Author

Topic: Bitcointalk account hacking/phishing Alert (Read 709 times)

sr. member
Activity: 798
Merit: 436
March 23, 2023, 11:51:38 AM
#36
So bad to see how this guy keep trying to hack people's accounts and the rise in the sale of accounts, this situation needs to be given close attention.

I think everything begins with him sending unsolicited PMs to members, some will ignore while some may respond to him, i think the forum has to make this an additional efforts by looking into every reported PM and judge the case base on the content of the message sent in placing a ban on the sender, i believe so much that this is part of the reasons why some members restrict newbies from sending them PMs.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
I don't know how their account was hacked. But, I see an old thread about BitcoinGirl.Club's account was hacked somehow. Her email was compromised.
It was one of the worst time. It not only effected my bitcointalk account but effect many other accounts including exchanges. Manually I had to change email for possible all online accounts. Some of them took even a month to finish then entire process.

I had to change my wallets too, just in case to make sure I am not using compromised wallet. When you are attacked by a hacker no matter how it happen, I guess you need to change everything you had associated in the device and the account that was hacked.
hero member
Activity: 518
Merit: 547
No one should fall into the cheating trap of hacking. It seems to be a scam so all brothers including us in this bitcoin forum should be careful.  Once you fall into such a fraud trap, there is no chance of surviving a second time, so whatever link you click on, you should enter the link carefully. And stay away from some links asking to connect.


Nobody wants to step into a trap. But, eventually, we do. It's not easy to keep yourself safe on the internet. Mostly we browse the internet effortlessly. We don't know where the phishing link is hiding. We realize once we step into a trap and our accounts get compromised. It's hard to stay safe if you are a mobile user. There are a lot of reputed members' accounts that were hacked before. I don't know how their account was hacked. But, I see an old thread about BitcoinGirl.Club's account was hacked somehow. Her email was compromised.
sr. member
Activity: 798
Merit: 374
81% of Forum users use Desktop to visit this forum.
Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.

I didn't get you. Did you read the post I wrote with the image? Bitcointalk.org had 3.1 Million visits from Mobile just on October 22. After that, Mobile device visits dropped significantly. Bitcointalk.org has around 250K to 300K monthly mobile visits on average. In comparison, It has around 900K to 1.2 Million Desktop visits every month. October 2022 was exceptional, and it's a mystery. I do not have any explanation because I also have doubts about the accuracy of those stats, which I also wrote in that post. It seems we are going off-topic here. Mobile users have to be careful when they click on any link.

No one should fall into the cheating trap of hacking. It seems to be a scam so all brothers including us in this bitcoin forum should be careful.  Once you fall into such a fraud trap, there is no chance of surviving a second time, so whatever link you click on, you should enter the link carefully. And stay away from some links asking to connect.
hero member
Activity: 518
Merit: 547
81% of Forum users use Desktop to visit this forum.
Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.

I didn't get you. Did you read the post I wrote with the image? Bitcointalk.org had 3.1 Million visits from Mobile just on October 22. After that, Mobile device visits dropped significantly. Bitcointalk.org has around 250K to 300K monthly mobile visits on average. In comparison, It has around 900K to 1.2 Million Desktop visits every month. October 2022 was exceptional, and it's a mystery. I do not have any explanation because I also have doubts about the accuracy of those stats, which I also wrote in that post. It seems we are going off-topic here. Mobile users have to be careful when they click on any link.
legendary
Activity: 1890
Merit: 1537
If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.
Thank you everyone for sharing this warning. Although the scam method used is old, it is through a fake page, but the deception lies in the scammer putting the BBCode in order to show the link in front of you, not the one that will be opened. For me, before I click on any links here in the forum I right-click with the mouse on the link that was sent to me, then click on Copy Link Address, and then I put the link in the top bar of the browser or in a note to check it before opening it. It is good that the scammers have been banned now.
hero member
Activity: 1834
Merit: 879
Rollbit.com ⚔️Crypto Futures

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.



