Has anyone here received bitcointalk phishing emails?

libert19

hero member

Activity: 2464

Merit: 934

Quote from: pakhitheboss on December 26, 2023, 09:04:17 AM

Quote from: libert19 on December 24, 2023, 11:53:40 AM

If you meant hacker getting access to your bitcointalk account, 2fa can only increase your account's security not jeopardize it. Because to get access, user will now require both pass and 2fa code.

Hackers can gain access to your 2FA account if they can hack the email address used to sign in to 2FA.

Correct, but in case your email is breached hackers will get in your account anyway by resetting password. Minute saved for hackers since you didn't enable 2fa, they won't have to reset it.

(I have commented about 2fa recovery using email being a weak link in 2fa thread.)

Quote

I do not need a third party to give me security when I am already aware of how to make the security of my BTT account strong. Another thing, every time you are using 2FA you are granting access to Google to access your activities.

Which third party? 2fa apps work offline, where is google to access your activities?

Quote

2fa is not product, it's one of measures websites can use to protect their users. I'm pretty certain there is no privacy concerns on it's implementation or if it belongs to particular country/jurisdiction, cmiiw.

It is a product of Google to monitor and check the websites that are being used by anyone. It might have been created for security purposes so was the captcha but there is always a hidden agenda behind every product that they provide for free.

you are getting secret key from bitcointalk, and adding that into 2fa apps to generate codes which work offline. Where is Google in all this?

pakhitheboss

hero member

Activity: 2100

Merit: 771

Top Crypto Casino

Quote from: libert19 on December 24, 2023, 11:53:40 AM

If you meant hacker getting access to your bitcointalk account, 2fa can only increase your account's security not jeopardize it. Because to get access, user will now require both pass and 2fa code.

Hackers can gain access to your 2FA account if they can hack the email address used to sign in to 2FA. I do not need a third party to give me security when I am already aware of how to make the security of my BTT account strong. Another thing, every time you are using 2FA you are granting access to Google to access your activities.

Quote

2fa is not product, it's one of measures websites can use to protect their users. I'm pretty certain there is no privacy concerns on it's implementation or if it belongs to particular country/jurisdiction, cmiiw.

It is a product of Google to monitor and check the websites that are being used by anyone. It might have been created for security purposes so was the captcha but there is always a hidden agenda behind every product that they provide for free.

coin-investor

hero member

Activity: 2814

Merit: 571

Leading Crypto Sports Betting & Casino Platform

Quote from: libert19 on December 24, 2023, 01:57:27 AM

Was reading 2fa topic, and thought crossed about scammers may now phish for 2fa codes, then realized I have never received password phishing mails in first place.

Have you?

If there are phishing emails they will be reported but right now there are none like that, Theymos already reminded us to keep the email associated with our Bitcointalk account secured so creating an email account exclusively for Bitcointalk is highly recommended, now that we have that 2FA I can use the bypass captcha code, as the hacker will have a hard time brute-forcing my password.

LTU_btc

legendary

Activity: 3038

Merit: 1330

Slava Ukraini!

Quote from: Lafu on December 25, 2023, 12:28:21 PM

But as always if get an Email with a Link or to confirm something where you have to click just do an research first before click.
Sometimes the Bad Boys who are sending this mails make it looks legit.

Yeah, these phishing emails often looks legit, very difficult to spot difference, especially for less experienced eye. But personally, usually I don't even oopen such email. Here comes common sense and you realize that exchange, bank or something just wouldn't send such kind of messages and they often warn their users about it. There is just few cases when I open links in email messages I get. When after registration/login attempt website ask to click link that was send to email for confirmation.

DYING_S0UL

sr. member

Activity: 308

Merit: 311

The Alliance Of Bitcointalk Translators - ENG>BAN

Quote from: Lafu on December 25, 2023, 12:28:21 PM

Sometimes the Bad Boys who are sending this mails make it looks legit.

I don't even remember when was the last last time I opened any email used an email service app, Loool Grin

. You can imagine it as sitting on the dust. Apart from using it for 2FA or confirmation codes, I don't even use it. Bad boys can forget about me clicking the links. I'm just too lazy even to check.

Lafu

legendary

Activity: 2940

Merit: 3030

Quote from: LTU_btc on December 24, 2023, 04:46:17 PM

I guess that I received all kinds of phishing emials, even from services where I don't have account. Exchanges, gambling websites, banks, PayPal and everything else, now I don't remember everything. I think that my email got in one of these huge databases of leaked emails and someone sold to spread spam. But I think that I never received phishing emails related with Bitcointalk. Or I just didn't saw it because I don't check my spam folder often.

That is or was happen to me also this way , it was really bad a few years ago and now its less mails that i get.
And also i dont got an phishing email related with Bitcointalk or received from Forum.
But as always if get an Email with a Link or to confirm something where you have to click just do an research first before click.
Sometimes the Bad Boys who are sending this mails make it looks legit.

Asiska02

hero member

Activity: 798

Merit: 669

Quote from: libert19 on December 24, 2023, 01:57:27 AM

Was reading 2fa topic, and thought crossed about scammers may now phish for 2fa codes, then realized I have never received password phishing mails in first place.

