The scammers reportedly spent hundreds of thousands of dollars to buy misspelled website addresses linked to cryptocurrency companies in hopes of deceiving victims.
The Washington Post claims that misspelled domain names are used to mislead visitors into thinking they are dealing with legitimate cryptocurrency companies.
According to the report, a Brazilian spent more than $200,000 on Bitcoin to buy misspelled domain names, including wwwblockchain.com, hlockchain.com and blpckchain.com, between November 2020 and February 2021. domain name errors were created to resemble the blockchain.com cryptographic infrastructure provider.
The Brazilian also spent more than $16,000 to buy conibase.com, which was created to look like the popular Coinbase.com cryptocurrency bag.
A .com domain name costs about $10 on average when you first register. It can then be resold at great profit on domain-based reseller sites.
Nick Nikiforakis, a professor of computer science at Stony Brook University, told the Washington Post that conibase.com appears to be a “phishing toolkit” and is likely to target high-net-worth people.
“You’re not going to sue yourself with a few hundred dollars in your Coinbase accounts, but people with millions of dollars in their cryptographic accounts.”
Zack Allen, a cybersecurity expert at ZeroFox, told the Washington Post that conibase.com is a sophisticated phishing site that uses various techniques to evade detection, such as automatically detecting bot visitors and redirecting them to Google instead from the fake website.
According to the report, cybercriminals often use these evasion techniques to evade detection and prevent unwanted visitors from accessing their fake websites.