How to identify fake Monero websites

What is the fake "Monero" website?

During a routine investigative session, our researchers discovered this fake "Monero" site (monero-wallet[.]io; other domains are possible). It impersonates the official website of the Monero (XMR) cryptocurrency (getmonero.org). Upon examination, we determined that this is a phishing scam targeting cryptocurrency wallet log-in credentials.

IMPORTANT NOTE: We do not review crypto projects, please do your own research when investing money.

Federal Trade Commission (FTC) states that since the start of 2021, more than 46,000 people have reported losing over $1 billion in crypto to scams – that's about one out of every four dollars reported lost, more than any other payment method.

Fake "Monero" website overview

We found this scam on monero-wallet[.]io, yet it could be hosted on different domains. This fraudulent webpage closely imitates Monero's official website (getmonero.org). Monero (XMR) is privacy-oriented cryptocurrency. Its official site allows users to purchase XMR coins, offers downloadable digital wallets, and provides relevant information, tools, and resources.

It must be emphasized that the imitator is in no way associated with the real Monero cryptocurrency or any other existing projects, platforms, or entities.

When any of the buttons on the fake page are pressed, the user is presented with three options: "IMPORT WALLET", "CONNECT HARDWARE", and "RESTORE". Selecting whichever displays a prompt urging the user to enter their cryptowallet passphrase. As mentioned in this introduction, this website is a phishing scam – thus, it records the provided data and sends it to scammers.

With the digital wallet's log-in credentials, cyber criminals can then steal the associated cryptowallet and the funds stored therein. It must be mentioned that due to the practically untraceable nature of cryptocurrency transactions, they cannot be reversed. Therefore, victims of scams like this fake "Monero" webpage cannot retrieve the stolen digital assets.

Crypto scam examples

We have investigated thousands of crypto scams and found that they have three primary modes of operation: phishing for wallet log-in credentials, utilizing draining mechanisms to siphon funds from exposed wallets (drainers), and deceiving users into manually transferring assets to scammer-owned wallets.

Various lures are employed to gain the victims' interest and trust, such as false claims concerning airdrops/giveaways, early allocations, schemes for doubling/tripling investments, wallet issues, security concerns, expired passphrases, etc.

"Aethir ($ATH) Rewards", "Aave Voting Rewards", "Quant ($QNT) Rewards", fake "dYdX" trading platform, fake "Euphoria Trading" website, "Volt (XVM) Voting", fake "Lifinity" website, and "Falcon Finance Airdrop" are just some of our latest articles on scams that target cryptocurrency.

Due to how widespread scams are on the Web and how well-made they can be – we highly recommend exercising caution when browsing and investing online.

How did I open a scam website?

Online scams are most commonly promoted through websites using rogue advertising networks (redirects), spam (e.g., emails, social media posts, PMs/DMs, browser notifications, SMSes, robocalls/ cold calls, etc.), malvertising (intrusive advertisements), typosquatting (misspelled URLs), and adware (ads/redirects).

Intrusive pop-up adverts are prevalent in crypto scam promotion; some are fully functional drainers (i.e., capable of executing draining scripts). Advertisements of this kind have even been encountered on legitimate sites that had been hacked.

Social media spam is also widely used to endorse these scams. The promotional posts and private/direct messages can be made using accounts stolen from real projects, companies, entrepreneurs, celebrities, and so on.

How to avoid visiting scam websites?

Caution is paramount to ensuring your online safety. Therefore, take note of URLs and be attentive when typing them. Be wary of websites, ads, and messages that make unbelievable promises or urge you to take action against imminent threats.

Do not use sites offering pirated content or other questionable services (e.g., illegal streaming/downloading, Torrenting, etc.), as these webpages are typically monetized via rogue advertising networks. Do not permit suspicious pages to deliver browser notifications; ignore or block their notification requests.

Do not open attachments or links found in suspicious/irrelevant emails and other messages. Download only from official/verified sources and be vigilant when installing (e.g., study terms and options, use "Custom/Advanced" settings, and opt out of additional apps, extensions, tools, etc.) – to prevent harmful software (like adware) from infiltrating the system.

If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.

Appearance of the fake "Monero" website (GIF):

Screenshot of the official Monero website (getmonero.org):

Instant automatic malware removal:

Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:

By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Quick menu:

• What is "Fake Monero Website" phishing scam?
• How to identify a pop-up scam?
• How do pop-up scams work?
• How to remove fake pop-ups?
• How to prevent fake pop-ups?
• What to do if you fell for a pop-up scam?

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

• Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
• Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
• Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
• Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
• Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

• If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
• If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
• If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
• Help other Internet users: report Internet scams to Federal Trade Commission.

Frequently Asked Questions (FAQ)

What is an online scam?

An "online scam" is a type of deceptive content hosted on the Internet. These scams are designed to deceive users into performing specific actions, such as disclosing sensitive data (like log-in credentials), connecting cryptocurrency wallets to crypto drainers, making monetary transactions, downloading/installing software, buying products, and so forth.

What is the purpose of online scams?

The purpose of online scams is to generate revenue at their victims' expense. These scammers predominantly profit by abusing/selling private data, endorsing content (e.g., websites, software, products, services, etc.), acquiring funds through deception, and proliferating malware.

I have provided my personal information when tricked by an online scam, what should I do?

If you have disclosed your log-in credentials – change the passwords/passphrases of all potentially exposed accounts and inform their official support. However, if you've provided other private data (e.g., ID card details, credit card numbers, etc.) – contact the corresponding authorities without delay.

I have lost digital assets to a fake "Monero" website, can I get my money back?

Cryptocurrency transactions are irreversible because they are nearly untraceable. Therefore, victims of scams like this fake "Monero" site cannot retrieve the stolen assets.

Why do I encounter online scams?

Online scams are most commonly encountered via spam (e.g., social media posts, PMs/DMs, emails, browser notifications, etc.), intrusive advertisements, webpages using rogue advertising networks, mistyped URLs, and adware.

Will Combo Cleaner protect me from online scams?

Combo Cleaner is designed to scan visited websites and detect rogue, deceptive/scam, and malicious pages. It can also block further access to these webpages.