Bitcointalk account hacking/phishing Alert

Aanuoluwatofunmi

sr. member

Activity: 532

Merit: 390

Quote from: Ojima-ojo on July 20, 2022, 08:25:41 AM

So bad to see how this guy keep trying to hack people's accounts and the rise in the sale of accounts, this situation needs to be given close attention.

I think everything begins with him sending unsolicited PMs to members, some will ignore while some may respond to him, i think the forum has to make this an additional efforts by looking into every reported PM and judge the case base on the content of the message sent in placing a ban on the sender, i believe so much that this is part of the reasons why some members restrict newbies from sending them PMs.

BitcoinGirl.Club

legendary

Activity: 2702

Merit: 2645

Farewell LEO: o_e_l_e_o

Quote from: John Abraham on March 22, 2023, 02:17:19 AM

I don't know how their account was hacked. But, I see an old thread about BitcoinGirl.Club's account was hacked somehow. Her email was compromised.

It was one of the worst time. It not only effected my bitcointalk account but effect many other accounts including exchanges. Manually I had to change email for possible all online accounts. Some of them took even a month to finish then entire process.

I had to change my wallets too, just in case to make sure I am not using compromised wallet. When you are attacked by a hacker no matter how it happen, I guess you need to change everything you had associated in the device and the account that was hacked.

John Abraham

hero member

Activity: 518

Merit: 547

Quote from: Popkon6 on March 21, 2023, 11:15:20 PM

No one should fall into the cheating trap of hacking. It seems to be a scam so all brothers including us in this bitcoin forum should be careful. Once you fall into such a fraud trap, there is no chance of surviving a second time, so whatever link you click on, you should enter the link carefully. And stay away from some links asking to connect.

Nobody wants to step into a trap. But, eventually, we do. It's not easy to keep yourself safe on the internet. Mostly we browse the internet effortlessly. We don't know where the phishing link is hiding. We realize once we step into a trap and our accounts get compromised. It's hard to stay safe if you are a mobile user. There are a lot of reputed members' accounts that were hacked before. I don't know how their account was hacked. But, I see an old thread about BitcoinGirl.Club's account was hacked somehow. Her email was compromised.

Popkon6

sr. member

Activity: 560

Merit: 286

Quote from: John Abraham on March 17, 2023, 03:36:05 AM

Quote from: Woodie on March 16, 2023, 05:03:26 PM

Quote from: John Abraham on March 15, 2023, 03:19:44 AM

81% of Forum users use Desktop to visit this forum.

Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.

I didn't get you. Did you read the post I wrote with the image? Bitcointalk.org had 3.1 Million visits from Mobile just on October 22. After that, Mobile device visits dropped significantly. Bitcointalk.org has around 250K to 300K monthly mobile visits on average. In comparison, It has around 900K to 1.2 Million Desktop visits every month. October 2022 was exceptional, and it's a mystery. I do not have any explanation because I also have doubts about the accuracy of those stats, which I also wrote in that post. It seems we are going off-topic here. Mobile users have to be careful when they click on any link.

No one should fall into the cheating trap of hacking. It seems to be a scam so all brothers including us in this bitcoin forum should be careful. Once you fall into such a fraud trap, there is no chance of surviving a second time, so whatever link you click on, you should enter the link carefully. And stay away from some links asking to connect.

John Abraham

hero member

Activity: 518

Merit: 547

Quote from: Woodie on March 16, 2023, 05:03:26 PM

Quote from: John Abraham on March 15, 2023, 03:19:44 AM

81% of Forum users use Desktop to visit this forum.

Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.

I didn't get you. Did you read the post I wrote with the image? Bitcointalk.org had 3.1 Million visits from Mobile just on October 22. After that, Mobile device visits dropped significantly. Bitcointalk.org has around 250K to 300K monthly mobile visits on average. In comparison, It has around 900K to 1.2 Million Desktop visits every month. October 2022 was exceptional, and it's a mystery. I do not have any explanation because I also have doubts about the accuracy of those stats, which I also wrote in that post. It seems we are going off-topic here. Mobile users have to be careful when they click on any link.

albon

legendary

Activity: 1680

Merit: 1343

Quote from: Ojima-ojo on July 17, 2022, 03:58:04 PM

If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

Thank you everyone for sharing this warning. Although the scam method used is old, it is through a fake page, but the deception lies in the scammer putting the BBCode in order to show the link in front of you, not the one that will be opened. For me, before I click on any links here in the forum I right-click with the mouse on the link that was sent to me, then click on Copy Link Address, and then I put the link in the top bar of the browser or in a note to check it before opening it. It is good that the scammers have been banned now.

