Blockchain Blog

Beware: Phishing Attempts

It has come to our attention that some Blockchain users and even people who have never used our wallet service are receiving fake email notifications, which contain concealed links that direct users to sites that may attempt to capture their login information or infect their computer with malware.

The email looks like a failed transaction notification, depositing a large amount of bitcoin “back” in the user’s wallet, suddenly making the user quite wealthy. The emails look like this:

Transaction Confirmation Failed
A transaction made through has been removed from our database because it was taking a long time to be included in a block.
Any funds have been returned to your wallet and you can now spend the coins again. Please consider including a larger fee in future transactions.
22j1ul881oPS9iLjSqm6Oa3Ttoc66UvAPLv 104.7720 BTC
47dx1AnL-s8eP-W5eG-bRx4-9Zbph2x22S71Y2 105.8002832 BTC

-104.7720 BTC
Login to your wallet for transaction history: https://{invalid-link} – (Unsubscribe)


What users should do:

Delete these emails if you receive them
Never use an email link to login to your wallet
Never provide a password or a mnemonic by email, Blockchain staff will never ask for these
Never login with your web-wallet credentials on any site you reached via a link, always type in the domain or use a bookmark
Always check the domain in your browser address box matches and check the SSL padlock is enabled.

Reporting Phishing Attempts:

To report a phishing website, so that it is identified by various browsers and to warn other users, use the phishing report form at Google. Remember to copy the suspicious link from the email and paste it into the report:

or, if using Mozilla Firefox, select Help/Report Web Forgery from the browser menu.

Andreas M. Antonopoulos
Chief Security Officer