Lost 25+ btc to probable phishing site

Hard to know exactly what happened. I logged into blockchain and found all my BTC had gone. After doing some detective work, I came up with a likely explanation. I really hope there is another plausible explanation, but can't think of one.

I logged into blockchain from a place I usually don't, just to quickly create a receive address. I used incognito mode and didn't have a shortcut to blockchain, so googled it. I am aware of the fake blockchain sites that might say biockchain.info or something, and have even reported them to google before as they buy google ad space to show up near the top of searches. However, I must have been not focused at that exact moment and clicked on one of them. I entered my info, and had to open my email to verify. I found the email and accepted it, then entered my 2FA code on my phone. I got into my account, and everything seemed normal. I created an address, copy pasted that and sent to someone, who owed me some money. Then i logged out and went on with doing whatever i was doing.

The next day, my account was completely empty. I found the transaction, and it came from an ip in Ukraine, the address being the one I thought i had generated the previous day. So in addition to losing all my current BTC, the BTC i was supposed to receive were also sent to the phishers.

I'm obviously completely shellshocked by this. I'm usually pretty careful about security issues like this. I guess i let my guard down as I've logged in a thousand times before and have several security measures (super long complex pw, email verification for log in and 2FA). It was my dumb mistake, and wouldn't have happened but for a number of instances of me not noticing things (didn't check the email for Ip location, didn't check the security thingy in the top left of web browsers etc). I even remember briefly thinking about fake blockchains, and half heartedly running my mouse across the options near the top, as i'd seen fake blockchains before where the website is very basic and doesn't have flash etc. This website was identical. I was so close to catching myself before it was too late.

I want this post to serve as a warning to be very vigilant and careful when using BTC. I know i'll get a lot of comments pointing out how i should have used more secure methods of keeping BTC, and i definitely will from now on, I will also get comments just saying how much of an idiot i am. I thought all my security measures would protect me, but they just made me complacent.

Also, as a last gasp effort, are there any steps i can take to get some/all of this money back? I realise the answer is 99%+ going to be no, but i'm desperate at this point. I sent an email to blockchain using their support service, is there anything else i could try. Someone even mentioned filing a lawsuit against google ads, not sure if that would be plausible. There is no evidence really as i used incognito mode so don't have cookies or anything to use as evidence.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: