Phisher Poses as EOS Arbitrator, Tries to Steal User Accounts

[PRIBO247]

Tens of thousands of messages have begun to circulate on the
EOS network, and they are demanding that users participate in
an arbitration process that could force them to give up
ownership of their accounts and funds. However, these
messages are entirely fake.
It seems that a malicious user is impersonating the EOS Core
Arbitration Forum (ECAF), an organization that resolves
disputes on the EOS blockchain. Although ECAF does in fact
reclaim funds at times, these most recent messages appear to
be part of a new phishing campaign that is targeting the EOS
network far and wide.

Contents of the Notice
The account that is carrying out this phishing campaign is
called ecafofficiel . This account was created early in the
morning on December 18th, and since then it has sent out an
endless torrent of messages reading “ECAF notification of
arbitration. Do NOT IGNORE!” with a link to an arbitration
notice.
At first glance, the fake notice appears to be legitimate: it
provides case reference numbers, cites specific ECAF rules,
and displays links to seemingly official websites. It also
promises that both sides will have a “fair and equal
opportunity” to present their case to an arbitrator. In fact, it is
modeled after legitimate messages that ECAF has sent out.
But upon closer inspection, the notice does not seem so
trustworthy: the phisher has created a fake ECAF website, with
a URL that appears almost identical to the real address. The
URL contains characters that are almost indistinguishable to
the naked eye – a dead giveaway that is a standard trick of
phishing campaigns.

Despite the fact that the phisher has sent out tens of thousands
of messages, it is not clear whether anyone has fallen victim to
the scam yet. One Redditor reports that when a user contacts
the fake site, the attacker will escalate to the point of asking
the user to give up their private keys — this would allow that
user’s funds to be stolen.
In any case, it is likely that the campaign will end quite
quickly, as many scams and frauds in the crypto world do.
According to one user , EOS block producers who are active on
Telegram are “aware of the ongoing scam” and “might shut it
down.”

Not the First Fake ECAF Campaign
The EOS Core Arbitration Forum has suffered similar phishing
campaigns in the past. In June, ECAF legitimately froze seven
accounts, and that action was quickly followed by a hoax
campaign that demanded freezes on 27 other EOS accounts. A
message from this false campaign read:

“It is hereby ordered that the EOS Block
Producers refuse to process transactions from
the following accounts and keys indefinitely.
(Until further official notice and instruction from
the ECAF.)”

Little to no damage was done by that hoax, primarily because
the attacker’s demands were aimed at block producers. One
block producer, EOS New York, eventually became confident
that this message was fake, which led it and other block
producers not to act on the demands (although it did create
minor confusion around a subsequent freeze demand).
Block producers make fairly difficult targets, but since
November, the real ECAF has been arbitrating cases between
community members. This gives phishers the pretense to
contact users in direct and convincing ways — a critical failure
for ECAF, an organization that is itself supposed to protect
users from scams and fraud.

Although ECAF is intended to protect users, it is also a fairly
controversial part of the EOS ecosystem. Because EOS allows
arbitrators to resolve disputes, it gives a small group of people
control over accounts and funds – something that most other
cryptocurrencies do not allow. Although ECAF is not directly
responsible for any phishing campaign, this most recent
phishing attempt is unlikely to reflect well on the group.

https://unhashed.com/cryptocurrency-news/