Phishing Campaign Targets Users of Crypto Exchange GMO Coin

by Aziz Abdel-Qader
  • Crooks attempted to trick users into accessing a phishing site through clone ads on the search site "Yahoo! JAPAN"
Phishing Campaign Targets Users of Crypto Exchange GMO Coin
Photo: Bloomberg
Join our Crypto Telegram channel

GMO Coin, the cryptocurrency Exchange subsidiary of the Japanese internet giant GMO, has warned its users across the world about a new scam that has spread over the past week.

The company, which was slapped with a business improvement order by Japanese regulator (FSA) last year, said the campaign attempted to trick users into accessing a phishing site through clone ads on the search site "Yahoo! JAPAN" where crooks tried to obtain their login credentials. And once they’re opened, the damage spreads quickly.

“In the search site "Yahoo! JAPAN," an advertisement is disguised as our company, and after guiding a false login page, a malicious fraud is confirmed to enter important information such as the customer's login e-mail address and password,” the company says.

The fraudulent ads are a classic example of phishing attacks: websites that look official and encourage people to enter personal information and other useful details. But since the links and the sites are fake, those details are actually sent to scammers who want to use them for malicious purposes.

Several crypto venues fall victim

GMO Coin makes clear that it will never ask for important information such as payment details, identification numbers or passwords over email. It added that users should always check that the link is actually to its official site at https://coin.z.com/jp, or better to head to the website directly by typing the address in their browsers.

Such scams tend to focus on customers of financial services providers and often send emails that appear to have come from the company itself. But in fact, the link will be fake, and clicking through will lead to an identical but malicious version of the website.

GMO Coin is especially concerning because the logins are valuable not just as ways of getting people’s information. The company has recently announced several initiatives including allowing users to lend their cryptocurrency to the platform and receive rental fees according to the volume of coins they lend.

Earlier last year, the subsidiary of Tokyo Stock Exchange -listed firm, which also operates the largest retail FX trading services provider in Japan, has become the official sponsor of the Japanese baseball team, the Chiba Lotte Marines.

GMO Coin, the cryptocurrency Exchange subsidiary of the Japanese internet giant GMO, has warned its users across the world about a new scam that has spread over the past week.

The company, which was slapped with a business improvement order by Japanese regulator (FSA) last year, said the campaign attempted to trick users into accessing a phishing site through clone ads on the search site "Yahoo! JAPAN" where crooks tried to obtain their login credentials. And once they’re opened, the damage spreads quickly.

“In the search site "Yahoo! JAPAN," an advertisement is disguised as our company, and after guiding a false login page, a malicious fraud is confirmed to enter important information such as the customer's login e-mail address and password,” the company says.

The fraudulent ads are a classic example of phishing attacks: websites that look official and encourage people to enter personal information and other useful details. But since the links and the sites are fake, those details are actually sent to scammers who want to use them for malicious purposes.

Several crypto venues fall victim

GMO Coin makes clear that it will never ask for important information such as payment details, identification numbers or passwords over email. It added that users should always check that the link is actually to its official site at https://coin.z.com/jp, or better to head to the website directly by typing the address in their browsers.

Such scams tend to focus on customers of financial services providers and often send emails that appear to have come from the company itself. But in fact, the link will be fake, and clicking through will lead to an identical but malicious version of the website.

GMO Coin is especially concerning because the logins are valuable not just as ways of getting people’s information. The company has recently announced several initiatives including allowing users to lend their cryptocurrency to the platform and receive rental fees according to the volume of coins they lend.

Earlier last year, the subsidiary of Tokyo Stock Exchange -listed firm, which also operates the largest retail FX trading services provider in Japan, has become the official sponsor of the Japanese baseball team, the Chiba Lotte Marines.

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}