Pages:
Author

Topic: Phishing Attempts to be aware of (Read 4252 times)

newbie
Activity: 42
Merit: 0
March 25, 2015, 07:23:15 AM
#51
Wouldn't it be easy for someone to figure out who owned that url
and charge him with conspiracy to hacking and stealing?
hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
September 17, 2014, 04:49:29 PM
#50
Other than being careful with all the links, you should enable 2FA on every sites in which the feature is available (eg. Coinbase, Bitstamp, btc-e, blockchain.info, etc) as a second protection to your bitcoin.
blockchain.info has it by default I think. On new computers, or if it has been a while I have to check my email to re verify my wallet.
legendary
Activity: 1120
Merit: 1000
September 17, 2014, 04:47:19 PM
#49
Other than being careful with all the links, you should enable 2FA on every sites in which the feature is available (eg. Coinbase, Bitstamp, btc-e, blockchain.info, etc) as a second protection to your bitcoin.
hero member
Activity: 762
Merit: 500
September 15, 2014, 02:54:11 PM
#48
I`ve been hacked with Phishing method on btc-e.com
hero member
Activity: 882
Merit: 1000
Exhausted
September 15, 2014, 12:21:27 PM
#47
I saw people complaining about a phishing attempt on users on this forum too.

The person PM you, saying he has bad new or something, and post a link, that looks like a bitcointalk.org address, and if you click on that link, it prompts you to login. When you type in your username and password, your account is hacked.  Angry

Yup, you need to be careful with all the links in posts, PMs, or emails.
Double check if the hyperlink is leading to the right site before clicking it, and be extra careful with redirecting links.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
September 15, 2014, 01:29:28 AM
#46
I saw people complaining about a phishing attempt on users on this forum too.

The person PM you, saying he has bad new or something, and post a link, that looks like a bitcointalk.org address, and if you click on that link, it prompts you to login. When you type in your username and password, your account is hacked.  Angry

Luckily, nobody wants a newbie account, like mine. ^smile^
newbie
Activity: 52
Merit: 0
September 15, 2014, 12:09:41 AM
#45
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks Cheesy
and the i close that link and delete the email from my email Cheesy
It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod
Get a wallet prefix, I got one. You don't have to keep any identifier anywhere, you just go to blockchain.info/wallet/mywalletname and it will fill in the identifier for you if the computer is trusted, if not it sends an email to confirm the computer and you can either click on the link in the email, or reopen the site for security. I personally use it.
What if you don't have an email associated with your wallet? Will it let anyone who knows your prefix attempt to access your wallet? How does it know your computer is "trusted"
hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
September 14, 2014, 11:10:17 PM
#44
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks Cheesy
and the i close that link and delete the email from my email Cheesy
It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod
Get a wallet prefix, I got one. You don't have to keep any identifier anywhere, you just go to blockchain.info/wallet/mywalletname and it will fill in the identifier for you if the computer is trusted, if not it sends an email to confirm the computer and you can either click on the link in the email, or reopen the site for security. I personally use it.
full member
Activity: 126
Merit: 100
September 14, 2014, 11:05:15 PM
#43
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks Cheesy
and the i close that link and delete the email from my email Cheesy
It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod
sr. member
Activity: 463
Merit: 252
September 14, 2014, 09:24:12 PM
#42
(I'm posting about the invoice jars in this thread because it's the only thread on bitcointalk that mentions it)

It's not just cloudhashing.com, it seems as though somebody got into the mailing servers (or at least spoofed them, but it looks legit) of various large/largish bitcoin websites, i got one from btc-e.

I got an email from both btc-e.com and cloudhashing.com with this invoice_772.jar

Actually, cloudhashing.com was invoice_773.jar

The "From" header in an email is not authenticated in anyway.

These emails are being sent from compromised servers through the smtp.com email service.

Please forward the phishing email to [email protected]

The .jar file contains a packed (ie disguised) trojan.

Whoever is doing this is rapidly modifying their technique and constantly changing the packing format.

It takes about 2 weeks for major AV products to update their signatures each time the attacker updates it, which unfortunately makes them basically useless.

tl;dr dont execute email attachments ending in .jar antivirus cant help you with this one!
member
Activity: 83
Merit: 10
August 26, 2014, 03:58:35 AM
#41
Phishing is the problem that cannot be controlled.It's the huge threat for many people around the internet every now and then.And also many people doesn't know about it or by ignorance they become a victim of it and loose money.
sr. member
Activity: 476
Merit: 255
August 24, 2014, 09:04:46 PM
#40
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks Cheesy
and the i close that link and delete the email from my email Cheesy

haha me too, sometimes we want to know how the phising looks like  Grin
there are many types of phishing that used by the bad guys  Undecided
hero member
Activity: 882
Merit: 595
August 24, 2014, 06:27:10 PM
#39
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks Cheesy
and the i close that link and delete the email from my email Cheesy
hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
August 24, 2014, 06:17:25 PM
#38
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 
hero member
Activity: 882
Merit: 595
August 24, 2014, 05:56:38 PM
#37
i already got an email from blockchain after i open the link its look phising website

and i close that link Cheesy
hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
August 24, 2014, 05:42:02 PM
#36
Thanks for the info. The more the better, we gave to spread the word of all these scams.
sr. member
Activity: 257
Merit: 251
hero member
Activity: 588
Merit: 500
Get ready for PrimeDice Sig Campaign!
August 24, 2014, 03:13:50 PM
#34
Set a second password on your blockchain wallet. If a hacker gets your credentials they need this second password t actually get any money out.
sr. member
Activity: 406
Merit: 250
August 24, 2014, 11:47:21 AM
#33
Thank you for posting this. We can all have those moments were we lose concentration for a few seconds and can accidentally click on something not realising but seeing posts like this is a stark reminder of just how bad things can be if we did and what do look out for.
hero member
Activity: 499
Merit: 500
August 23, 2014, 11:40:00 AM
#32
hey guys, yesterday i clicked that jar file ( yes I am an Idiot). Good thing I have last line of defenses (2-Factor Authentication, encryption) on every coins related programs and websites. I deleted the file right away, but I am still worried something hidden program is still there on my pc. could you guys please help me how to scan and remove it? i ran anti-virus programs like malware bytes and AVG and they showed that file is "clean".  I am confused now. please help.

I am paranoid, and I suggest you to format the hard disk after backing up the important files.

For anti-virus programs, they can't catch 100% of the malware.
But still it is good to have a good anti-virus program as they can probably catch 90% of the malware.
Pages:
Jump to: