Phishing Attacks at itBit exchange！itBit Users Watch Out！
Bitcoin trading exchange itBit, which is based in AIA Tower in Singapore, made an announcement to its users on Sept. 29th, 2014 that there was a phishing attack targeting their customers.
At first, we didn't pay much attention to itBit's e-mail announcement, but 45 minutes later, we received a strange e-mail which looked like this:
Out of curiosity, we opened the e-mail and saw that it had an attachment file called 'itbit-Required-information.zip'. But, there was no signature. Strange...
It looked strange and out of context so we opened up itBit's e-mail which we had skipped earlier on, and came to the conclusion that this very e-mail must have been a phishing e-mail (The attached file was not downloaded nor opened).
The phishing e-mail we received fell under '2. Confirm successful completion of a payment', according to itBit's guidelines for identifying phishing e-mails:
The e-mail was not sent from itBit.info as stated in the guideline, however. It came from firstname.lastname@example.org.
This is the first time we had received a phishing e-mail in any bitcoin related service and so we were lightly shocked.
Apparently, itBit's database has not been compromised and all operations at itBit are fine, but we thought it would be worth sharing to alert the community.
So, if you're a user of itBit, watch out for these phishing e-mails! They really came!