The Stellar Organisation has posted an important notice warning users against phishing scams which have proliferated and are being aimed at Lumens (XLM) users.
A Reddit user was the first to take note of the issue. Two scam domains along the lines of stellardrop.org and xn--stelar-5db.org are redirecting to a website with the URL stełlar.org. The scammers are sharing the following link: https://www.stełlar.org/blog/third-lumen-distribution. The issue is that the domain name looks extremely similar to stellar.org, which is the URL for the official Stellar Organisation. The only difference is the l with a stroke: ł. The eagle-eyed Reddit user realised that in places, the foreign character ł is barely noticeable due to font type and size.
Any of the three links redirect users to a fake Stellar Account Viewer. If anyone enters their Secret Key into the Viewer they will immediately lose their funds. It is thus important that users manually type domain names into browsers to ensure they are on a correct website.
Due to the risks posed by a scam as subtle as this, the Stellar Organisation posted a notice informing users of the scams. They stated:
IMPORTANT: #SDF will NEVER ask you for your private key. SDF is not holding XLM giveaways and will NEVER ask you to deposit funds to a wallet address. Check all URLs!
The organisation asked users to report any suspicious activity they might observe on the following link.
They then linked to the Stellar security guide for more information on how to stay vigilant against scammers in the cryptocurrency space.
A Twitter user pointed out that many of these advertisements are being observed in Facebook and that the organisation should formally take up the issue with the cryptocurrency giant:
This had been happening for a long time, there are people creating a phishing links (Stellar) in Facebook and sharing it through other members cover pictures, making it impossible to delete. You have to address this with Facebook.
— AlfredoSilverfx (@AlfredoSilverfx) August 13, 2019