You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.
I was going to say using Twitter or telegram does unmask the link behind the link especially for URL shorteners like bitly etcetera but not in this scenario, but your solution of quoting of the post does show the hidden link ,so does hovering on the link exposes the link  somewhere in the left bottom of the screen if you are using a desktop ,easy pizzy Smiley



81% of Forum users use Desktop to visit this forum.
Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

81% of Forum users use Desktop to visit this forum. While mobile users can check the link by quoting the post, Desktop users can check it more easily by hovering over it before clicking it. I am unsure if a simple visit can hack any account without writing credentials. Phishing collects credentials only when you write that on the website. Also, It's understandable that you won't get logged out when you visit in-forum links. If you click on any link that redirects you to the login page, That's Odd. You are already logged in to the forum. Why would it ask again to log in if you did not log out or clear the browser? This forum doesn't require login to check forum posts. I guess most forum users know what I have written so far.
It is possible to get the access of your device by simply clicking a link and its already proved by the cyber experts on many occasions that is why you should not be too careless whenever you receive a random link in any social media including bitcointalk.

Generally I delete such kind of messages and if I found its having any malicious link then never hesitated to report it to admin so do the same and the member who is involving in such practice will definitely get their penalty either temp or permanent ban.
full member
Activity: 2324
Merit: 175
I've always been wary of and had been saying this all the time that whatever URL we see here, we shouldn't blindly trust it and should at least check it by right clicking on it and then copy it and paste it on notepad before actually opening it. There are some pages or website (country based) which, if you open them, have the ability to steal anything you've got in your bank account. Every single user here (especially newbies) should take a note about this and never open a link directly because what you're shown as a link can also redirect you to somewhere else.

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.

Or you can hover your mouse over the link and you can see where the link cloak link is heading you check the image below and its heading to a Youtube link, the most important thing is never to click the link without knowing what the link is and where it is heading, some cloak links are download links and if you do not have a good AV it will directly download it to your computer, just be careful on links with the word .exe at the end

hero member
Activity: 518
Merit: 547
You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

81% of Forum users use Desktop to visit this forum. While mobile users can check the link by quoting the post, Desktop users can check it more easily by hovering over it before clicking it. I am unsure if a simple visit can hack any account without writing credentials. Phishing collects credentials only when you write that on the website. Also, It's understandable that you won't get logged out when you visit in-forum links. If you click on any link that redirects you to the login page, That's Odd. You are already logged in to the forum. Why would it ask again to log in if you did not log out or clear the browser? This forum doesn't require login to check forum posts. I guess most forum users know what I have written so far.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.



You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
[~snipped~]

I think a safer way would be for you to just avoid click on any link that would take you outside the forum and you can easily spot the forum's link by hovering on top when you do that it (the link) turns green while the link that will direct you outside the forum does not turn green.
With this, you could easily avoid links without having to click on them.
legendary
Activity: 3052
Merit: 1273
I've always been wary of and had been saying this all the time that whatever URL we see here, we shouldn't blindly trust it and should at least check it by right clicking on it and then copy it and paste it on notepad before actually opening it. There are some pages or website (country based) which, if you open them, have the ability to steal anything you've got in your bank account. Every single user here (especially newbies) should take a note about this and never open a link directly because what you're shown as a link can also redirect you to somewhere else.

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.
hero member
Activity: 910
Merit: 507
Just a head up to everyone, this guy is still in the forum may be with another username since his account were red tagged.

You all should be careful out there and never click any link sent to you via pm, it could be a trap to get your account hacked.
hero member
Activity: 1498
Merit: 711
Enjoy 500% bonus + 70 FS
Cases like this have been happening for some time now on this forum, but we need to be more careful because lately this kind of hack attempt is more prominent and a lot of users are falling for this trick from hackers looking for ways to steal your login information.
Actually you are right, because theirs one certain time i noticed that some people do complain of hacking of account. And i flashbacks to people who sell account how do this people get the account they do sell to people. So it's obvious majority of the alternative accounts that is disturbing the community with spam and shit posts.
hero member
Activity: 910
Merit: 507
Out of curiosity, I visited the address on my browser by just inputting thegermanaccess.com and it lead to a website who's vision and mission is more about availing foreign nations the opportunity to study in Germany and learn the German language.

