Phisher Poses as EOS Arbitrator, Tries to Steal User Accounts
Tens of thousands of messages have begun to circulate on the EOS network, and they are demanding that users participate in an arbitration process that could force them to give up ownership of their accounts and funds. However, these messages are entirely fake.
It seems that a malicious user is impersonating the EOS Core Arbitration Forum (ECAF), an organization that resolves disputes on the EOS blockchain. Although ECAF does in fact reclaim funds at times, these most recent messages appear to be part of a new phishing campaign that is targeting the EOS network far and wide.
Contents of the Notice
The account that is carrying out this phishing campaign is called ecafofficiel. This account was created early in the morning on December 18th, and since then it has sent out an endless torrent of messages reading “ECAF notification of arbitration. Do NOT IGNORE!” with a link to an arbitration notice.
At first glance, the fake notice appears to be legitimate: it provides case reference numbers, cites specific ECAF rules, and displays links to seemingly official websites. It also promises that both sides will have a “fair and equal opportunity” to present their case to an arbitrator. In fact, it is modeled after legitimate messages that ECAF has sent out.
But upon closer inspection, the notice does not seem so trustworthy: the phisher has created a fake ECAF website, with a URL that appears almost identical to the real address. The URL contains characters that are almost indistinguishable to the naked eye – a dead giveaway that is a standard trick of phishing campaigns.
Despite the fact that the phisher has sent out tens of thousands of messages, it is not clear whether anyone has fallen victim to the scam yet. One Redditor reports that when a user contacts the fake site, the attacker will escalate to the point of asking the user to give up their private keys — this would allow that user’s funds to be stolen.
In any case, it is likely that the campaign will end quite quickly, as many scams and frauds in the crypto world do. According to one user, EOS block producers who are active on Telegram are “aware of the ongoing scam” and “might shut it down.”
Suggested Reading : Learn about the best wallets for storing your EOS.
Not the First Fake ECAF Campaign
The EOS Core Arbitration Forum has suffered similar phishing campaigns in the past. In June, ECAF legitimately froze seven accounts, and that action was quickly followed by a hoax campaign that demanded freezes on 27 other EOS accounts. A message from this false campaign read:
“It is hereby ordered that the EOS Block Producers refuse to process transactions from the following accounts and keys indefinitely. (Until further official notice and instruction from the ECAF.)”
Little to no damage was done by that hoax, primarily because the attacker’s demands were aimed at block producers. One block producer, EOS New York, eventually became confident that this message was fake, which led it and other block producers not to act on the demands (although it did create minor confusion around a subsequent freeze demand).
Block producers make fairly difficult targets, but since November, the real ECAF has been arbitrating cases between community members. This gives phishers the pretense to contact users in direct and convincing ways — a critical failure for ECAF, an organization that is itself supposed to protect users from scams and fraud.
Although ECAF is intended to protect users, it is also a fairly controversial part of the EOS ecosystem. Because EOS allows arbitrators to resolve disputes, it gives a small group of people control over accounts and funds – something that most other cryptocurrencies do not allow. Although ECAF is not directly responsible for any phishing campaign, this most recent phishing attempt is unlikely to reflect well on the group.
The post Phisher Poses as EOS Arbitrator, Tries to Steal User Accounts appeared first on BitcoinLinux.