Blockchain.com Phishing e-mail! | Bitcointalksearch.org

UserU

hero member

Activity: 2128

Merit: 532

FREE passive income eBook @ tinyurl.com/PIA10

Quote from: LbtalkL on February 11, 2020, 06:10:03 PM

If something like this suspicious happens to me, I always click show details on my email to verify where is this email coming from it should be a habit by everyone to avoid possible phishing. We will see something like this if we click show details, I am using Gmail. click that arrow down button. By checking details you can avoid danger.

Sample:

from:   website . com
to:   your name
date: Feb 12, 2020, 1:48 AM
subject:   testing
mailed-by:   website2 .com
security:   Standard encryption (TLS) Learn more

Yeah, 99% this effectively marks a phisher right away. Gmail is pretty good at this, compared to Hotmail which couldn't allow one to block the spoofer (marking "your" email as Spam immediately gets denied)

seoincorporation

legendary

Activity: 3346

Merit: 3125

Quote from: Lucius on February 09, 2020, 09:49:52 AM

Given the high popularity among users, I would like to warn everyone not to log on to blockchain.com with links they receive via email or some social networks. I received one such e-mail, which is already marked as spam by Google, in which someone informs me that I received $250 in Stellar (XLM).

...

Of course this is not an official email from blockchain.com and if you log in via the email link you will lose everything you have in your wallet. Check link every time, even if you save it to bookmarks, hackers never sleep.

Thanks for the warning Lucius.

As you say, hackers never sleep, we can't trust any kind of login from an mail. That's always phishing. If we get some kind of promotion, airdrop or giveaway the best thing to do is to open the wallet in a new tab in our browser and verify directly in the wallet.

I got tons of phishing emails nowadays, is a common scam who only grows with time, and it's almost impossible to stop them.

wowowdiedie

jr. member

Activity: 71

Merit: 1

I received a similar email, I thank google for removing it into spam. I never open the spam

coupable

hero member

Activity: 2338

Merit: 757

Quote from: Stedsm on February 11, 2020, 08:50:24 AM

The best part is to keep your eyes open and check the email address you received that email from, and you'll surely know that it isn't blockchain.com but there must be some sort of change in the address like [email protected] or [email protected] or anything similar but not the official domain. So, watch out and stay safer than ever, and even if you get emails from official Blockchain wallet, please try to right click and copy and paste it in a notepad to check it carefully before you open it. There's one more hint I'd like to give you here, Blockchain always sends an extra link down under the log in button in the email, if that link is not available - simple - delete that email right away.

It's like: Anyone shouldn't use the same email for all the registrations as he shouldn't choose the same passwords for all the emails he used to use. I mean this would enforce everybody to re-check details many times before to login.
I have received a lot of similar mails during my crypto journey and realise that this won't stop because i didn't take many precautions before submitting my main mail everywhere. Sadly, i can't stop using it and just have to check strange mails from unknown sources and clean it from time to time .

LbtalkL

full member

Activity: 1176

Merit: 162

If something like this suspicious happens to me, I always click show details on my email to verify where is this email coming from it should be a habit by everyone to avoid possible phishing. We will see something like this if we click show details, I am using Gmail. click that arrow down button. By checking details you can avoid danger.

Sample:

from:   website . com
to:   your name
date: Feb 12, 2020, 1:48 AM
subject:   testing
mailed-by:   website2 .com
security:   Standard encryption (TLS) Learn more

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: Stedsm on February 11, 2020, 08:50:24 AM

The best part is to keep your eyes open and check the email address you received that email from, and you'll surely know that it isn't blockchain.com but there must be some sort of change in the address like [email protected] or [email protected] or anything similar but not the official domain. So, watch out and stay safer than ever, and even if you get emails from official Blockchain wallet, please try to right click and copy and paste it in a notepad to check it carefully before you open it. There's one more hint I'd like to give you here, Blockchain always sends an extra link down under the log in button in the email, if that link is not available - simple - delete that email right away.

