⚠️ How Scammer tried to Hack my Bitcointalk and how to Protect yourself?⚠️

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: UserU on May 25, 2020, 09:03:26 AM

Thanks for the heads up. While trained eyes might spot it from a mile away, it looks innocuous to many newbies. I guess that's why their PM is disabled by default as a counter-measure.

But I feel that the "You are navigating to an external link (insert link). Do you want to continue?" prompt page would be way more effective in nullifying these things.

Yeah, I guess that would be good update for bitcointalk forum, and I think it is easy to implement it fast.

UserU

hero member

Activity: 2016

Merit: 531

FREE passive income eBook @ tinyurl.com/PIA10

Thanks for the heads up. While trained eyes might spot it from a mile away, it looks innocuous to many newbies. I guess that's why their PM is disabled by default as a counter-measure.

But I feel that the "You are navigating to an external link (insert link). Do you want to continue?" prompt page would be way more effective in nullifying these things.

aioc

hero member

Activity: 2898

Merit: 567

Quote from: dkbit98 on May 24, 2020, 12:29:12 PM

bump

This is a very important thread that should be bump from time to time so people will be aware of ti to always look on the url of any site that you are going to visit especially Bitcointalk, your account here is very important especially if you have a high rank.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

bump

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: morvillz7z on September 28, 2019, 05:26:16 PM

...

You have a nice little collection there

I don't know if we can find exact source for all off them,
as most of accounts used for this have been hacked.

morvillz7z

legendary

Activity: 2184

Merit: 2019

Join the world-leading crypto sportsbook NOW!

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: DdmrDdmr on September 28, 2019, 09:07:20 AM

...

Yes. It is clearly connected and using same tactics, as I wrote in @morvillz7z topic.

Quote from: yazher on September 28, 2019, 08:26:37 AM

This Phishing strategy became popular in this community with a different style of fraud. If you manage to avoid their first attempt of phishing they will think for another way and so on so forth.

In this case, everyone should continue not tired reading some advice from our fellow forum members, because there will be a time that we will fall to their trap and the last thing we could do is to regret that we didn't pay attention to the warning of the concern members.

Thanks for this awareness it may look like a simple thing to do but the way you let us see the actual photo of phishing will help us a lot to be aware when this kind of message will be sent to us especially those members who are not fluent in English including myself.

That is why I recommend everyone to have some fun and learn Phishing protection fast
by simply playing Quizzes that will teach you the basics of phishing.
And if you think you are an expert you can always test yourself again:
[LEARN] Phishing Quizzes - Beginners & Experts 👈

DdmrDdmr

legendary

Activity: 2310

Merit: 10758

There are lies, damned lies and statistics. MTwain

Here are a couple more cases, with the same objective, but different kick-off approach:

[Beware]Bitcointalk PHISHING attempt by E-Mail
Fake airdrop / phishing website posted in "Services"

The former is initiated by the reception of an external Email allegedly sent from Bitcointalk, asking you to prove you are the owner of your account. The email obviously is not sent from Bitcointalk, but camouflaged just enough to make you think it might be. The contained phishing link looks like a regular Bitcointalk link, but it isn’t. You are directed to a phishing site that has an initial screen that asks you for your login credentials, it captures them, and then redirects you to Bitcointalk (official site, but obviously without having performed the actual real login).

The latter created an Airdrop thread, luring people to participate. He then PMs them, providing a phishing link similar to the above case (on the same domain and all; same site).

All in all, we need to place proper attention to cases such as these, and the one nicely detailed in the OP.

yazher

hero member

Activity: 2184

Merit: 585

You own the pen

This Phishing strategy became popular in this community with a different style of fraud. If you manage to avoid their first attempt of phishing they will think for another way and so on so forth.

In this case, everyone should continue not tired reading some advice from our fellow forum members, because there will be a time that we will fall to their trap and the last thing we could do is to regret that we didn't pay attention to the warning of the concern members.

Thanks for this awareness it may look like a simple thing to do but the way you let us see the actual photo of phishing will help us a lot to be aware when this kind of message will be sent to us especially those members who are not fluent in English including myself.

cizatext

member

Activity: 952

Merit: 41

The rate at which scammers are trying to take over bitcointalk account this days is on the rise so one need to be careful as long as we all know what phishing sites are all about.

JohnBitCo

sr. member

Activity: 2030

Merit: 356

Quote from: dkbit98 on September 10, 2019, 06:16:30 PM

Quote from: bomj on September 10, 2019, 05:45:26 PM

...

Yeah... I know all about this.
If someone wants to be evil he can always invent new ways to scam people.
One more thing he can do is to buy any bitcointalk alternative domains
https://www.namecheap.com/domains/registration/results.aspx?domain=bitcointalk

That is why I advice people to play anti-phishing quizzes
and learn protection in fun way:
https://bitcointalksearch.org/topic/learn-phishing-quizzes-beginners-experts-5178375

Being in an internet world, everyone should know what is phishing and what are the common ways by which scammers can scam you by impersonating the fake site as a real one. Since people do not listen and pay attention to these details, many have lost their accounts (social media & others) and even lost money from their bank accounts etc.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: bomj on September 10, 2019, 05:45:26 PM

...

Yeah... I know all about this.
If someone wants to be evil he can always invent new ways to scam people.
One more thing he can do is to buy any bitcointalk alternative domains
https://www.namecheap.com/domains/registration/results.aspx?domain=bitcointalk

That is why I advice people to play anti-phishing quizzes
and learn protection in fun way:
https://bitcointalksearch.org/topic/learn-phishing-quizzes-beginners-experts-5178375

bustedsynx

sr. member

Activity: 859

Merit: 251

I think everyone should think about personal security as a standard operating procedure. Gone are the days that simple and similar passwords across all web properties are enough. Everything is getting on the Internet, even your finances. That's why every link should be thought as suspect.

bomj

sr. member

Activity: 1337

Merit: 288

0xbt

These scammers did a bad job.
I always look in the browser line.
And if I saw this nonsense, I would laugh.))

But there are trickier ways!
To do this, you need to register a domain using similar letters:
ì - í - ï - ı - i / ό - ὂ - ὄ - ὅ - ö - o .............
And the "bitcointalk" site might look like this:
bıtcoıntalk.org
bitcόintalk.org
bìtcoìntalk.org
bitcointȧlk.org
...............

An example of such a site is http://lokıdn.com/blog.php
And mail - info@lokıdn.com

I tried to register a site with such letters(bıtcόìntȧlk).
Try it yourself - https://godaddy.com
And here's what happened:

https://uk.godaddy.com/domainsearch/find?checkAvail=1&domainToCheck=bıtcόìntȧlk

Therefore, we must be careful.

https://pentest.com.tr/blog/Lapse-of-Keyboard-at-Internationalized-Domain-Name-EN.html
https://en.wikipedia.org/wiki/Í
https://en.wikipedia.org/wiki/Acute_accent
https://en.wikipedia.org/wiki/Latin_script_in_Unicode

seoincorporation

legendary

Activity: 2982

Merit: 2681

Top Crypto Casino

Great tutorial dkbit98, This phishing attack failed, but sadly some times the hacker has good luck and get access to the accounts... People are thinking, who is stupid enough to lose his account by this way, but we could be distracted and when we realize it was a fake page it's too late.

This was a phishing attack, just one of those multiples attacks we can see on this forum, so, we should walk carefully in this mined field. Thanks again for the tutorial, i will leave a merit on the main post Wink

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: bob123

It is not about who is smarter, but who is more retarded (the target or the scammer).

IMO most scams around here are so blatantly obvious and no one would fall for it if they at least applied basic knowledge regarding securing their coins and common sense.
But unfortunately greed > common sense.

I agree with you.
Retarded greed wins most of the time when combined with hurry speed, lack of attention and get rich quick mentality.
Sadly if I may say Undecided

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: LoyceV on August 12, 2019, 10:45:56 AM

Quote from: dkbit98 on August 10, 2019, 03:18:04 PM

Scammers are smart

Lol, who to believe?

Quote from: theymos on April 25, 2019, 02:18:36 PM

scammers are often pretty stupid

It is not about who is smarter, but who is more retarded (the target or the scammer).

IMO most scams around here are so blatantly obvious and no one would fall for it if they at least applied basic knowledge regarding securing their coins and common sense.
But unfortunately greed > common sense.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%