Mt.Gox, the largest Bitcoin exchange market, once again seems to be the prime target of cybercriminals who’re ever eager to look for ways to exploit the cryptocurrency.

According to a new report from Symantec, while Trojans that steal BTCs and install BTC miners onto people’s PCs continue to proliferate, some cybercriminals have reverted to the age-old phishing method to scam BTC enthusiasts out of their money.

The scam works by taking advantage of Mt. Gox’s huge popularity – criminals are said to have set up a number of fake Mt. Gox sites that use the same second-level domain (mtgox), but a different top-level domain name, such as .org, .net, .de, or .co.uk, while the real site uses .com.  The scam site will try and trick visitors into downloading and installing the MTGOX_Wallet.exe file, which Symantec has identified as Downloader.Ponik – a Trojan that downloads more malware onto the compromised computer that can then steal passwords and other vital information.

It was also determined that the scammers are using advertising services such as Microsoft’s Advertising Network to entice bitcoiners into clicking on the fake sites.  One ad stated, “”New Century Gold: BITCOIN Protect your money – Buy Bitcoin.”  With previous DDoS attacks on BTC exchange markets, some BTC enthusiasts were quick to head on to the site and download the malicious file.

“The fact that the phishing site does not use the common Secure Sockets Layer (SSL) security protocol should have been a clear giveaway for any visitor. As with any financial service, regardless of the currency behind it, people should pay due diligence to ensure they are on a real website when entering information. In this case, the scammers left an additional clue inside the HTML of the phishing website for the curious type: they hide the original site’s guidance to change passwords,” Symantec stated on its blog post.

Be sure that the site URL ends in “.com” and not anything else!

As a precaution, Symantec urges Mt.Gox account holders to regulalry change their passwords and verify their accounts. Mt.Gox has recently implemented a verification step for all BTC transactions, including withdrawals and cash deposits, as it tries to dodge the Department of Justice’s crosshairs.  The The DoJ recently shut down an alternative web currency called Liberty Reserve, allegedly for facilitating money laundering.

Most of the fake Mt. Gox websites have already been reported.  If you’re using Chrome, you’ll see a notification from Google stating that the website has been blocked as it has already been reported as a phishing website.

If you encounter any other phishing sites during your travels around the web, the responsible thing to do is visit a special page set up by Googleto report the suspected phishing site.  Just type in the URL of the phishing site in the box provided, then enter the code to verify that you’re not a robot. Commenting is optional but you can state your reason why you suspect the site, then just click on the “Submit report” button.