Pages:
Author

Topic: new Electrum phishing site (Read 346 times)

legendary
Activity: 994
Merit: 1089
July 14, 2023, 04:36:43 AM
#22
However, I have another question to the community about this site. Since it’s on a website do we really need to worry about it if we are going to access the wallet from the wallet software that is installed on our laptop? Is there any correlation between the wallet Software and the phishing website. I see none but just to be sure before any moves are done. Beter safe rather than a idiot!
Just the same way you will download and install the Electrum software from the official website, that's the same way a fake Electrum website will lead you to downlaod a fake Electrum software with a malicious code, so once you deposit funds into the fake wallet, it will be stolen and sent out to the scammers address.
full member
Activity: 1092
Merit: 227
July 13, 2023, 12:39:06 PM
#21
Electrum warns with this official tweet about a new phishing website called: electrumcore dot org
Well it is electrum.org so everything else are phishing sites. One of the best practice is to save the URL somewhere safe or bookmark it then visit the site. Risk of phishing attack becomes minimal then.

But it's a good Tweet to aware the community.

It’s better actually. Even while reading the above tweet I read it as electrum dot org rather than electrum core. I think it’s tricky sometimes because we are so used to the sites and names that we just read it correctly (but wrongly) and that’s why phishing attempts are successful many times.

However, I have another question to the community about this site. Since it’s on a website do we really need to worry about it if we are going to access the wallet from the wallet software that is installed on our laptop? Is there any correlation between the wallet Software and the phishing website. I see none but just to be sure before any moves are done. Beter safe rather than a idiot!
sr. member
Activity: 1680
Merit: 379
Top Crypto Casino
July 11, 2023, 09:55:38 PM
#20
Has anyone known if electrum-web dot com is the official electrum? Because when I visit that site will direct me to Electrum's official Twitter and github. And I don't know if Electrum has telegram also (electrum_support), maybe this site is potentially phishing, but I am not sure about that.


A lot of phishing sites will add some legitimate links and will even copy the entire interface to try and disguise their scam site. Besides the fake telegram support another obvious sign that this is a phishing scam is that it is pretending to be a web wallet.

These types of sites are constantly popping up. I doesn't matter what browser or search engine you use, these malicious URLs still show up in search results. The safest way to avoid this kind of fraud is by authenticating the signature on your download using PGP software. Telling people to verify downloads might not be the most user friendly approach but if someone wants to be financially responsible they owe it themselves to take a few minutes to learn the basics of PGP.
legendary
Activity: 2730
Merit: 7065
July 09, 2023, 02:31:29 AM
#19
And to use uBlock Origin extension on your browser.
I use both uBlock Origin and AdGuard and never have issues with fake sites popping up in browser results as ads. But my question is, won't the ad blocker only protect you from seeing the Google ads at the top of the search results? E.g., if you do a search on 'Electrum website', this 'electrumcore.org' phishing site could still be displayed among the results. Not at the top of the page if it's an add, but further down in the search results. I doubt your Ad blocker can protect you against that.

I just did as an experiment, and among the results I see electrum-web.com, which is a phishing site.
newbie
Activity: 14
Merit: 1
July 05, 2023, 01:55:29 PM
#18
in my opinion, very strange. why .org domains can be used for phishing?
for creating an .org or organization, you must use a clear identity, a clear person in charge. but here it is very strange because it is used for phishing.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
June 12, 2023, 03:15:24 PM
#17
Unfortunately, I have to agree that this is true, although a few years ago, it worked well and in 2-3 days the reported site was blocked. I don't know what happened, but Google has obviously changed something in its policy towards phishing reports, or it just has too many reports, or they fired those who dealt with it.

On the other hand, I have never had success with reports to hosting companies, but I definitely think that they should do a lot more to combat phishing. Obviously, they don't care too much either, because it is important to charge for the service, and if someone reports abuse, they still profited with the fact that they no longer have to provide the service.
I succeeded several times reporting the domain and hosting provider especially with namecheap. They seemed to me very seriously handles the reporting. Google is just too big these days. We can speculate only but they know their real reasons.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
June 12, 2023, 08:33:19 AM
#16
Reporting to Google is waste of time from my experience but it's a good practice. Reporting to the hosting company works better especially I found Namecheap always takes such reports seriously.

Unfortunately, I have to agree that this is true, although a few years ago, it worked well and in 2-3 days the reported site was blocked. I don't know what happened, but Google has obviously changed something in its policy towards phishing reports, or it just has too many reports, or they fired those who dealt with it.

On the other hand, I have never had success with reports to hosting companies, but I definitely think that they should do a lot more to combat phishing. Obviously, they don't care too much either, because it is important to charge for the service, and if someone reports abuse, they still profited with the fact that they no longer have to provide the service.
legendary
Activity: 2268
Merit: 18771
June 12, 2023, 12:19:58 AM
#15
I lost counts how many times I read people lost their coins because of installing fake Electrum or updated it with a click of a button and the balance disappeared.
Absolutely, which is all the more reason we should be telling everyone to verify everything they download and never simply trust what they download because they think they are on the right URL.

I agree reporting to Google is a waste of time, since Google have shown consistently and repeatedly that they are happy to promote known and proven scams to the top of search results, as long as the scammer pays them. Google don't care whatsoever about their users' safety or security. As Lucius says, for ever site that is taken down (eventually!), five more will take its place. I would also recommend uBlock Origin, but alongside that, simply stop using Google. You can't fall victim to Google's promoted scams if you simply stop using Google.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
June 11, 2023, 06:54:01 PM
#14
Verifying the file signature is the best practice but pretty sure there are many who do not have any idea how PGP works and how to deal with Kleopatra or such type of software. So assuring someone on the official site is the first step of many security measurements in my opinion.
It's the first step, agreed, but it is entirely inadequate on its own. There are links on the Electrum download page to tutorials regarding how to verify your download, plus a quick search of this forum will find this excellent thread: [GUIDE] How to Safely Download and Verify Electrum [Guide].

Absolutely it's another step in the process, but we shouldn't be taking shortcuts when it comes to the security of our wallets.
I wish if everyone was such aware. I lost counts how many times I read people lost their coins because of installing fake Electrum or updated it with a click of a button and the balance disappeared.

What can have a preventive effect is certainly to report phishing site to Google (it can be made directly from some browsers - a report of the deceptive site) or to a hosting company. The only problem with phishing is that such pages appear in large numbers, and that means when you stop one, at least five new ones pop up.
Reporting to Google is waste of time from my experience but it's a good practice. Reporting to the hosting company works better especially I found Namecheap always takes such reports seriously.
legendary
Activity: 2744
Merit: 3096
Top Crypto Casino
June 11, 2023, 05:43:20 PM
#13
Bookmarking the official website which is Electrum.org then verifying whatever file you download from that website. Even if the website gets compromised, it's unlikely that the hacker's compromise the devs keys. Accessing the right website then verifying the authenticity of every file you download is more than enough to verify that you are good..
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
June 11, 2023, 09:59:01 AM
#12
And to use uBlock Origin extension on your browser. In my experience, changing your search engine into a more privacy oriented one could help as well in avoiding these phishing sites appearing on your browser.

Adblockers are useful because they are primarily blocking the ads that appear at the top of the search, which is the first protection line for those who do not pay attention to details. If you go to a phishing location stated in the OP with uBlock it will not have any difference, you will still be able to visit that site.

What can have a preventive effect is certainly to report phishing site to Google (it can be made directly from some browsers - a report of the deceptive site) or to a hosting company. The only problem with phishing is that such pages appear in large numbers, and that means when you stop one, at least five new ones pop up.
legendary
Activity: 2268
Merit: 18771
June 11, 2023, 02:28:40 AM
#11
Verifying the file signature is the best practice but pretty sure there are many who do not have any idea how PGP works and how to deal with Kleopatra or such type of software. So assuring someone on the official site is the first step of many security measurements in my opinion.
It's the first step, agreed, but it is entirely inadequate on its own. There are links on the Electrum download page to tutorials regarding how to verify your download, plus a quick search of this forum will find this excellent thread: [GUIDE] How to Safely Download and Verify Electrum [Guide].

Absolutely it's another step in the process, but we shouldn't be taking shortcuts when it comes to the security of our wallets.

Has anyone known if electrum-web dot com is the official electrum?
No, it isn't.

And I don't know if Electrum has telegram also (electrum_support), maybe this site is potentially phishing, but I am not sure about that.
Electrum does not have Telegram support. As with 99.9% of things on Telegram, this is a complete scam.
hero member
Activity: 868
Merit: 737
June 10, 2023, 07:00:36 PM
#10
Electrum warns with this official tweet about a new phishing website called: electrumcore dot org
Please always pay attention to which links you click on and in the best case always type the official URLs into the browser bar yourself
Thanks for the info, I read it also on the announcement on Electrum Twitter, I hope they have always updated this kind of warning to avoid user failing into scams. Usually, after being found, the scammer will change the domain into a phishing one to get a new target. We have to watch this IP being related to another phishing.





Has anyone known if electrum-web dot com is the official electrum? Because when I visit that site will direct me to Electrum's official Twitter and github. And I don't know if Electrum has telegram also (electrum_support), maybe this site is potentially phishing, but I am not sure about that.
legendary
Activity: 2744
Merit: 3096
Top Crypto Casino
June 10, 2023, 06:12:15 PM
#9
If I advice one of my friends to download Electrum and use it as it's main wallet. The first thing my friend would do is to look up Electrum on google! The first few results are hishing/fake pages.
Let's be honest, how many of us do verify the file signature befaure installing it!
I'm convinced that 90%, if not more, have installed Electrum without verifying it's signature.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
June 10, 2023, 05:12:25 PM
#8
The owner of the site might be confused about the domain name he combines both bitcoin core and Electrum. This is not the only phishing site of Electrum there are many, people who already know the exact URL/website would not fall into this trap except for newbies that do not know how to verify, scan and check the downloaded Electrum.

I don't think using a plugin such as Ublock would help much but for me knowledge is the best to avoid phishing sites.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
June 10, 2023, 12:58:22 PM
#7
You should be verifying all the software you download, regardless of where you download it from.
Verifying the file signature is the best practice but pretty sure there are many who do not have any idea how PGP works and how to deal with Kleopatra or such type of software. So assuring someone on the official site is the first step of many security measurements in my opinion.

And to use uBlock Origin extension on your browser. In my experience,
I never heard of it nor used it. On the other hand I think I have trust issue with browser extension type software. I don't even use MetaMask, only used to do some testing and things but never used it for serious crypto handling.
sr. member
Activity: 1078
Merit: 342
Sinbad Mixer: Mix Your BTC Quickly
June 10, 2023, 07:44:48 AM
#6
Much appreciated for the warning! I believe there are many phishing sites targeting Electrum users. Therefore, it is really important for anyone intending to use this wallet to verify the authenticity of the software they download to ensure that they obtain the correct version and not the fake/malicious one.

Well it is electrum.org so everything else are phishing sites. One of the best practice is to save the URL somewhere safe or bookmark it then visit the site. Risk of phishing attack becomes minimal then.
And to use uBlock Origin extension on your browser. In my experience, changing your search engine into a more privacy oriented one could help as well in avoiding these phishing sites appearing on your browser.
I do have this extension, and it's actually really good so far. It helps to avoid a lot of phishing sites as well as annoying ads. I've been using it for a while now.
legendary
Activity: 2268
Merit: 18771
June 10, 2023, 06:32:26 AM
#5
Bookmarking the official site or only visiting the site via the software is not foolproof. There is nothing stopping an attacker from compromising the official site and uploading malicious software there.

You should be verifying all the software you download, regardless of where you download it from.
legendary
Activity: 1848
Merit: 1982
Payment Gateway Allows Recurring Payments
June 10, 2023, 04:08:24 AM
#4
Thank you for the warning, this is not the first Electrum phishing site.

For me, always when I want to update or visit the Electrum Wallet website, I go to the site via the link in the wallet program itself, for fear of visiting a phishing site by mistake.

It is best to save these important sites such as exchanges and wallets in your favorites or a small notepad file containing all the links.
legendary
Activity: 1904
Merit: 1563
June 10, 2023, 03:40:13 AM
#3
Well it is electrum.org so everything else are phishing sites. One of the best practice is to save the URL somewhere safe or bookmark it then visit the site. Risk of phishing attack becomes minimal then.
And to use uBlock Origin extension on your browser. In my experience, changing your search engine into a more privacy oriented one could help as well in avoiding these phishing sites appearing on your browser.
Pages:
Jump to: