Author

Topic: Fraud site electrum-bitcoin.org is now mine. (Read 401 times)

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
October 18, 2020, 09:32:52 PM
#18
That's still a lot of traffic. Probably old phishing links from somewhere...

Did you make a 404 error page redirecting to your index.html? I tested and it looks like you don't have a 404 page.
It would be nice to alert those 1k users  that they are not safe.

If you need to help, maybe I can help you to set up that 404 redirect page.

Crap, I had .htaccess pointing everything back to the main page and now it's not working.
Going to move it from the free hosting site to someplace else.
I really didn't want it on an IP that I am responsible for but the free sites keep changing stuff. But...it's free...

edit: now the redirects are working but I lost stats on the back end and some other things. Guess, they are working on some things on the hosting end.

-Dave
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Still getting about 1K non search engine hits a month. Mostly from US and GB.
There are some people going straight to an exe link that is not there but for some reason the logs are not showing a referrer.

Not much else to report, I played with the robots.txt and it did nothing. I deindexed it from Google and some searches came back. No idea how or why.

Going to just let it sit out there for now. Will figure out in a few months if I want to renew it or just let it drop.

-Dave

That's still a lot of traffic. Probably old phishing links from somewhere...

Did you make a 404 error page redirecting to your index.html? I tested and it looks like you don't have a 404 page.
It would be nice to alert those 1k users  that they are not safe.

If you need to help, maybe I can help you to set up that 404 redirect page.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
NecroBump but...
It's been a while, and since I mentioned this thread here: https://bitcointalksearch.org/topic/--5282632 I figured I would give a 6 month update.

Still getting about 1K non search engine hits a month. Mostly from US and GB.
There are some people going straight to an exe link that is not there but for some reason the logs are not showing a referrer.

Not much else to report, I played with the robots.txt and it did nothing. I deindexed it from Google and some searches came back. No idea how or why.

Going to just let it sit out there for now. Will figure out in a few months if I want to renew it or just let it drop.

-Dave
HCP
legendary
Activity: 2086
Merit: 4363
It's not a bad theory... the issue likely being that unless he is actively promoting it to appear at the top of Google search results, then the chances of someone stumbling across this site is actually quite slim.

From what I've seen/read regarding users ending up on these fake bitcoin sites... it's down to the fact that it was "the first result on Google" Undecided There isn't really any way to combat that except to pay for all the keywords!
legendary
Activity: 2758
Merit: 6830
Am I the only one who thinks you should let google craw it with his bots? If someone “falls” for it, it teaches them something and they do not fall for Electrum phishing scams again (after your warning). If they can’t fall with yours, they can still fall for others, and they won’t teach them - instead, the user will be scammed/infected.

It’s like creating one of these Electrum servers that show messages of fake updates and putting a message teaching them about the issue. There is a chance someone can be stopped of being scammed.
HCP
legendary
Activity: 2086
Merit: 4363
About the design, why not move the website to Wordpress and use Elementor(Elementor is free) to make a beautiful page design?
I'm not sure all that work is necessary.

The page, while not looking "fancy", certainly gets across the main message. "This *was* a fake site, if you downloaded from it, you've downloaded a fake version of Electrum. Here are some helpful links".

I don't think it needs a "beautiful" design to get that message across. In fact, it might be better that it doesn't look fancy. One could argue that people are more likely to notice something that doesn't look "normal" and maybe take the time to stop and read what looks like "error messages"... as opposed to thinking they just clicked on the wrong thing and click "back" to return to search results etc.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
This domain can be still searched on Google I have an idea... Why not deindex the domain on the SERP
You can use this tag below to deindex the website and prevent robots from crawling the site.

Code:

Here I found a guide to deindex the domain on the SERP follow steps 1 and 2 you can find it in the middle of the article.
- https://www.upbuild.io/blog/how-to-deindex-pages-from-google/

Thanks will do that tomorrow or Friday.

About the design, why not move the website to Wordpress and use Elementor(Elementor is free) to make a beautiful page design?

Large lack of time. I can play around here or other forums, but I really don't have the time to do any site design.
Possibly after this Coronavirus thing passes, but since I am in IT blocking out enough time to do any serious web work is just not going to happen.

-Dave
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
~snip~


This domain can be still searched on Google I have an idea... Why not deindex the domain on the SERP
You can use this tag below to deindex the website and prevent robots from crawling the site.

Code:

Here I found a guide to deindex the domain on the SERP follow steps 1 and 2 you can find it in the middle of the article.
- https://www.upbuild.io/blog/how-to-deindex-pages-from-google/

About the design, why not move the website to Wordpress and use Elementor(Elementor is free) to make a beautiful page design?
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange

March stats, 1244 non spider hits.
So someplace out there (unless a lot of you clicked on it) there are some things still linking to this page.

With spiders (google / yahoo / etc) it's over 22k hits.

Makes you wonder.

Yeah, I know there is a lot of junk traffic out there so who knows where it's coming from I just did not expect that much.

-Dave
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
And a really ugly one page HTML site is up.
Not some of my finest web design but it works for now.
OK, it's a horrible looking page but it gets the point across.

-Dave
legendary
Activity: 3472
Merit: 10611
you can also take a look at the misstyped version of bitaddress.org with 1 'd' instead of 2 and get some ideas what the site like that should look like. basically a warning telling them to be more careful what they type in the address bar or what site they visit.

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
OK, so the preferred option is not the redirect I have in place but a page telling it was fraud.
Give me a few days (week at most) and I'll have something up. If someone wants to do it for me before that drop me a PM.

BitMaxz the difference between the sites on go-daddy and this one is that at least once this site was KNOWN to host a fake client within the last year.

It was originally created in 2013 and dropped in 2014
Was re-registered last year and then I grabbed it when it dropped now.

Most of the time I would let it just go away but since it did host it something funky I figured something should be done.

-Dave
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
For me, based on SEO, linking a scam website to Electrum will hurt SEO rankings and it can affect the trust rankings in Google.

I vote for "warning page instead than redirect them to electrum.org" a warning page without the link of real Electrum.org is fine or telling them that " Warning!!! This is a fake Electrum website, (Then put a URL here with proof that the website is fake either bitcointalk thread or article from blogs/websites)"

How and why did you buy this domain? Same as LoyceV question above.

If you want more fake Electrum Domains there are many cheap fake Electrum domains on Godaddy auction from here https://auctions.godaddy.com/
Just use the "Electrum" keyword and you will find all fake Electrum domains.
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
How did you get the domain?

I'd say make a warning page, but add a Download link. When clicked, add a much bigger warning saying: "what did I just tell you?"
legendary
Activity: 2702
Merit: 4002
Blind forward will make beginners think that there is more than one copy of electrum website, or that visiting scam copies is safe because in the end it redirects to the official page.

I prefer that there be a warning about "only dowload it from electrum.org/ check signature" and some educational links for how to know the original wallet, how to sign a message, verify the signature, protect yourself from hacking/ storing wallet seed, and a link to this board in order to get help.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
I would just redirect it to electrum.org

Maybe you can make a blog or something like that with tutorials on how to use electrum and avoid phishing.
legendary
Activity: 2268
Merit: 18771
Do you think I should just leave it like that or put up a 1 page site that says if you downloaded the software from here you do not have the legitimate electrum client?
If it were me, I would put up this page but slightly change the wording to say if you downloaded Electrum from anywhere other than Electrum.org then it is not legitimate, and maybe a couple of links to instructions on how to verify Electrum such as https://bitcoinelectrum.com/how-to-verify-your-electrum-download/ and https://bitzuma.com/posts/how-to-verify-an-electrum-download-on-windows/.

If you don't include any contact details, then I don't think you  need to worry about help requests. You could even include a sentence directing them to this board if they need help.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Tweaking the DNS to blind forward to https://electrum.org/ should be done in a little while. Couple of hours at most.

Do you think I should just leave it like that or put up a 1 page site that says if you downloaded the software from here you do not have the legitimate electrum client?

Part of me says just forward it, if they have that client it's already to late and if you do put up a page that says that you are going to get hit with about a billion help requests.
The other side says, that it's a bit of warning for a few people who might wind up on that page.

The other option is to hand it off to the developers and let them deal with it, but that has it's own set of issues.

-Dave
Jump to: