Beware: Another type of hacker's trap

aioc

hero member

Activity: 2898

Merit: 567

Quote from: TryNinja on October 24, 2021, 01:03:36 AM

Btw, same thing I said here:

Quote from: TryNinja on August 18, 2021, 03:00:03 PM

I just got this email. Downloaded the file and this is all it has inside:

Quote

This leads you to a website that appears to be a crypto MLM ("donate X BTC and put your address, someone else will donate to you")...

TLDR: You won't get hacked if you click this file.

I keep receiving these emails. The last one I got (1 hour ago) leads me to a "Bitcoin cloud mining" (scam) website.

Unsolicited emails are considered scammed gone are the days when we received emails coming from those so called price of one country which they picked you to be a heir or there are incoming box that contains a stock of gold, this is the kind of email I received ten years ago but now many of these are Cryptocurrency related emails, this is how popular Cryptocurrency now.

coin-investor

hero member

Activity: 2828

Merit: 575

Leading Crypto Sports Betting & Casino Platform

Quote from: Peanutswar on August 30, 2021, 06:29:51 AM

This kind of email attack or also called a Smishing this kind attack are letting their users to click the click or any suspicious file and of course today if you click a file it might automatically download unless there's another layer of security you have to prevent this might happen, if you remember there's a trending of email virus before which is the I love you virus this is one of the most notorious kinds of message that damage a lot of assets of the organizations. Smishing is nothing new in the internet because there are uneducated people keep exploring even though its came from a suspicious sender. It is better to prevent clicking anything, think before you execute.

I just marked these kinds of emails as spammed they keep coming in my emails every other day I lose count of emails like this that I deleted and marked spam, there's no description of what they are sending it is written in the Russian language or similar but I don't have the habit of clicking emails from unknown source or emails that I don't remember subscriber, this is the cost of participating in airdrops with email verification

TryNinja

legendary

Activity: 2758

Merit: 6830

Btw, same thing I said here:

Quote from: TryNinja on August 18, 2021, 03:00:03 PM

I just got this email. Downloaded the file and this is all it has inside:

Quote

This leads you to a website that appears to be a crypto MLM ("donate X BTC and put your address, someone else will donate to you")...

TLDR: You won't get hacked if you click this file.

I keep receiving these emails. The last one I got (1 hour ago) leads me to a "Bitcoin cloud mining" (scam) website.

decodx

hero member

Activity: 1428

Merit: 931

🇺🇦 Glory to Ukraine!

Quote from: Rengga Jati on August 30, 2021, 06:57:25 PM

- Avoid clicking any link or hyperlink in a website, email, and other notifications.
Here is about carefulness and awareness of the things that we are going to do.

I agree with your conclusion about carefulness and awareness, but I disagree with some of your suggested methods. Without hyperlinks on websites, the Internet would be nothing but a collection of unrelated documents. Hyperlinks are the very essence of the world wide web.

What is important to protect against phishing attacks is to understand how to recognize a phishing attempt and what you should do about it. Phishing sites are designed to look like legitimate websites in order to collect your personal and confidential information. Therefore, it is crucial to identify phishing websites and fake urls and to not enter any information on such sites. You should bookmark all important web services and type the url directly into the url bar if you are visiting a website for the first time to make sure you are on a legit website.

Rengga Jati

hero member

Activity: 1932

Merit: 622

ROLLBIT > Crypto's Most Rewarding Casino

There are actually many phishing models in order to trap us in such conditions and lose our assets, virus on our devices, and others.
Well, just be simple:
- Never click any link if we don't know the sender, even that is a very promising advertisement
- Never trust anyone outside that gives you certain links, codes, or other information that promise you to get certain rewards.
- Never trust anyone who is asking for your keys, password, and others.
- Avoid clicking any link or hyperlink in a website, email, and other notifications.
Here is about carefulness and awareness of the things that we are going to do.

Kontibruno

jr. member

Activity: 54

Merit: 4

I think the safest way to keep your system protected from hackers is to avoid opening links you are not sure of. And do not depend on your anti-virus, some viruses are more sophisticated than these anti-viruses.

Peanutswar

hero member

Activity: 1498

Merit: 974

Bitcoin Casino Est. 2013

This kind of email attack or also called a Smishing this kind attack are letting their users to click the click or any suspicious file and of course today if you click a file it might automatically download unless there's another layer of security you have to prevent this might happen, if you remember there's a trending of email virus before which is the I love you virus this is one of the most notorious kinds of message that damage a lot of assets of the organizations. Smishing is nothing new in the internet because there are uneducated people keep exploring even though its came from a suspicious sender. It is better to prevent clicking anything, think before you execute.

n0nce

hero member

Activity: 882

Merit: 5818

not your keys, not your coins!

Quote from: pooya87 on August 29, 2021, 11:49:05 PM

Quote from: Welsh on August 18, 2021, 02:55:45 PM

Plus, you get a ton of false positives, which can be problematic in itself.

This is the worst. The other day I compiled my own code and my AV detected it as a virus and removed the compiled binaries!!! It was funny and infuriating at the same time. Suffice it to say that I had to exclude my entire dev folder. The only reason I have an AV is its firewall because it gives me a lot of control over what applications can access to the internet.

Tbh I wouldn't install an AV (which imho is also a virus, as Welsh said) just for the firewall.

For example, to simply restrict some binaries access to internet, something lightweight, small and open source as ufw (https://launchpad.net/ufw) should do the trick.

As a very strong and effective firewall, you'll also (additionally) want something separate from the device you're trying to protect, a physically separate piece of hardware in your network that filters packets and everything.

pooya87

legendary

Activity: 3444

Merit: 10558

Quote from: Welsh on August 18, 2021, 02:55:45 PM

Plus, you get a ton of false positives, which can be problematic in itself.

This is the worst. The other day I compiled my own code and my AV detected it as a virus and removed the compiled binaries!!! It was funny and infuriating at the same time. Suffice it to say that I had to exclude my entire dev folder. The only reason I have an AV is its firewall because it gives me a lot of control over what applications can access to the internet.

posi

hero member

Activity: 2240

Merit: 579

Leading Crypto Sports Betting & Casino Platform

This totally a spam message and only a silly person will believe the content of the message but I dont know what the OP was thinking to even open such message which could expose him.

Munir575

member

Activity: 546

Merit: 10

I just noticed the rate at which people are just trying to have access to our funds is really increasing rapidly there are lot's of cryptocurrency scam patterns now which we all have to be very careful so that we wont lose our money there are lots of fake apps, fake links, fake websites and fake airdrop and giveaway currently which they are just trying to drain. So we all have to be very careful the kind of and and where we inpute our details to avoid been scammed.

BIT-BENDER

hero member

Activity: 1498

Merit: 702

Why open an attachment from someone or something you didn't apply/subscribe for or enquiry about, there is an option on Gmail when signing up an address, which is for personal use, business or sometimes child, I think this directive is enough for -Newbies- and experts to know that they can earmark addresses for distinct purposes have one address can increase your curiousness or maybe mixed up to open an attachment you can't understand where the source got your address from.

Woodie

hero member

Activity: 1792

Merit: 871

Rollbit.com ⚔️Crypto Futures

I also feel Google isn't doing much to protect its users from data theft...you might say it's not their responsibility but it's one way of protecting its business. And they can sort this out stopping or blocking these domains from further spreading their malware.

I have have found myself receiving 100s of emails in a week from different domains even after reporting these as spam but it just never stops, I have resorted to not using my email address and jumped onto a newly created one.

isaac_clarke22

sr. member

Activity: 1596

Merit: 264

Quote from: Imran232 on August 18, 2021, 02:40:52 PM

~
That is the message i want to delivered.

