Author

Topic: [Beware]Bitcointalk PHISHING attempt by E-Mail (Read 295 times)

legendary
Activity: 3178
Merit: 3295
September 28, 2019, 04:49:35 AM
#15
If you stay logged in the whole time on bitcointalk with your Account its easy to see Phishing clone sites.
The Phishing sites always ask for login Details.
The most problem with this sites is that users dont look at Adress link in the Browser, always check it when you login.
legendary
Activity: 2492
Merit: 1145
Enterapp Pre-Sale Live - bit.ly/3UrMCWI
Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.
I checked his profile and his email address is hidden. Not sure if it was always hidden so maybe the spammer got his email address just by checking it on his profile.



Having alt accounts is not against the rules on bitcointalk and many highly ranked and trusted users here have alts. Bitcointalk wouldn't be sending such messages because you are not breaking any rules by having an alt account. Also, scams are not moderated here so even if an alt of yours has scammed the forum administration would not investigate such cases. Scammers get tagged by DTs but they don't get banned.   
Same thought man , I have known many trusted members alts. Alts is defined on how you will use it. Many member abuse the legalization of alts by making money in it. Using their alts to scam and to abuse some signature campaigns.

bitcointalk doesnt send a message that you have an alt account. It never happen and it never will. We have other threads here in the forum about the same issue which is phishing. Its just sad that hackers are adopting to new way of hacking accounts that you wont know that you where hacked.
full member
Activity: 1134
Merit: 105
I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)
Code:
http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)

Email PHISHING  is very common these days and one should always check from where the email come from, specially the domain part of the sender address.
Also i will recommend everyone to take any good Phishing online course. One example is https://www.cybrary.it/course/phishing/ from where you can get one and a half hour of training and get a certificate too.

Disclaimer: I have no interest in this site, i learnt from there so i am recommending it to others.
legendary
Activity: 2730
Merit: 7065
Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.
I checked his profile and his email address is hidden. Not sure if it was always hidden so maybe the spammer got his email address just by checking it on his profile.



Having alt accounts is not against the rules on bitcointalk and many highly ranked and trusted users here have alts. Bitcointalk wouldn't be sending such messages because you are not breaking any rules by having an alt account. Also, scams are not moderated here so even if an alt of yours has scammed the forum administration would not investigate such cases. Scammers get tagged by DTs but they don't get banned.   
hero member
Activity: 2114
Merit: 619
The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful?

It's an anchor tag.

Here's an example: yahoo.com

You think that links to yahoo.com? Nope. It links to google.com. Even though it's a very very very old trick, it's honestly very deceiving especially to the uninformed; though with time knowing this sort of "trick", you'd get cautious everytime you see a link on forums. Always hover your cursor over the link and check where the link actually leads to.

Code:
BBCODE(mostly on forums): [url=https://google.com/]yahoo.com[/url]

HTML(websites): yahoo.com
Oh exactly. Sorry I didn't realized that it could easily happen. meta tag must have been set to original bitcointalk.org but link of some other site. Actually even some google searches about bitcointalk point out towards some phishing page. These pages have a slightly different domains.  Thanks for assisting.
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful?

It's an anchor tag.

Here's an example: yahoo.com

You think that links to yahoo.com? Nope. It links to google.com. Even though it's a very very very old trick, it's honestly very deceiving especially to the uninformed; though with time knowing this sort of "trick", you'd get cautious everytime you see a link on forums. Always hover your cursor over the link and check where the link actually leads to.

Code:
BBCODE(mostly on forums): [url=https://google.com/]yahoo.com[/url]

HTML(websites): yahoo.com
hero member
Activity: 2114
Merit: 619
September 27, 2019, 11:54:50 AM
#9
I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)
Code:
http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)
The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful? I am a bit bad at hacking and all but as far as I know you need to create your own domain and a replica site to compromise with information of users. Won't entering data on the original username redirect the data to original database only? or is there something that I am missing?
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
September 27, 2019, 11:27:21 AM
#8
Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.
hero member
Activity: 2254
Merit: 537
My passive income eBook @ tinyurl.com/PIA10
September 27, 2019, 11:27:14 AM
#7
Bitcointalk has an option to "Hide email address from public". Was it checked?
sr. member
Activity: 1288
Merit: 415
September 27, 2019, 10:12:57 AM
#6
Just checking the senders email should ring a bell in your head. I think only some one with lowfunctioning brain cells would do the mistake of trusting that email.

But, it's good you reported it here, no offence. Cheesy
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
September 27, 2019, 09:53:01 AM
#5
Bitcointalk forum will never send such trivial e-mail messages, and if you pay attention to the header of e-mail then it is pretty clear that the post has nothing to do with this forum. If user has enabled e-mail notification then he/she may receive e-mails but then the address will be clearly stated _ from Bitcoin Forum <[email protected]>

Paying attention to the details, and accessing the forum only from the link we saved in our browser bookmark is sufficient protection.

legendary
Activity: 3178
Merit: 3295
September 27, 2019, 09:17:27 AM
#4
There is alread a thread created with this Website  name in it !

If you look here https://bitcointalksearch.org/topic/fake-airdrop-phishing-website-posted-in-services-5172689 you can see that morvillz7z has quoted a post

from tedyx  with the message here https://bitcointalksearch.org/topic/m.52073272

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)



Guess its the same person maybe that created the new Phishing Forum !
legendary
Activity: 2128
Merit: 1775
September 27, 2019, 08:51:53 AM
#3
Code:
http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey
I try to enter the link you mentioned.
But the results are as below.



In the matter that you are experiencing right now I can advise you that this is a hacking and fake attempt.

Find ways to safer your account.
1. Change the password that is very secret.
2. Change your new email, if necessary.
However, this depends on you, I'm just suggesting.


And henceforth you can visit this just in case.

Topic: Recovering hacked/lost accounts.
legendary
Activity: 2212
Merit: 7064
September 27, 2019, 08:38:14 AM
#2
It is something similar that happened in may case:
https://bitcointalksearch.org/topic/how-scammer-tried-to-hack-my-bitcointalk-and-how-to-protect-yourself-5173531

People should always check URL bar to confirm correct link, and also watch out for Puny codes.

You should also check if your email is pwned:
https://haveibeenpwned.com/
hero member
Activity: 1162
Merit: 547
CryptoTalk.Org - Get Paid for every Post!
September 27, 2019, 08:20:30 AM
#1
I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)
Code:
http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)
Jump to: