Scammers haven't been shy about attempting to separate cryptocurrency wallet owners from their lucrative holdings.
The latest iteration comes from a fake email alert sent out to prospective targets from firstname.lastname@example.org, falsely claiming that unauthorized login attempts have made on their blockchain.info wallets, regardless of whether the recipient at that email address even has a wallet. The fake message prompts users to either authorize the login or recover their wallet, and threatens to freeze the wallet and funds therein until one of these actions is taken.
Avoid clicking any of the links in the email, as they load a website at the URL http://blockchain.info.ht/#/ that asks users to enter wallet addresses and passphrases or private keys. Once a user surrenders this information, it is reasonable to assume that the contents of their now accessible wallet will be emptied by the scammer. Users should notice right away the lack of a secured http:// connection, which is indicated by the “https://” preceding the URL. Tracking the IP of the scam site (22.214.171.124) reveals that it is operating out of London.
It is advisable for users of https://blockchain.info wallets to ensure that the URL they use is accurate when plugging in addresses, private keys, or passphrases to unlock wallets and check on funds.