I'm not sure checking the sender mail address is sufficiently safe since the scammers could have done a smtp spoofing attack to impersonate someone else.
https://en.wikipedia.org/wiki/Email_spoofing

Stedsm

legendary

Activity: 3052

Merit: 1273

The best part is to keep your eyes open and check the email address you received that email from, and you'll surely know that it isn't blockchain.com but there must be some sort of change in the address like [email protected] or [email protected] or anything similar but not the official domain. So, watch out and stay safer than ever, and even if you get emails from official Blockchain wallet, please try to right click and copy and paste it in a notepad to check it carefully before you open it. There's one more hint I'd like to give you here, Blockchain always sends an extra link down under the log in button in the email, if that link is not available - simple - delete that email right away.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: Lucius on February 11, 2020, 06:11:38 AM

although in the case of blockchain wallet users have the ability to create a backup.

Since several years it's not a simple backup anymore, it's a real bip39 seed that you can import in other wallets.

Quote

Our wallet implements BIP44 to generate accounts and addresses, and the recovery mnemonic/seed (present in legacy wallets created in 2016 and prior) implements BIP39. The seed is compatible with other BIP44/BIP39 bitcoin wallets.

https://support.blockchain.com/hc/en-us/articles/115001345946-Your-Wallet-Its-Master-Seed

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: sujonali1819 on February 10, 2020, 11:11:38 AM

I have also received such message few days ago but with other format and wording.

Although these things happen on a daily basis, at a time when the price of BTC is rising, fraud attempts are increasing, because for some people it is a really easy source of income. Even if most of these attempts remain unsuccessful, only one successful scam with an account that has a significant amount of coins and profit can be significant.

Phishing and not owning private keys are the two biggest problems with online wallets, although in the case of blockchain wallet users have the ability to create a backup.

bugsbuds

newbie

Activity: 14

Merit: 0

I also receive this last mail , but is on spam and google say is risky to click on link, thanks for sharing this, hope people will not fall victims.

sujonali1819

legendary

Activity: 2436

Merit: 1189

Need Campaign Manager?PM on telegram @sujonali1819

Now a days this is very normal scenario. Scammers are always trying to stole money by making fool people. I have also received such message few days ago but with other format and wording.

Mostly such messages come to spam folder. So we should be aware or less open the spam box.

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: Saint-loup on February 10, 2020, 07:33:02 AM

Yes but AFAIK you can't create real aliases on gmail or yahoo, unfortunately... Undecided

On gmail you can only add "+something" to your name and on yahoo "-something"... So scammers and spammers can very easily guess you real address, they just need to remove the additional string. Sad

I'm also really not sure if you can use aliases on Gmail/Yahoo, but this is a perfect reason to also try out other privacy-focused email clients like Tutanota[1] and ProtonMail[2]. I've used both and they're both great. What's better just comes down to personal preference.

[1] https://tutanota.com/
[2] https://protonmail.com/

Some others: https://www.privacytools.io/providers/email/

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: mk4 on February 10, 2020, 05:58:45 AM

Quote from: Saint-loup on February 10, 2020, 04:33:24 AM

AFAIK they also(mostly?) use databases leaked/hacked from exchanges, gambling sites, web wallets, faucets, forums and other crypto-platforms, bought on the darknet.
You can check if your email address has been compromised on this famous website https://haveibeenpwned.com

Yeap. That, and through scraped public emails on whatever forum or website in general.

Quote from: Lucius on February 10, 2020, 05:55:12 AM

The problem is not really in receiving such messages, but rather that users, without thinking, click on such links, completely unaware of the danger that threatens them. Any such message can be opened and read without any danger, but all beyond that is playing with fire. It's not always about phishing, sometimes such a link hides a virus or malware.

True. Technically nothing bad will happen if you just ignored those emails; though I personally don't like spam and I'm definitely not comfortable with having an email address of mine being publicly available for spammers. And yes, email aliases is a great solution for this.

Yes but AFAIK you can't create real aliases on gmail or yahoo, unfortunately... Undecided

On gmail you can only add "+something" to your name and on yahoo "-something"... So scammers and spammers can very easily guess you real address, they just need to remove the additional string. Sad

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: Saint-loup on February 10, 2020, 04:33:24 AM

AFAIK they also(mostly?) use databases leaked/hacked from exchanges, gambling sites, web wallets, faucets, forums and other crypto-platforms, bought on the darknet.
You can check if your email address has been compromised on this famous website https://haveibeenpwned.com

Yeap. That, and through scraped public emails on whatever forum or website in general.

