Author

Topic: Phishing Revisited (Read 382 times)

member
Activity: 882
Merit: 17
March 18, 2020, 07:57:48 AM
#15
with all these methods, one begins to wonder whether we can still use the WIFI services. it may be wise to say the Cable network remains the only trusted and secure network. it is a known fact that Wired network are more secured that wireless Network. As long there is no external person coming into the room to access the network. what differs is the cost to set it up.
hero member
Activity: 2254
Merit: 537
My passive income eBook @ tinyurl.com/PIA10
March 15, 2020, 09:25:37 PM
#14
Bump, I updated it with another entry, [6] Juice Jacking.

[6] is about those random USB connectors sticking out of the walls, right?

On a side note NGL, that's some double entendre shit right there Cheesy
legendary
Activity: 2576
Merit: 1655
March 15, 2020, 06:35:07 PM
#13
Bump, I updated it with another entry, [6] Juice Jacking.
hero member
Activity: 2268
Merit: 588
You own the pen
July 15, 2019, 04:50:19 AM
#12
Back then, the Only thing I know about phishing is that its a clone of some of the popular websites and created to steal some information of the users that registered from that site, like usernames and passwords.

until I saw in the movie that there is this thing called Voice Phishing. this one is the most brutal phishing I've ever seen because they can mimic the voice of some people you knew like the voice of your Boss trying to convince you to deposit some cash on some random address, this is the worst phishing I saw.

but when I saw Your topic I even surprise me because there is still phishing method that I still don't know Until I decided to open this thread. Thanks for your help it will make us aware on this kind of thing.
hero member
Activity: 510
Merit: 574
Too Little, Too Late.
July 15, 2019, 04:34:37 AM
#11
MyEtherWallet domain was social engineered using this kind of attack like a year ago if I'm not mistake,

the attack that happened to MEW wasn't via social engineering but was a DNS hack.
"Couple of DNS servers were hijacked to resolve MEW users to be redirected to a phishing site." (source)


Credit to @mikeywith for pointing this out in the Arabic section, in a translated version of this topic.
legendary
Activity: 3038
Merit: 2162
July 14, 2019, 04:20:30 PM
#10
I really don't understand how Google allow those phishing sites to be indexed, and appear in rank1 of organic searches

Obvious phishing such as bitcointalk.to (which I still click sometimes, because it is really identical to the original.
Why don't Google simple remove it from results?

Google is just an algorithm, and people with expertise in SEO can crack it and bring almost anything to the top - so the problem here is the lack monitoring from humans. Google also might not want to intervene in some cases when phishing can't be easily proven, and to make them start taking action they should first receive a lot of user reports.

For now Google rarely comes under fire in phishing cases, so they don't have incentive to do anything about it. Take Youtube for example - when people started complaining about far-right videos, Youtube quickly rolled out a system that hides and demonetizes such videos, even at the cost of false-positives - all because they started to lose money from advertisers.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
July 14, 2019, 05:40:23 AM
#9
~snip~

I agree with part that people do not report such sites as much as they should, and the reason is that such an option is not available directly in Chrome which is most used browser. But there is exstension Suspicious Site Reporter (link in my previous post) that allows just that, and by using that user can report problematic site very quickly and efficiently.

As for bad reports, there is no doubt that they exist, but Google is checking everything and it is not easy to fool them by reporting by using VPN or Tor, and if some reports is mostly coming from such IPs it can be assumed that this is false report. However, I think it's very easy to check that some page is copy of the other.
legendary
Activity: 2576
Merit: 1655
July 14, 2019, 04:45:19 AM
#8
I really don't understand how Google allow those phishing sites to be indexed, and appear in rank1 of organic searches

Obvious phishing such as bitcointalk.to (which I still click sometimes, because it is really identical to the original.
Why don't Google simple remove it from results?

I guess the main reason why Google is still allowing phishing sites is that people are not reporting it. However, the problem is that they can't just take down any site as reported because there are some bad actors, who reports competing sites for obvious reasons of getting rid of competition and it's been practice for many years now. So at the end, it could be a lengthy process before we can see Google taking those phishing its and not get index on their search engine.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
July 13, 2019, 08:15:57 AM
#7
You can just bookmark the forum on your browser  so you can revisit it anytime without falling to the phishing site.

This doesn`t solve my problem, because I don't use google searches to look for a bookmarked website. I use google search to look for an specific topic or information that I don't have.

You can modify your host file add the site to it and in that way block your computer from accessing it.

Read about that here:
https://bitcointalksearch.org/topic/how-to-block-phishingscam-sites-by-adding-the-site-in-host-file-5134015

Or just use the site:bitcointalk.org method to display results only from bitcointalk.org

This is somehow a nice turn around, but still not a solution (because I use it in different computers, mobile,etc). But I did the procedure, thanks.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
July 13, 2019, 08:04:52 AM
#6
Phishing is without doubt a very serious problem, but this is just one of the bad sides of the internet against which we struggle to fight every day. We can help to others in a way to report such sites to Google by using their report site, or directly through browser. When you get some suspicious link in e-mail inbox, report is as spam and after a certain number of reports such message will go in spam folder directly.

Do not reply to unknown SMS or calls from strange unknown number, just ignore them or even better report to your service provider because they can block such numbers. Always use adblock in your browser, it will block ads and save you from phishing sites. When you are sure that you are on legit site, save it to bookmarks and use it always.

Useful links :

 - https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
 - https://www.trishtech.com/2017/08/how-to-report-malicious-sites-in-firefox/
 - https://chrome.google.com/webstore/detail/suspicious-site-reporter/jknemblkbdhdcpllfgbfekkdciegfboi


hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
July 12, 2019, 06:39:40 PM
#5
I really don't understand how Google allow those phishing sites to be indexed, and appear in rank1 of organic searches

Obvious phishing such as bitcointalk.to (which I still click sometimes, because it is really identical to the original.
Why don't Google simple remove it from results?
You can just bookmark the forum on your browser  so you can revisit it anytime without falling to the phishing site.

Even on their google playstore, they won't do anything with those fake/scam apps unless there will be reports about it.
legendary
Activity: 2730
Merit: 7065
July 12, 2019, 06:23:34 AM
#4
Most of these phishing incidents happen because of a compete lack of common sense. How people can believe that they can get free money in a few clicks of a button still surprises me.

Obvious phishing such as bitcointalk.to (which I still click sometimes, because it is really identical to the original.
You can modify your host file add the site to it and in that way block your computer from accessing it.

Read about that here:
https://bitcointalksearch.org/topic/how-to-block-phishingscam-sites-by-adding-the-site-in-host-file-5134015

Or just use the site:bitcointalk.org method to display results only from bitcointalk.org
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
July 12, 2019, 05:49:20 AM
#3
I really don't understand how Google allow those phishing sites to be indexed, and appear in rank1 of organic searches

Obvious phishing such as bitcointalk.to (which I still click sometimes, because it is really identical to the original.
Why don't Google simple remove it from results?
legendary
Activity: 2534
Merit: 1397
July 12, 2019, 01:16:38 AM
#2
Phishing problems are growing, and it will continue to grow since the internet will never go. Every people using the internet are really prone to become the victim of phishing, especially those non-techy or newbie.



Data by Google since 2006 up to 2019. Phishing sites (orange) detected by them are growing, it's really alarming especially now, we are in the modern world, the internet is easy to access now and there will be a person who will use the internet to commit such these kind of crime.
I created a thread before about Phishing and how we can avoid or identify it: [GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto.
legendary
Activity: 2576
Merit: 1655
July 11, 2019, 10:14:50 PM
#1
I guess it's about time to revisit this important subject as the price of bitcoin is picking up and so are those cyber criminals. According to this report, Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades..

Don't forget about catphishing as well. That's when some dude pretends to be a female to try get their victim to let their guard down and send them bitcoins (because obviously a woman would never scam anyone - they're far too nice for that).

Here is a classic scandalous example: Alia's case.

[4] Domain spoofing - I think this one is very predominant and may have been used by cyber criminals more often. They could impersonate a legit website like this forum, adopting the feel and looks so you need to look closely at the domain name. They could completely hide it using this puny code technique. MyEtherWallet domain was social engineered using this kind of attack like a year ago if I'm not mistake, which causes millions of dollars lost for crypto enthusiast.

[5] Evil twin phishing - "An evil twin, in security, is a rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the end-user's knowledge."

[6] Juice Jacking - this is where cyber criminals uses public USB port as their attack vector. We can compare this to card skimming scams. Criminals are mirroring the real device so that when you plug-in and try to charge your mobile phone, they can either used it to (1) install malware into your device (2) copy all your data in it.

Source: https://searchsecurity.techtarget.com/definition/evil-twin.

Remember that we always say not to trust public WIFI? However, criminals has found a way to even attack us by disguising as a real and legitimate WIFI access, maybe this is not as well known as other attack vector but this is very scary as well.

It's really hard for us to not to fall for this trick. But at least we should be aware of it and maybe have seconds thoughts before clicking or even giving out our personal data. And for those sites we trusted, a good password manager is a must, or uses 2FA, you can refer to bitmover's 2FA or    nakamura12's [Guide] How to Enable 2FA using Google Authenticator!.

So be very careful and vigilant !!!.
Jump to: