A fake OpenSea domain was used in a phishing attack, costing thousands of dollars to at least one victim.
Using the IDN domain xn--opensa-7ua.com, the scammers stole approximately $70,000 dollars in Ethereum from one account. Registered at NameCheap, the domain resolved to an active web site mimicking OpenSea. The IDN displays as openséa .com in the browser.
Developer Steven Tey shared the news on Twitter:
PSA: A friend of mine just lost over $70K worth of ETH because of this phishing site that looks *identical* to the official @opensea website (refer screenshot below) Please be careful folks – the crypto world is a wild west (with more privacy comes more responsibility)
Using IDN domains in phishing campaigns is not new and it’s still a highly effective method used by cybercriminals to steal passwords and crypto-assets.
In recent weeks, MetaMask, that operates from the domain MetaMask.io, warned its users about phishing emails that appear to be arriving from the matching .com.
I hope more people become aware of what can happen. People being blindsided out of thousands of dollars may lead to complaints which eventually leads to policy. Inevitability, all of that comes down to oversight of some kind, defeating, you know, decentralization.
amplify – The scammer actually advertised its malware domain and web site on Google in France. I’m guessing a lot of people are too lazy to type the URL and just Google the brand and click on WHATEVER pops up at search result #1. Ouch!