Main navigation

This Is Why You Should Be Super Careful When Using to Send Bitcoin Addresses

Sun, 06/14/2020 - 12:03
article image
Alex Dovbnya
A Bitcoin-stealing clone of has been spotted by cybersecurity experts
This Is Why You Should Be Super Careful When Using to Send Bitcoin Addresses
Cover image via
Read U.TODAY on
Google News

On June 14, security news outset KrebsOnSecurity alerted its readers about a fake version of, a popular website for sending encrypted self-destructing messages, that is capable of stealing your Bitcoin.

Those behind this phishing scam are able to replace all Bitcoin addresses with their own to trick its users into sending them BTC.

Scammers Targeting XRP Community with Legit-Looking Email Scam. Can You Spot This One?

Fishing for Bitcoin addresses  

Scammers simply use the plural form of the domain ‘privnote,’ making it very challenging to tell the difference at first glance. It’s also common for malicious actors to prey on their potential victims with the help of misspellings, hyphenations, or alternative extensions.

All messages sent with the help of are not encrypted, which means that they can be easily accessed by the website’s owners. 

In fact, a specific script is utilized for automatically finding all notes containing Bitcoin addresses and modifying them.     

image by

While could possibly be used for stealing all kinds of data, cybersecurity analyst Allison Nixon believes that pilfering Bitcoin is the main purpose of the sham: 

At first, I thought that was their whole angle, just to siphon data. But the bitcoin wallet replacement is probably much closer to the main motivation for running the fake site.

No, SpaceX Is Not Giving Away Bitcoin. Don't Fall for This Elon Musk Scam

Such scams are common

Phishing scams remain one of the most popular ways of swindling money out of cryptocurrency users who are not attentive or tech-savvy enough to notice the ploy.

Recently, entrepreneur Eric Savics lost all of his Bitcoin savings ($113,000) after entering his seed phrase into a malicious KeepKey extension for Google Chrome.

Last year, U.Today also reported about a fake Telos Foundation website with an extra hyphen that was meant to steal EOS.

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at