Woodie

hero member

Activity: 1792

Merit: 871

Rollbit.com ⚔️Crypto Futures

Quote from: lovesmayfamilis on March 15, 2023, 02:43:29 AM

Quote from: Stedsm on March 14, 2023, 07:58:30 PM

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.

You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

I was going to say using Twitter or telegram does unmask the link behind the link especially for URL shorteners like bitly etcetera but not in this scenario, but your solution of quoting of the post does show the hidden link ,so does hovering on the link exposes the link somewhere in the left bottom of the screen if you are using a desktop ,easy pizzy

Quote from: John Abraham on March 15, 2023, 03:19:44 AM

81% of Forum users use Desktop to visit this forum.

Followed the link you shared, unfortunately numbers look inconclusive and if anything I think we have more users using mobile devices than a desktop which is scary in terms of these security concerns.

Findingnemo

hero member

Activity: 2310

Merit: 757

Bitcoin = Financial freedom

Quote from: John Abraham on March 15, 2023, 03:19:44 AM

Quote from: lovesmayfamilis on March 15, 2023, 02:43:29 AM

You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

81% of Forum users use Desktop to visit this forum. While mobile users can check the link by quoting the post, Desktop users can check it more easily by hovering over it before clicking it. I am unsure if a simple visit can hack any account without writing credentials. Phishing collects credentials only when you write that on the website. Also, It's understandable that you won't get logged out when you visit in-forum links. If you click on any link that redirects you to the login page, That's Odd. You are already logged in to the forum. Why would it ask again to log in if you did not log out or clear the browser? This forum doesn't require login to check forum posts. I guess most forum users know what I have written so far.

It is possible to get the access of your device by simply clicking a link and its already proved by the cyber experts on many occasions that is why you should not be too careless whenever you receive a random link in any social media including bitcointalk.

Generally I delete such kind of messages and if I found its having any malicious link then never hesitated to report it to admin so do the same and the member who is involving in such practice will definitely get their penalty either temp or permanent ban.

Saisher

full member

Activity: 2240

Merit: 175

#SWGT PRE-SALE IS LIVE

Quote from: Stedsm on March 14, 2023, 07:58:30 PM

I've always been wary of and had been saying this all the time that whatever URL we see here, we shouldn't blindly trust it and should at least check it by right clicking on it and then copy it and paste it on notepad before actually opening it. There are some pages or website (country based) which, if you open them, have the ability to steal anything you've got in your bank account. Every single user here (especially newbies) should take a note about this and never open a link directly because what you're shown as a link can also redirect you to somewhere else.

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.

Or you can hover your mouse over the link and you can see where the link cloak link is heading you check the image below and its heading to a Youtube link, the most important thing is never to click the link without knowing what the link is and where it is heading, some cloak links are download links and if you do not have a good AV it will directly download it to your computer, just be careful on links with the word .exe at the end

John Abraham

hero member

Activity: 518

Merit: 547

Quote from: lovesmayfamilis on March 15, 2023, 02:43:29 AM

You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

81% of Forum users use Desktop to visit this forum. While mobile users can check the link by quoting the post, Desktop users can check it more easily by hovering over it before clicking it. I am unsure if a simple visit can hack any account without writing credentials. Phishing collects credentials only when you write that on the website. Also, It's understandable that you won't get logged out when you visit in-forum links. If you click on any link that redirects you to the login page, That's Odd. You are already logged in to the forum. Why would it ask again to log in if you did not log out or clear the browser? This forum doesn't require login to check forum posts. I guess most forum users know what I have written so far.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Stedsm on March 14, 2023, 07:58:30 PM

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.

You can also quote the post to see what's behind the link. I don't think this is a big problem for people who have been online for a long time. Beginners, and especially curious beginners, will have to go through the path firsthand.

