Even if you know what is the right thing, it is easy to be fooled in a moment when you lack concentration. I wasn't fooled, but still, for a couple of seconds, I was fooled this morning looking through my mailbox.
I received the following email from Blockchain.com, telling me that there was an attempt at recovering my password.
Looking through the information, I quickly noticed that this wasn't an action made by me. So, I actually clicked the cancel recovery request, and that is when I suddenly noticed that I was taken to an entirely different domain, and knew that this was just junk.
But, to be honest, I should have noticed it earlier!
Three things that I have should have noticed earlier.
There are so many red alarms shouting at this email, and here I will show you some of the biggest alerts!
Check the address of the sender
Take a look at the address from which the email was sent. It might have been called Blockchain.com, but the address has nothing to do with it.
Check the URL of the Cancel Recovery Request
If I hold my mouse above the Cancel Recovery Request link and copy the link location, I will see an URL that is a shortened URL. This is yet another scary sign. You can use an URL expander to see the full link, and then you will also see the full truth (that this is junk). But a shortened URL is also a no-no in an official email.
Normally there is no such thing as cancel recovery request!
Let me think once more... this isn't a normal function either. So, if you use common sense, the scammers are really working hard to scare you, and then to visit their website in order for you to cancel your request. Normally, such requests are terminated within 30 minutes if you do nothing (or something like that). So, this is a function that doesn't belong in such an email.
How would they actually trick you?
This isn't a scam in which they install programs on your computer. Instead, they make you type your blockchain.com login data on the "scam-page." They will then get access to your data and this can later be used by them to hack your account, steal funds, and who knows what.
Of course, how do these people know that I have a blockchain.com account registered with this email address? That is another thing. Probably some sort of data breach is the reason, and that is a reason to worry in itself.
No matter what, take care of yourselves and your values!!
This is an original article written by me for Project Hope!