A new scam has surfaced that is trying to trick genealogists and others into revealing their user name and password for MyHeritage.com. Luckily, knowing about the scam now will help you avoid it in the future. The scam is obvious if you know what to look for.
The following is a quote from the MyHeritage Blog:
“We want to alert MyHeritage users about a malicious attempt to steal credentials that we identified several hours ago and is still ongoing.
“Perpetrators whose identity is unknown set up a fake website called myheritaqe.com (same as MyHeritage, but with the letter Q instead of the letter G). They started setting up this fake website yesterday, July 20, 2020 according to whois information, which is the date on which this domain was created and registered. They used an anonymity service to hide their identity. They exploited the fact that it’s hard to differentiate between the letters q and g, especially on mobile phones.
“We immediately reported this phishing website to GoDaddy.com to have its domain removed and GoDaddy.com are in the process of taking it down. We also reported it to Azure where it is hosted so they could remove it too.
“On the fake website, myheritaQe.com, the perpetrators set up a phishing login form to receive login information intended for MyHeritage and harvest the password. The website was made to look like part of the real MyHeritage.com homepage, with all the functionality not working except the fake login. It tries to impersonate the real website.
This is what the fake website looks like:
“‘The perpetrators then started sending a phishing email to email addresses that they apparently compromised from GEDmatch. We don’t know if they emailed (or intend to email) all the users of GEDmatch or only those who uploaded DNA data to GEDmatch that originated from MyHeritage. What we found with all the users they did email, after speaking with these users, is that those users are all using GEDmatch. Because GEDmatch suffered a data breach two days ago, we suspect that this is how the perpetrators got their email addresses and names for this abuse.'”
You can read more in the MyHeritage Blog at https://blog.myheritage.com/2020/07/security-alert-malicious-phishing-attempt-detected-possibly-connected-to-gedmatch-breach/
NOTE: MyHeritage is the sponsor of this newsletter.