Decentralized cryptocurrency exchange IDEX announced that it is teaming up with PhishFort, a phishing defense solution for high-risk industries and designed for blockchain companies. The goal will be to actively seek out and put an end to those trying to impersonate the IDEX trading platform and to better protect the growing IDEX user base from potential phishing attacks.
PhishFort protects high-risk companies, such as crypto-exchanges, ICOs, and financial firms, from phishing attacks. PhishFort uses a combination of cutting-edge systems to detect, blacklist, and ultimately take down phishing websites, apps, chatbots, and more across the web.
Current Anti-Phishing Results
Copycat Sites
In the last month alone, the IDEX team has identified and taken down over 50 phishing websites that were impersonating IDEX. These include homograph attacks, as well as attacks which were simply typos of the domain.
Once identified, phishing websites are blacklisted almost instantly in some of the most widely used browser extensions in the crypto space such as EtherAddressLookup, MetaMask, and the MyEtherWallet browser plugin. After the website is blacklisted, the takedown process begins. This involves alerting the hosting provider and the domain registrar that illegal activity is taking place on the website and domain in question and taking steps toward shutting it down permanently.
Google Play and iOS App Store
In addition to monitoring attacks against the IDEX domain, PhishFort is also monitoring both the Google Play Store and iOS App Store for fake apps impersonating the IDEX brand.
Tips on Trading Safely
The Aurora (IDEX) Team said:
“The safety of users funds is of the highest priority at IDEX. By leveraging the expertise of the PhishFort team, we are able to get ahead of many of the increasingly-complex phishing attacks being developed today.”
The team recommends looking at one or more of the following open-source tools and resources to help maximize safety when dealing with cryptocurrencies:
Browser Plugins
- EtherAddressLookup — EtherAddressLookup is an open source security plugin aimed at protecting users from unsafe websites, twitter account, and cryptocurrency addresses.
- MetaMask — Metamask provides a user interface to manage your identities on different sites and sign blockchain transactions. Metamask has a blacklist which protects users against known phishing websites.
- MEW — The MyEtherWallet browser plugin also contains a blacklist which protects end users from known phishing websites.
Report Phishing Attacks
- EtherscamDB — An open-source collection of known Ethereum-based scams. You can report suspicious sites to be included here.
- PhishFort — Users can also report phishing attacks to PhishFort’s telegram bot.