Impostors Attempt Twitter Phishing Attack on Users of Bitcoin Wallet Electrum

A bit of a public service announcement today as Reddit user ZoidbergCoin reported a phishing attempt on the part of a false Electrum Twitter account. The attackers were clever, creating an exact clone of the original Electrum Twitter, but using an ā€œIā€ (uppercase) instead of a lowercase ā€œl.ā€ On first glance, it’s hard to tell the difference.

For reference, Electrum is a popular lightweight bitcoin wallet for desktop and mobile which operates similar to SPV wallets. It communicates with a trusted server rather than downloading the entire block chain. One common criticism of it is that the Electrum server can log information about the clients.

Interestingly, the phishers decided not to create a whole website around this concept, and have tweeted legitimate information about Electrum. But in one case, as ZoidbergCoin reported, they were most definitely phishing:

8-electrum

Electrum users are encouraged to be keen on the difference between the two accounts. The false one has less than 1,500 followers and only a few tweets. The other has more than 2,000 users and, after all, is spelled properly.

Also read: Electrum Execoin Stealth Wallet Review

Had ZoidbergCoin not discovered this potential scam artist, it’s unclear how far they could have gotten with this before anyone had noticed. The public nature of Twitter’s platform means that the attackers could easily go down the list of people who follow the real ElectrumWallet account, which basically serves as a target list. One by one they could phish, and only one hit would equal free money.

electrum1

But the scam could have gone much more legitimate, as well. They could have registered eIectrum.org, which looks like electrum.org in most fonts. They could have then distributed malware-infected versions of the lightweight client. As you can see, it quickly gets much more serious than mere Twitter trolling.

In other Electrum news, they did, indeed, release version 2.5.1 recently. Additionally, their documentation has moved to ReadTheDocs.org last month after a hack of Orain.org. It is unclear if this hack is related to the current attempts on Electrum users.

Featured image from Shutterstock.