Have you?

I have known about phishing emails for long now, since the days I first joined this forum but I don’t think I have ever received one in my email before. I only use one email for anything related to cryptocurrency and I don’t act on any email I receive to my mail app directly, I rather come to the app itself and act on the email.

Even forum emails are answered to from the forum only and not through the email sent through the mail app. I think maybe with this, I won’t have problem with phishing emails that can have access to my account or anything related to that.

philipma1957

legendary

Activity: 4102

Merit: 7765

'The right to privacy matters'

I get some emails to my email with bitcointalk and I get occasional crypto phishing to almost every email I have.

But I had 3 accounts with bitmain and bitmain was fully hacked which is likely why I get bothered.

Learn Bitcoin

hero member

Activity: 462

Merit: 767

#SWGT CERTIK Audited

Quote from: libert19 on December 24, 2023, 04:55:08 AM

Quote from: Learn Bitcoin on December 24, 2023, 03:08:49 AM

But sometimes Bitcointalk reports legit links as phishing or suspicious once any member sends links in private messages.

Afaik that only applies if you receive pm from newbie account, but email is still from bitcointalk.

Not always. I have received from both newbies and Legendaries too. I was too curious to see that Bitcointalk marked a link that could be suspicious but the PM was not from a newbie. It was from a Legendary member. I also thought that only newbie PMs were marked as suspicious. But, Bitcointalk indeed warns that if you were expecting a PM from a veteran member, this could be an impersonator.

Yeah, the email is still from BitcoinTalk. But still, you should not click on any links even if it comes from Bitcointalk email. It's easy to spoof emails these days. I had such a script a while ago that I tested on a free hosting and spammed my own email to check it and it worked well. So, I assume an average joe is able to do it.

LTU_btc

legendary

Activity: 3038

Merit: 1330

Slava Ukraini!

I guess that I received all kinds of phishing emials, even from services where I don't have account. Exchanges, gambling websites, banks, PayPal and everything else, now I don't remember everything. I think that my email got in one of these huge databases of leaked emails and someone sold to spread spam. But I think that I never received phishing emails related with Bitcointalk. Or I just didn't saw it because I don't check my spam folder often.

Quote from: hugeblack on December 24, 2023, 09:43:05 AM

I don't know, but there is no real reason to steal a BTT account. All the account can be used for is fraud, participating in signature campaigns, and publishing phishing links, all of which can be overcome by not trusting any user and asking to sign a message as soon as you feel that there is something strange in the account. especially in the case of lending.
2FA is to enhance privacy, and since it is possible to create an account with a fake email (meaning you do not receive a welcome message), you must use an email that you can access to obtain the 2FA code.

Nowadays I don't see threads about hacked accounts often, but few years ago it was daily thing, sometimes several such topics appeared in one day. If there wouldn't be reason to steal Bitcointalk accounts, probably we wouldn't see so many accounts getting hacked. There is so many cases when hacked accounts were used for signature campaigns. Like when user wake ups after long inactivity and starts posting in language that he never used before. Or making scams offcourse. Yes, many things can be prevented by asking user to sign a message from staked address, but not many are doing it. Especially when dealing with old high ranked member with good reputation.

Dr.Bitcoin_Strange

hero member

Activity: 532

Merit: 508

Go after the goal... Go!!! It is worth getting!

I have not received any phishing mail like that, but normally I do get mails to my email that is attached to my Bitcointalk account, and the mails are usually concerning PMs, and it shows something like: click on the link to reply to X PM. I don't bother to use the link in my email; rather, I will just come straight to my profile here on the forum and view the message. I don't trust links in mail unless it's something I'm aware of and expecting.

Etranger

hero member

Activity: 504

Merit: 816

Top Crypto Casino

I have never received such emails, but it could be connected with the fact that I change the email I use for the forum from time to time. I also don't set notifications about most of the things, I only get announcement about private messages and deleted posts, which does not happen too often.

SamReomo

hero member

Activity: 784

Merit: 672

Top Crypto Casino

Quote from: libert19 on December 24, 2023, 01:57:27 AM

Was reading 2fa topic, and thought crossed about scammers may now phish for 2fa codes, then realized I have never received password phishing mails in first place.

Have you?

I have never received phishing mails till this day and even if I receive any of those mails I won't read it. My mail inbox is filled with thousands of e-mails that I don't even read and that's why the ones who may try to send those phishing mails will have to wait their whole life until I click those links.

I used to check notifications on my e-mail a few months ago but now I don't really view any e-mails and that's why I don't even bother if someone send me such e-mails. I have registered my Bitcointalk on my personal e-mail and I haven't changed the e-mail yet but when I think it's necessary to change my e-mail then I would definitely do that.

I don't think that anyone of us should worry about such 2fa related phishing mails because a hacker or scammer at least have some sense of mind that to whom he is sending those messages.

BitMaxz

legendary

Activity: 3234

Merit: 2943

Block halving is coming.

Quote from: libert19 on December 24, 2023, 04:55:08 AM

Assume you have 2fa enabled on your binance account. You may receive phishing mails for your 2fa code. I was implying this could become thing for bitcointalk for as well, since this forum now has 2fa.

I don't think 2FA would become a problem on the forum because it was created as an extra security layer for your BTT account. Another thing is if you know you didn't log in and requested for 2FA code and you receive an email about the 2FA code you should be aware that someone is trying to phish you.
You can avoid them and put them into spam once you receive an OTP without requesting it or without signing in.

libert19

hero member

Activity: 2464

Merit: 934

Quote from: pakhitheboss on December 24, 2023, 09:35:31 AM

Activating 2FA on my account can be a problem as it would jeopardize my identity if it gets hacked.

If you meant hacker getting access to your bitcointalk account, 2fa can only increase your account's security not jeopardize it. Because to get access, user will now require both pass and 2fa code.

Quote

With recent events happening with a Bitcoin mixer campaign I don't feel confident with the way Theymos wrote while introducing it. It might be my theory but there are big privacy issues with 2FA considering it is a product of the US. Aiming in mind the current situation here and what is happening globally I would ignore it for my betterment.

2fa is not product, it's one of measures websites can use to protect their users. I'm pretty certain there is no privacy concerns on it's implementation or if it belongs to particular country/jurisdiction, cmiiw.

hugeblack

legendary

Activity: 2492

Merit: 3612

Buy/Sell crypto at BestChange

I don't know, but there is no real reason to steal a BTT account. All the account can be used for is fraud, participating in signature campaigns, and publishing phishing links, all of which can be overcome by not trusting any user and asking to sign a message as soon as you feel that there is something strange in the account. especially in the case of lending.
2FA is to enhance privacy, and since it is possible to create an account with a fake email (meaning you do not receive a welcome message), you must use an email that you can access to obtain the 2FA code.

pakhitheboss

hero member

Activity: 2100

Merit: 771

Top Crypto Casino

I have never received phishing emails and do not think I would receive any in the future. The only thing I can think of close to phishing email is phishing DMs. Although I get the warning message, I sometimes check the link by pasting the link on the TOR browser which I have installed on another device. Activating 2FA on my account can be a problem as it would jeopardize my identity if it gets hacked.

With recent events happening with a Bitcoin mixer campaign I don't feel confident with the way Theymos wrote while introducing it. It might be my theory but there are big privacy issues with 2FA considering it is a product of the US. Aiming in mind the current situation here and what is happening globally I would ignore it for my betterment.

Faisal2202

sr. member

Activity: 1064

Merit: 437

#SWGT CERTIK Audited

Quote from: libert19 on December 24, 2023, 01:57:27 AM

Was reading 2fa topic, and thought crossed about scammers may now phish for 2fa codes, then realized I have never received password phishing mails in first place.

Have you?

We might receive 2FA phishing links now, but to be honest, I do not visit my email often, only when I know some confirmation link is going to come. I don't use my BTT email anywhere; to do other tasks, I prefer to use a separate email, even a separate browser. Therefore, I haven't really become a victim of such emails till now because I don't know if they are in my inbox or not.

The best way to save from such links is to ignore them. For example, if we don't sign up anywhere or did not perform any activity, then why would we be receiving such mail from BTT? For example, if I have not enabled 2FA on my account, then there is no reason that I will be receiving some email link for confirmation, so I will only check when I apply; other than that, I will ignore every email.

EarnOnVictor

hero member

Activity: 644

Merit: 592

Leading Crypto Sports Betting & Casino Platform

Quote from: libert19 on December 24, 2023, 01:57:27 AM

Was reading 2fa topic, and thought crossed about scammers may now phish for 2fa codes, then realized I have never received password phishing mails in first place.

Have you?

I have not received such an email and I wonder why this kind of fear is now rampant with the way people are talking about it. I think these are being exaggerated as they are, even the 2FA is another layer of security that will help anyone using the forum to stay above those who target them.

And as much as I do not give it serious thought, I think that those who are having serious concerns can still deem it fit to mind their 2FA very well. I have not tested it to know the kind of 2FA it is, but soon I will. Regardless, it is good that another gadget is used for the 2FA so that it will become harder for hackers or phishing attacks.

DYING_S0UL

sr. member

Activity: 308

Merit: 311

The Alliance Of Bitcointalk Translators - ENG>BAN

The only notification I ever got was from [email protected]…I don't know if it's the official email from Bitcointalk, but I think it is. Isn't it? Since I changed some settings to get email notifications. Apart from that, I only get notifications from exchanges I use or the service/sites I am subscribed to.

Quote from: Learn Bitcoin on December 24, 2023, 03:08:49 AM

But sometimes Bitcointalk reports legit links as phishing or suspicious once any member sends links in private messages.

That's a common problem in Bitcointalk. It is a security measure taken by Bitcointalk to warn users of phishing attacks. Not just with links, it also gives warning regarding PMs. There were many times when I got a warning PM that said, "This PM looks like possible phishing: examine links closely!".

Topic: Has anyone here received bitcointalk phishing emails? (Read 232 times)