New localbitcoins phishing mail "support ticket #14322 "

crazyearner

legendary

Activity: 1820

Merit: 1001

Quote from: xetsr on May 12, 2015, 06:20:59 PM

Quote from: mrhelpful on May 12, 2015, 06:10:22 PM

thanks for the heads up op.

as for the response of the 2fa comment, wouldnt it be pointless still if they had the login through that site since they can reset the 2fa? cause id assume the pw be the same as the actual email login as well.

most peoples passwords are literally the same for most of their other logins.

Wouldn't you need to enter the 2FA code to disable 2FA? You need to enter the code to withdraw.

On the codes you get about 50+ on paper and a master code to use and can simply generate more on it for future use. if the app you do need to enter it to dissable or you can have admin remove it off account and disable. Not sure on localbicoins if admin would do unless proof of ownership is provided. Other sites I have had this on as lost me phone and needed resetting provided proof of ownersihp took a while but they removed it so I could re add.

techgeek

hero member

Activity: 826

Merit: 1000

Just curious op, if you posted this on the localbitcoins thread.

They should announce stuff like this, cause my friend would be easily tricked since hes new to all this bitcoin stuff and I cant hold his hand all the time about bitcoin.

I remember a bigger problem that localbitcoins had besides this small phishing attempt was that love bug.

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: mrhelpful on May 12, 2015, 06:10:22 PM

thanks for the heads up op.

as for the response of the 2fa comment, wouldnt it be pointless still if they had the login through that site since they can reset the 2fa? cause id assume the pw be the same as the actual email login as well.

most peoples passwords are literally the same for most of their other logins.

Wouldn't you need to enter the 2FA code to disable 2FA? You need to enter the code to withdraw.

crazyearner

legendary

Activity: 1820

Merit: 1001

Quote from: mrhelpful on May 12, 2015, 06:10:22 PM

thanks for the heads up op.

as for the response of the 2fa comment, wouldnt it be pointless still if they had the login through that site since they can reset the 2fa? cause id assume the pw be the same as the actual email login as well.

most peoples passwords are literally the same for most of their other logins.

I use paper and copy on me system. And for change of email I have each app and each pc with seprate codes so that if any attempt is made on ie gmail it pops up or alerts me. with regards to localbitcoins now sure how the app one works weather can use on any device but if it is pared and changed on other places it locks it out on some stuff I use so that you have to contact support in order to have it reset.

You can also use login guard so that if it detects IP change or browser it will also lock account down on localbitcoins.
LocalBitcoins remembers your web browsers and verifies logins are coming from the same browser. If an unknown web browser is encountered, an email confirmation is required before the login can proceed. So I would recommend using in future some options like this.

If your coins are gone I would raise ticket with support to see if anything can be done.

mrhelpful

legendary

Activity: 1456

Merit: 1002

thanks for the heads up op.

as for the response of the 2fa comment, wouldnt it be pointless still if they had the login through that site since they can reset the 2fa? cause id assume the pw be the same as the actual email login as well.

most peoples passwords are literally the same for most of their other logins.

crazyearner

legendary

Activity: 1820

Merit: 1001

I get many like this I just report mark as scam and file it to the shredder folder however forward them to localbitcoins team so they can be made aware of it. any ones I get know of however when random fake emails or not listed I always double check and never click any links or BS within them unless I know it is me awaiting any confirmation emails or requests.

Best thing to also have on is 2 step versification. Never leave home without it saved me ass many times. Nothing can be done if coins gone other than request to support but once gone doubt will able to be had back as in the time account cant be logged in that's the coins sne to hackers BTC address and also poss your email compromised too so I would make sure to change all paswords and delete any recovery emails you get from it.

MarkCara

sr. member

Activity: 362

Merit: 250

MS & Adobe keys. [email protected]

Use WOT add-on, it helps me a lot in discovering phishing sites

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: Trüssel Economic on May 12, 2015, 12:32:04 PM

what can i do if i have done the login on the fake site? i cant login now. i really have a problem now. will i get my coins back? is localbitcoins able to handle this problem?

Your coins are probably gone. Doubt the phisher would change login details and leave the coins. Nothing localbitcoins can do, next time use 2FA and be more careful.

Trüssel Economic

newbie

Activity: 13

Merit: 0

what can i do if i have done the login on the fake site? i cant login now. i really have a problem now. will i get my coins back? is localbitcoins able to handle this problem?

escrow.ms

legendary

Activity: 1274

Merit: 1004

If you got this email please report it to google .
http://www.google.com/safebrowsing/report_phish/?rd=1

Quote

Delivered-To: [redacted]@gmail.com
Received: by 10.140.87.66 with SMTP id q60csp342509qgd;
Thu, 3 Apr 2014 13:41:48 -0700 (PDT)
X-Received: by 10.194.87.163 with SMTP id az3mr13839865wjb.63.1396557707774;
Thu, 03 Apr 2014 13:41:47 -0700 (PDT)
Return-Path: <[email protected]>
Received: from hostingsmtp.register.it (hostingsmtp08.register.it. [81.88.50.249])
by mx.google.com with ESMTP id v2si9342144eel.316.2014.04.03.13.41.47
for <[email protected]>;
Thu, 03 Apr 2014 13:41:47 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 81.88.50.249 as permitted sender) client-ip=81.88.50.249;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 81.88.50.249 as permitted sender) [email protected]
Received: from opus38.register.it ([81.88.49.39])
   by paganini31 with
   id lYhn1n00r0qkBUH01Yhnbk; Thu, 03 Apr 2014 22:41:47 +0200
Received: (from nobody@localhost)
   by opus38.register.it (8.14.4/8.12.11/Submit) id s33KflTP028639;
   Thu, 3 Apr 2014 22:41:47 +0200
Date: Thu, 3 Apr 2014 22:41:47 +0200
Message-Id: <[email protected]>
X-RID: 7OnsJ2RuI3MvKDslbS9iI1svc2MrZHTpLwo=|bStjJ3NuOytjdDtiKCVjKygtdHIr7Ozocwo=|Oiwn4D0nPTon8l0K|WE5MR05JVFNPSAo=
To: [redacted]@gmail.com
Subject: LocalBitcoins support
X-PHP-Originating-Script: 99:send.php
From:no-reply<[email protected]>
Content-Type: text/html

You have a new message for LocalBitcoins support ticket #14322

To answer to these message visit here:

support-localbitcoins.com/accounts/login/login.htm">
https://localbitcoins.com/support/reply/14322/

For the security and privacy reasons, we hope you answer to support ticket
messages on the LocalBitcoins site.

Email replies are ignored.

Topic: New localbitcoins phishing mail "support ticket #14322 " (Read 2897 times)