Cantsay

hero member

Activity: 700

Merit: 541

Top Crypto Casino

Quote from: Stedsm on March 14, 2023, 07:58:30 PM

[~snipped~]

I think a safer way would be for you to just avoid click on any link that would take you outside the forum and you can easily spot the forum's link by hovering on top when you do that it (the link) turns green while the link that will direct you outside the forum does not turn green.
With this, you could easily avoid links without having to click on them.

Stedsm

legendary

Activity: 3052

Merit: 1273

I've always been wary of and had been saying this all the time that whatever URL we see here, we shouldn't blindly trust it and should at least check it by right clicking on it and then copy it and paste it on notepad before actually opening it. There are some pages or website (country based) which, if you open them, have the ability to steal anything you've got in your bank account. Every single user here (especially newbies) should take a note about this and never open a link directly because what you're shown as a link can also redirect you to somewhere else.

Example:

https://Google.com

Click on the link above and see where you go, you'll understand.

Ojima-ojo

sr. member

Activity: 700

Merit: 429

Just a head up to everyone, this guy is still in the forum may be with another username since his account were red tagged.

You all should be careful out there and never click any link sent to you via pm, it could be a trap to get your account hacked.

GeorgeJohn

hero member

Activity: 1400

Merit: 655

Bitcoin is achievement

Quote from: RILWAN on August 11, 2022, 05:54:15 PM

Cases like this have been happening for some time now on this forum, but we need to be more careful because lately this kind of hack attempt is more prominent and a lot of users are falling for this trick from hackers looking for ways to steal your login information.

Actually you are right, because theirs one certain time i noticed that some people do complain of hacking of account. And i flashbacks to people who sell account how do this people get the account they do sell to people. So it's obvious majority of the alternative accounts that is disturbing the community with spam and shit posts.

Ojima-ojo

sr. member

Activity: 700

Merit: 429

Quote from: CryptocurencyKing on August 15, 2022, 02:42:05 PM

Out of curiosity, I visited the address on my browser by just inputting thegermanaccess.com and it lead to a website who's vision and mission is more about availing foreign nations the opportunity to study in Germany and learn the German language.

From the look of it, the site seems legitimate but, these hackers tries to use it for a cloak to use legitimacy in hiding there intent. It's a good thing they've been banned but, that doesn't mean they would for ever stay away as, they could always create an alt.

It becomes a matter of necessity that users be careful of the links they respond to and don't rush to login in the event of being logged out. You cod always go back and refresh the page just to be sure. At other times, always examine the browser, link and interface. Should you find any suspicion, report to the forum and have it sorted out.

As a matter of fact i dont long out my account from my browser, and as much as possible i dont use my password, while i was visiting the link when it was sent to my inbox i discovered the site is different from bitcointalk and is an unsecured site so I quickly riased the alarm here.

CryptocurencyKing

hero member

Activity: 1288

Merit: 504

Out of curiosity, I visited the address on my browser by just inputting thegermanaccess.com and it lead to a website who's vision and mission is more about availing foreign nations the opportunity to study in Germany and learn the German language.

From the look of it, the site seems legitimate but, these hackers tries to use it for a cloak to use legitimacy in hiding there intent. It's a good thing they've been banned but, that doesn't mean they would for ever stay away as, they could always create an alt.

It becomes a matter of necessity that users be careful of the links they respond to and don't rush to login in the event of being logged out. You cod always go back and refresh the page just to be sure. At other times, always examine the browser, link and interface. Should you find any suspicion, report to the forum and have it sorted out.

Ojima-ojo

sr. member

Activity: 700

Merit: 429

Quote from: Xal0lex on July 17, 2022, 08:27:17 PM

Quote from: DdmrDdmr on July 17, 2022, 04:35:46 PM

(santhosh121081 and tuannguyentn1)

Both users are banned.

Thanks for getting this information to my notice, i feel excited to see that two scammers are busted out the forum for good.

JollyGood

legendary

Activity: 2506

Merit: 1710

Top Crypto Casino

Thank you for posting about it with screenshots.

I think this is the first time I have seen an attempt of this particular nature being sent in PMs. All users especially newbies are advised to take notice of the excellent work by the OP and avoid falling victim to these types of scams.

Quote from: Ojima-ojo on July 17, 2022, 03:58:04 PM

~snip~

If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

RILWAN

member

Activity: 742

Merit: 12

Global peace initiative

Cases like this have been happening for some time now on this forum, but we need to be more careful because lately this kind of hack attempt is more prominent and a lot of users are falling for this trick from hackers looking for ways to steal your login information.

Ojima-ojo

sr. member

Activity: 700

Merit: 429

So bad to see how this guy keep trying to hack people's accounts and the rise in the sale of accounts, this situation needs to be given close attention.

aysg76

legendary

Activity: 1960

Merit: 2124

Quote from: Mpamaegbu on July 18, 2022, 02:48:30 AM

It's really a shame that @tuannguyentn1, an account that has been here since 2017 can only muster just a single merit till date. BTW, what an ugly username that's there.

He is not only alone in this bounty hunting scheme account setup and has made only 56 posts from 2017 so you can clearly see his intentions and single merit helped him to achieve the junior rank member on forum but he didn't stop his work and now he's banned on the forum.These bounty hunters have hundred of pages with only bounty reports submissions and don't have any single merit on their profile.

Quote from: Xal0lex on July 17, 2022, 08:27:17 PM

Both users are banned.

Yes they have been banned and these actions are required for the safety of the forum and we also have some phising warning on the forum sometimes but still we see these things:

So there are many scammers trying to contact your through PM so it's our responsibility to be alert and take a look at them carefully while don't click on these links without any means.

SquirrelJulietGarden

hero member

Activity: 1260

Merit: 723

Quote from: KingsDen on July 17, 2022, 05:11:10 PM

Both tuannguyentn1 and santhosh121081 are relatively old in this forum and I guess that is why they have an idea of the old phishing attempts. I think they should be stopped before it will become a trend in the forum. The case of tuannguyentn1, the account work up recently after long time of inactivity. The merit that made the user a Jr member was giving on a bounty report comment. A post that doesn't worth meriting. Everything about this scenario is fishy.

Maybe they woke up for phishing business in bear market. Incentivize by loss in bear market and need to find some bad jobs to cover their asses.

Password changed / Woke up recently. Good signals to know potential scammers
What to do to avoid phishing sites
[GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto
[Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
Tool For Catch Phishing
[LEARN & EARN] Phishing Quizzes - Beginners & Experts
Phishing with Punny code

RILWAN

member

Activity: 742

Merit: 12

Global peace initiative

So bad to see this happening still happening frequently, but make sure to report the message to moderators for them to take action against that account. Am sure you can also leave a negative trust on the account to prevent others from falling to this trick.

Mpamaegbu

legendary

Activity: 2674

Merit: 1208

Once a man, twice a child!

It's really a shame that @tuannguyentn1, an account that has been here since 2017 can only muster just a single merit till date. BTW, what an ugly username that's there. That hack attempt should reinforce anyone's alertness to a given fact that if something smells fishy, crosscheck it. Don't be in a rush to run over it. It was in your ability to check facts that you realized the URL was totally different from this site. It goes to show that once you've your account in "always stay logged in" and you're asked to log in again, be suspicious. I don't know why there's resurgence of this type of attitude now. Sad.

acroman08

legendary

Activity: 2310

Merit: 1075

Quote from: DdmrDdmr on July 17, 2022, 04:35:46 PM

being both merited on different threads for non-substantial posts by SIXMJ to that effect …

I have a feeling that they are connected, apart from sending merits to both users who sent phishing PMs, SIXMJ also got merited by someone(dragospirvu75) who also got banned due to sending Phishing PMs to members. other than that assumptions, I don't have anything else, so I don't really expect any action to be taken against SIXMJ.

Xal0lex

staff

Activity: 2436

Merit: 2347

Quote from: DdmrDdmr on July 17, 2022, 04:35:46 PM

(santhosh121081 and tuannguyentn1)

Both users are banned.

Ryker1

sr. member

Activity: 1918

Merit: 442

Eloncoin.org - Mars, here we come!

