Active Phishing Scam
Apparently imitation is the highest form of flattery? Unfortunately in this case, we are not impressed at all. There is an active phishing scam trying to steal ETH from the participants of the CanYaCoin ICO! This is an advisory to all in the CanYa Community to not fall victim to this malicious phishing scam attempt.
What is the scam?
The CanYaCoin ICO is being run from the legitimate site https://sale.canya.io and there is an active scam website that has just been discovered that is sale.canay .io (space included to ensure it cannot be turned into an active link). While fellow Australian’s understand the name (originating from the slang – “Can Ya do something?”), many internationals struggle with it. This can easily lead to a spelling mistake of ‘Canay’.
The CanYa Team did anticipate something like this and purchased nearly 20 domains around the ‘canya.io’ address but unfortunately this combination got through the cracks.
A sophisticated phishing attack is currently underway that spans across two fraudulent websites, is powered by CloudFlare, has active EV Certificates and includes Google AdWords! We need your help to shut it down!
For those that have already been to the legitimate CanYaCoin ICO sale page (sale.canya.io), you will probably notice some striking similarities between the fake website and the real website. Please be sure to check the address bar to ensure that you are at sale.canya.io!! (Even favourite the link above right now to make sure you have the correct site)
In addition to buying the domain name sale.canay .io (again, space added to break any chance of a link), the scammers have purchased canay. io. The correct CanYa Website is https://canya.io. The real website looks nothing like the CanYaCoin ICO sale page (sale.canya.io) but has active links to get there.
The would-be scammers have even gone to the effort of paying for Google AdWords! A search of ‘CanYa Token Sale‘ will have the scam pop up as the first results. This is particularly worrying as people intrinsically trust Google search results and click without checking.
The problem is compounded by the fact that the scammers have also got an active EV Certificate; like we said earlier, this is a very sophisticated phishing attack!
How do you cross-check the correct information?
There are many platforms that you can independently cross-check to ensure that you have the real CanYaCoin ICO. We have a very active Telegram Community that help all of the CanYa Admins keep the channel honest and engaged. We also have a CanYa Announcements Telegram Channel where we push information across to our community, this helps us with secure communication and reputable announcements.
Call To Action – Help Us Shut Down This Scam!
Scams like this plague the crypto-community as a whole and tarnish the entire ecosystem. Nobody wants to see scammers get away with any more stolen ETH, so please help us to shut down this scam before it takes off!
Report via Google Safe Browsing
Please take 5 seconds out of your day to help us stop these scammers steal anything! Head to https://safebrowsing.google.com/safebrowsing/report_phish/ and report the website; it should look something like the following:
Please post two seperate reports to shut down both https:// canay .io and https:// sale.canay .io
Report via Ether Scam Database
So that we can push the message even faster to the crypto-community, please also lodge a report at https://etherscamdb.info/report/domain/
They have not stolen anything yet!
Thankfully this phishing scam was caught by the team very early and we have been able to get out in front of it. We have already taken steps to report it to:
- Namecheap (DNS & privateemail.com)
- CloudFlare (SSL & Routing Traffic)
- Google (AdWords etc)
- WhoIsGuard (Protects ID of registrant)
- Ether Scam Database (see above)
As of writing this, the scam has only been known about for a couple of hours and there has been ZERO ETH SCAMMED! We would very much like it to stay that way so please share this with everybody to get the message out.