Quote from: Lucius on February 10, 2020, 05:55:12 AM

The problem is not really in receiving such messages, but rather that users, without thinking, click on such links, completely unaware of the danger that threatens them. Any such message can be opened and read without any danger, but all beyond that is playing with fire. It's not always about phishing, sometimes such a link hides a virus or malware.

True. Technically nothing bad will happen if you just ignored those emails; though I personally don't like spam and I'm definitely not comfortable with having an email address of mine being publicly available for spammers. And yes, email aliases is a great solution for this.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: mk4 on February 10, 2020, 04:00:23 AM

Might probably be a good time to change email addresses if you're receiving a lot of similar emails.

Personally, I use several different e-mail addresses, and I get these messages exclusively on an e-mail that is public and receives between 10-20 spam messages a day. Mostly over 90% end up in the spam folder, which means that Google does the job very well (in case of Gmail).

The problem is not really in receiving such messages, but rather that users, without thinking, click on such links, completely unaware of the danger that threatens them. Any such message can be opened and read without any danger, but all beyond that is playing with fire. It's not always about phishing, sometimes such a link hides a virus or malware.

boyptc

hero member

Activity: 3024

Merit: 680

★Bitvest.io★ Play Plinko or Invest!

Quote from: Lucius on February 09, 2020, 09:49:52 AM

Of course this is not an official email from blockchain.com and if you log in via the email link you will lose everything you have in your wallet. Check link every time, even if you save it to bookmarks, hackers never sleep.

That could happen in a flash. Be careful with the links that you open folks.

They could literally steal your funds swiftly upon giving them permission through the link provided in that email. And if you didn't join the stellar airdrop, there's no need to be curious of checking the said email.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: mk4 on February 10, 2020, 04:00:23 AM

Quote from: taufik123 on February 09, 2020, 10:12:16 AM

Must be careful because I also receive many similar emails.
They (hackers) take advantage of the latest airdrop moments that use email with almost the same name.

Might probably be a good time to change email addresses if you're receiving a lot of similar emails. This is the reason why it's heavily recommended to use a secondary email address specifically for airdrops if you like joining airdrops. Email alias features of some email providers are heavily heavily underrated in my opinion.

AFAIK they also(mostly?) use databases leaked/hacked from exchanges, gambling sites, web wallets, faucets, forums and other crypto-platforms, bought on the darknet.
You can check if your email address has been compromised on this famous website https://haveibeenpwned.com

mk4

legendary

Activity: 2870

Merit: 3873

Paldo.io 🤖

Quote from: taufik123 on February 09, 2020, 10:12:16 AM

Must be careful because I also receive many similar emails.
They (hackers) take advantage of the latest airdrop moments that use email with almost the same name.

Might probably be a good time to change email addresses if you're receiving a lot of similar emails. This is the reason why it's heavily recommended to use a secondary email address specifically for airdrops if you like joining airdrops. Email alias features of some email providers are heavily heavily underrated in my opinion.

taufik123

legendary

Activity: 2716

Merit: 1855

Rollbit.com | #1 Solana Casino

Must be careful because I also receive many similar emails.
They (hackers) take advantage of the latest airdrop moments that use email with almost the same name.
It is better to always check the source of the email first. Match with original emails from official websites such as blockchain.com.
Always be vigilant and do not be negligent, because many victims have been harmed by this fraud method.

dansus021

copper member

Activity: 2156

Merit: 983

Part of AOBT - English Translator to Indonesia

Indeed stay safe everyone !
my account got hacked once similar with this case Cry

double check the sender of the email

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Given the high popularity among users, I would like to warn everyone not to log on to blockchain.com with links they receive via email or some social networks. I received one such e-mail, which is already marked as spam by Google, in which someone informs me that I received $250 in Stellar (XLM).

Of course this is not an official email from blockchain.com and if you log in via the email link you will lose everything you have in your wallet. Check link every time, even if you save it to bookmarks, hackers never sleep.

Topic: Blockchain.com Phishing e-mail! (Read 318 times)