Well scammers are everywhere so you dont need to wonder why that happen --this is a common issue that we heard of even before.
The second layer security option of our account is to stake your address on this link^[1], which is you have a strong proof of ownership that you are a real owner by staking your address which you have control.
Upon attempting to click the link in your message what color did you see? Because safe link appears a color green when you attempt to the link.
^{[1] https://bitcointalksearch.org/topic/stake-your-bitcoin-address-here-996318}

Taskford

hero member

Activity: 2520

Merit: 783

Quote from: Ojima-ojo on July 17, 2022, 03:58:04 PM

Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:
Snip
Screenshot of redirected page
Snip
If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

Nothing new with this as their are still users want to hack some account for their own personal interest and luckily you check the url before going. Also you can report this up to the moderator so that the accounts used for sending you a message about that phising link will get banned so that they or he cannot used that for another phising link spreading again.

KingsDen

legendary

Activity: 1078

Merit: 1022

Hello Leo! You can still win.

Quote from: DdmrDdmr on July 17, 2022, 04:35:46 PM

Oddly enough, both recent cases of accounts sending this phishing link (santhosh121081 and tuannguyentn1) were both merited and became Jr. Members either yesterday or today, being both merited on different threads for non-substantial posts by SIXMJ to that effect …

Both tuannguyentn1 and santhosh121081 are relatively old in this forum and I guess that is why they have an idea of the old phishing attempts. I think they should be stopped before it will become a trend in the forum. The case of tuannguyentn1, the account work up recently after long time of inactivity. The merit that made the user a Jr member was giving on a bounty report comment. A post that doesn't worth meriting. Everything about this scenario is fishy.

348Judah

hero member

Activity: 700

Merit: 521

Quote from: Ojima-ojo on July 17, 2022, 03:58:04 PM

Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my passwor

Countless time I've experienced issues related to this requesting that he likes my comment oost on a particular topic ot threads that he will like to learn more from me, then i wonder if that couldn't be discussed or asked on that dame thread but on a PM that has link address which is suspicious enough for an hacking format, the aren't wise enough than us, all i do is just to ignor the user, avoid the link sent nor reply the trash PM, and i then reported such to the moderator.

DdmrDdmr

legendary

Activity: 2296

Merit: 10753

There are lies, damned lies and statistics. MTwain

Oddly enough, both recent cases of accounts sending this phishing link (santhosh121081 and tuannguyentn1) were both merited and became Jr. Members either yesterday or today, being both merited on different threads for non-substantial posts by SIXMJ to that effect …

Saint-loup

legendary

Activity: 2590

Merit: 2348

Quote from: Ojima-ojo on July 17, 2022, 03:58:04 PM

Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:

Screenshot of redirected page

If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

That's really sad to hear those kinds of things, did you try to speak with him? What he was expecting to do with a newbie account precisely? I really don't understand what those guys are looking for. Are you sure it was a human at least and not a bot? As it has been said please report the PM to moderators.
I quote your post to show the pictures to everybody.

Upgrade00

legendary

Activity: 2030

Merit: 2173

Professional Community manager

This has been around for quite a while, and there was a case of the hacker using an already hacked account to send the PMs. This could be the case here as the user tuannguyentn1 just recently woke up as can be seen on his trust profile.

You don't have to wait for DT members to send a feedback, you can do that yourself and use this post as a reference.
Reporting the PM as suggested above is also a great idea.

acroman08

legendary

Activity: 2310

Merit: 1075

this kind of phishing attempt has happened before in this forum and the same thing happened to this member PowerGlove a few days ago(yesterday, if we are basing on forum time). the member received a similar PM from a different user.

I suggest reporting the PM to the MODs so proper action can be taken against the user who sent you the phishing link.

Ojima-ojo

sr. member

Activity: 700

Merit: 429

Forum account hacking attempt, I received a personal massage with a fake forum link from user tuannguyentn1 that he made a reply to my comment, on clicking the link I was taken to fake forum log in page requesting my password on checking the URL I discovered it is a hacking attempt aimed at stealing my password, both old and new members should be careful because the rate of Bitcointalk account hacking is on the increase. I will share all the link including screenshots, I hope user tuannguyentn1 get red trust Dt2 member to save other from falling victim to this hacker.

Screenshot of message including the fake link:

Screenshot of redirected page

If you look at the second screenshot closely you will discover the address in the address bar is not Bitcointalk

So once you fall victim by inputting your forum password your details will be stolen and your account gone.

Topic: Bitcointalk account hacking/phishing Alert (Read 671 times)