Well sure, OP, but this is too obvious and I don't know the reasoning of someone just going straight up and download these kinds of files. This is even lower level than phishing.

Would you download a randomly named executable file when someone told you that you can generate Bitcoin with it?

Quote from: Welsh on August 20, 2021, 10:18:48 AM

~

There were some reports of false positives, and from that I wouldn't really rely on it as I am not even sure if they keep their virus database up-to-date.

decodx

hero member

Activity: 1428

Merit: 931

🇺🇦 Glory to Ukraine!

Computer viruses or worms that spread using electronic mail have been known since the 90s. I don't know what is new here, but people seem to have become too dependent on the mail service filters. Common sense should be everyone's best protection from such attacks.

Welsh

staff

Activity: 3248

Merit: 4110

Quote from: Mkmanik on August 20, 2021, 02:46:37 AM

Now every time when I need to download any file, I use https://www.virustotal.com/gui/home/upload to scan those files or websites. This website is the best.
I also suggest everyone, Before downloading any file from the unknown source/internet trying to use Virustotal. It is very helpful for you.

VirusTotal is okay. It's good for some quick checking, without having to actually install any software on your device. However, it's not entirely accurate, and shouldn't be relied on. You shouldn't be downloading any attachment that you aren't expecting, and can't verify with the person sending it. Also, you shouldn't be downloading any software on the internet without verifying it came from the official source. Even then, you have to ask yourself if you actually trust the vendor serving you that file.

Any sophisticated hacker would likely be able to code around TotalVirus detection though. Though, most of them don't target the likes of me, and you. Instead, we are mainly targeted by script kiddies i.e people using other peoples scripts, which are generally known among anti virus software, and TotalVirus.

Mkmanik

hero member

Activity: 986

Merit: 516

almost every day I receive this kind of Email. But I don't try to open those Emails. I know a hacker trying to hack my PC every time. So I am very aware of it. A few months ago somehow my PC got hacked, and hackers can able to get access to my browser. I remember I download a zip file from Mega. When I tried to extract the file, My windows defender warned me but my computer was already infected.

Hacker tried to log in to my Gmail account, But Gamil warned me that someone tried to log in to my Gmail. After that, I format my whole computer hard disk and set up new windows. Also changed all of my passwords for computer and mobile.

Now every time when I need to download any file, I use https://www.virustotal.com/gui/home/upload to scan those files or websites. This website is the best.
I also suggest everyone, Before downloading any file from the unknown source/internet trying to use Virustotal. It is very helpful for you.

Luffygroove

member

Activity: 966

Merit: 25

Ton Together | Save Smart & Win Big

Well, I have the same story from YouTubers here in my country. The scammers take control of the YouTuber's youtube by pretending to offer them a partnership and send some documents to be downloaded. Unfortunately, turns out it was a phishing trial. Although the story came from a YouTuber, technically it's also applied to us, the crypto community. Always be aware, don't click links easily, don't respond to unknown people, Re-check a couple of times, don't get lured easily by a big amount of money (usually from airdrops), and so on. I hope we all be safe from any kind of scam trial

pakhitheboss

hero member

Activity: 2100

Merit: 771

Top Crypto Casino

If you recieve a zip file or a .rar file as an attachment then never download it and immediately delete that mail. In general, if you receive an attachment from an unknown sender then always block that sender. This is applicable to any platform from where you can receive attachments.

OP this is not new it is a very old and effective instrument that hackers and scammers to date still use it. People do fall for such mail and then lose everything.

TryNinja

legendary

Activity: 2758

Merit: 6830

I just got this email. Downloaded the file and this is all it has inside:

Quote

This leads you to a website that appears to be a crypto MLM ("donate X BTC and put your address, someone else will donate to you")...

TLDR: You won't get hacked if you click this file.

Topic: Beware: Another type of hacker's trap (Read 276 times)