From the look of it, the site seems legitimate but, these hackers tries to use it for a cloak to use legitimacy in hiding there intent. It's a good thing they've been banned but, that doesn't mean they would for ever stay away as, they could always create an alt.

It becomes a matter of necessity that users be careful of the links they respond to and don't rush to login in the event of being logged out. You cod always go back and refresh the page just to be sure. At other times, always examine the browser, link and interface. Should you find any suspicion, report to the forum and have it sorted out.
As a matter of fact i dont long out my account from my browser, and as much as possible i dont use my password, while i was visiting the link when it was sent to my inbox i discovered the site is different from bitcointalk and is an unsecured site so I quickly riased the alarm here.
hero member
Activity: 1288
Merit: 504
Out of curiosity, I visited the address on my browser by just inputting thegermanaccess.com and it lead to a website who's vision and mission is more about availing foreign nations the opportunity to study in Germany and learn the German language.

From the look of it, the site seems legitimate but, these hackers tries to use it for a cloak to use legitimacy in hiding there intent. It's a good thing they've been banned but, that doesn't mean they would for ever stay away as, they could always create an alt.

It becomes a matter of necessity that users be careful of the links they respond to and don't rush to login in the event of being logged out. You cod always go back and refresh the page just to be sure. At other times, always examine the browser, link and interface. Should you find any suspicion, report to the forum and have it sorted out.
hero member
Activity: 910
Merit: 507
Thanks for getting this information to my notice, i feel excited to see that two scammers are busted out the forum for good.
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
Thank you for posting about it with screenshots.

I think this is the first time I have seen an attempt of this particular nature being sent in PMs. All users especially newbies are advised to take notice of the excellent work by the OP and avoid falling victim to these types of scams.

~snip~

If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.
member
Activity: 742
Merit: 12
Global peace initiative
Cases like this have been happening for some time now on this forum, but we need to be more careful because lately this kind of hack attempt is more prominent and a lot of users are falling for this trick from hackers looking for ways to steal your login information.
hero member
Activity: 910
Merit: 507
So bad to see how this guy keep trying to hack people's accounts and the rise in the sale of accounts, this situation needs to be given close attention.
legendary
Activity: 1974
Merit: 2124
It's really a shame that @tuannguyentn1, an account that has been here since 2017 can only muster just a single merit till date. BTW, what an ugly username that's there.
He is not only alone in this bounty hunting scheme account setup and has made only 56 posts from 2017 so you can clearly see his intentions and single merit helped him to achieve the junior rank member on forum but he didn't stop his work and now he's banned on the forum.These bounty hunters have hundred of pages with only bounty reports submissions and don't have any single merit on their profile.

Both users are banned.
Yes they have been banned and these actions are required for the safety of the forum and we also have some phising warning on the forum sometimes but still we see these things:



So there are many scammers trying to contact your through PM so it's our responsibility to be alert and take a look at them carefully while don't click on these links without any means.
hero member
Activity: 1442
Merit: 775
Both tuannguyentn1 and santhosh121081 are relatively old in this forum and I guess that is why they have an idea of the old phishing attempts. I think they should be stopped before it will become a trend in the forum. The case of tuannguyentn1, the account work up recently after long time of inactivity. The merit that made the user a Jr member was giving on a bounty report comment. A post that doesn't worth meriting. Everything about this scenario is fishy.
Maybe they woke up for phishing business in bear market. Incentivize by loss in bear market and need to find some bad jobs to cover their asses.

