChangeNOW platform. The user trusted the suggestion, resulting in an immediate loss exceeding $20,000 in cryptocurrencies.
____
🔐 What phishing technique was used?
Punycode Domains
Attackers use non-Latin characters (such as Cyrillic letters that resemble Latin letters) to create domains that are difficult to distinguish from the original ones.
Example: exаmple com (with the "а" being Cyrillic and not Latin)
____
🚨 The real source of danger:
• Browser suggestions (Chrome Autocomplete/Suggestions) can lead users directly to fake sites.
• The user did not enter the link themselves but relied on Chrome's suggestion—which increased the shock and risk.
💬 "This is the problem with Chrome... browser suggestions sometimes lead to phishing sites." — Founder of SlowMist (Cybersecurity Company)
____
⚖️ Regulatory stance:
• Agencies like the FTC, DFPI, and NASAA warn about cryptocurrency-related fraud, but have not explicitly mentioned Punycode attacks yet.
• They only advise the following:
✅ Check the URL
✅ Avoid untrusted links
✅ Report any suspicious activity
To be continued...
