SEAL Launches System to Verify Sneaky Crypto Scam Sites

The tool allows experienced users and researchers to confirm whether a suspicious website actually displays harmful content.

One major issue in phishing investigations is that attackers often use methods to hide the real content from security tools. These scams have caused over $400 million in losses in just the first six months of this year.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Crypto Day Trading VS Swapping: What’s More Rewarding? (Animated)

SUBSCRIBE

ON YOUTUBE

To address this issue, SEAL has developed a system known as TLS Attestations and Verifiable Phishing Reports. It gives investigators a way to collect reliable, tamper-proof proof of what the website actually showed to the user.

The system uses a process where a trusted server, called an attestation server, becomes part of the secure connection between the user and the suspicious site. This trusted server performs all encryption-related tasks, while the user still connects directly to the website.

To use it, a researcher sets up a tool on their own computer that watches the internet traffic and shares the connection details with the attestation server.

This process produces what SEAL calls "Verifiable Phishing Reports". These are digital records, signed using cryptographic methods, that confirm what a site delivered to the user.

SEAL can then confirm whether the site is malicious without visiting it directly, which reduces the risk and helps avoid tricks used by scammers to hide their true content.

Recently, SEAL uncovered a network of individuals posing as IT professionals to gain unauthorized access to crypto companies. How? Read the full story.