Password changed / Woke up recently. Good signals to know potential scammers
What to do to avoid phishing sites
[GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto
[Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
Tool For Catch Phishing
[LEARN & EARN] Phishing Quizzes - Beginners & Experts
Phishing with Punny code
member
Activity: 742
Merit: 12
Global peace initiative
So bad to see this happening still happening frequently, but make sure to report the message to moderators for them to take action against that account. Am sure you can also leave a negative trust on the account to prevent others from falling to this trick.
legendary
Activity: 2716
Merit: 1225
Once a man, twice a child!
It's really a shame that @tuannguyentn1, an account that has been here since 2017 can only muster just a single merit till date. BTW, what an ugly username that's there. That hack attempt should reinforce anyone's alertness to a given fact that if something smells fishy, crosscheck it. Don't be in a rush to run over it. It was in your ability to check facts that you realized the URL was totally different from this site. It goes to show that once you've your account in "always stay logged in" and you're asked to log in again, be suspicious. I don't know why there's resurgence of this type of attitude now. Sad.
legendary
Activity: 2520
Merit: 1113
being both merited on different threads for non-substantial posts by SIXMJ to that effect …
I have a feeling that they are connected, apart from sending merits to both users who sent phishing PMs, SIXMJ also got merited by someone(dragospirvu75) who also got banned due to sending Phishing PMs to members. other than that assumptions, I don't have anything else, so I don't really expect any action to be taken against SIXMJ.
staff
Activity: 2436
Merit: 2347
sr. member
Activity: 1932
Merit: 442
Eloncoin.org - Mars, here we come!
Well scammers are everywhere so you dont need to wonder why that happen --this is a common issue that we heard of even before.
The second layer security option of our account is to stake your address on this link[1], which is you have a strong proof of ownership that you are a real owner by staking your address which you have control.
Upon attempting to click the link in your message what color did you see? Because safe link appears a color green when you attempt to the link.
[1] https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318
hero member
Activity: 2520
Merit: 783
Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:
Snip
Screenshot of redirected page
Snip
 If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.



Nothing new with this as their are still users want to hack some account for their own personal interest and luckily you check the url before going. Also you can report this up to the moderator so that the accounts used for sending you a message about that phising link will get banned so that they or he cannot used that for another phising link spreading again.
legendary
Activity: 1288
Merit: 1081
Goodnight, o_e_l_e_o 🌹
Oddly enough, both recent cases of accounts sending this phishing link (santhosh121081 and tuannguyentn1) were both merited and became Jr. Members either yesterday or today, being both merited on different threads for non-substantial posts by SIXMJ to that effect …
Both tuannguyentn1 and santhosh121081 are relatively old in this forum and I guess that is why they have an idea of the old phishing attempts. I think they should be stopped before it will become a trend in the forum. The case of tuannguyentn1, the account work up recently after long time of inactivity. The merit that made the user a Jr member was giving on a bounty report comment. A post that doesn't worth meriting. Everything about this scenario is fishy.
hero member
Activity: 714
Merit: 521
Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my passwor

Countless time I've experienced issues related to this requesting that he likes my comment oost on a particular topic ot threads that he will like to learn more from me, then i wonder if that couldn't be discussed or asked on that dame thread but on a PM that has link address which is suspicious enough for an hacking format, the aren't wise enough than us, all i do is just to ignor the user, avoid the link sent nor reply the trash PM, and i then reported such to the moderator.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
Oddly enough, both recent cases of accounts sending this phishing link (santhosh121081 and tuannguyentn1) were both merited and became Jr. Members either yesterday or today, being both merited on different threads for non-substantial posts by SIXMJ to that effect …
legendary
Activity: 2604
Merit: 2353
Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:

Screenshot of redirected page

 If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.
That's really sad to hear those kinds of things, did you try to speak with him? What he was expecting to do with a newbie account precisely? I really don't understand what those guys are looking for. Are you sure it was a human at least and not a bot? As it has been said please report the PM to moderators.
I quote your post to show the pictures to everybody.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
This has been around for quite a while, and there was a case of the hacker using an already hacked account to send the PMs. This could be the case here as the user tuannguyentn1 just recently woke up as can be seen on his trust profile.

You don't have to wait for DT members to send a feedback, you can do that yourself and use this post as a reference.
Reporting the PM as suggested above is also a great idea.
legendary
Activity: 2520
Merit: 1113
this kind of phishing attempt has happened before in this forum and the same thing happened to this member PowerGlove a few days ago(yesterday, if we are basing on forum time). the member received a similar PM from a different user.

I suggest reporting the PM to the MODs so proper action can be taken against the user who sent you the phishing link.
hero member
Activity: 910
Merit: 507
Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:

Screenshot of redirected page

 If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

Jump to: