Author

Topic: Possible Scam? (Read 187 times)

legendary
Activity: 2408
Merit: 2226
Signature space for rent
February 19, 2021, 12:54:53 PM
#12
Email address quite confusing for newbies since the email domain almost looking the same. Just ask yourself, had you submitted your email anywhere during the installation of Electrum? I don't think so, because I have been using Electrum but hadn't seen them asked for the email address. Even on the website, there are no places for email submission. Most probably this is a spoof email just trying to scam you. Honestly, I even do not update the Electrum wallet from the software. If there is a new version then I directly visit the official website and download it from there. Just ignore such emails.
legendary
Activity: 2492
Merit: 1232
February 19, 2021, 09:51:42 AM
#11
Generally it's an old trick, I don't know if there are any new update.
Tend to agree and that old trick was having similar to what happened last year, millions worth of Bitcoin has been successfully stolen by the hackers using that technique.  It's a malicious link that usually commonly pops up on your screen on your wallet saying that the user needs to update their Electrum wallet app, but the link hasn't come from the official site of Electrum.org but it looks like Electrum official which have a malicious link upon clicking.

IIRC, since Electrum is an open-source wallet and any dev or users can run their own Electrum server and that's what they called, ElectrumX and everyone can set up using this gateway server which easily for them to insert a malicious link.  There are too many possible loopholes in electrum wallet and this might be hackers can be used.  Just follow what  o_e_l_e_o said above, verifying is the most important before you will download.

Good thing that you didn't get fooled.
legendary
Activity: 2702
Merit: 4002
February 19, 2021, 07:20:31 AM
#10
If the electrum.org domain is under control of ThomasV and/or core Electrum devs then how did this guy manage to send an e-mail using an address from that domain since the mail DNS records for electrum.org (if there are even any) aren't even pointing to his mail provider?
you only need SMTP server (open port 25 "usually blocked by ISPs") and some services like ---> https://github.com/Synchro/PHPMailer
any way, you need to view the source code of the email, read message headers and you can get IP address.
Compare it with the source IP address and you will know if it from real sender or spoofed.

Generally it's an old trick, I don't know if there are any new update.
legendary
Activity: 2212
Merit: 7064
February 19, 2021, 04:59:51 AM
#9
Is this genuine?

Electrum is not sending emails, and your email address was most likely been leaked in some of the previous leaks and most likely it was from one million leaked ledger wallet emails.
You can check this on haveibeenpwned.com, and if this is the case than my advice would be to change your email address and mark received emails as spam.
Consider every email you receive as potential phishing and scam attempt.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
February 18, 2021, 10:18:49 AM
#8
Given the price of BTC some scammers are becoming more imaginative with ways of cheating. For me personally, any email that has anything to do with crypto is not legal - no matter what it is and who it comes from. I get 4-5 such e-mails from Ledger leak every day, and in 90% of cases they end up in the spam folder.

The only thing I regret is that I'm not technically advanced so that I can send my seed to each of them - and when they try to open it, a surprise pops up in the form of ransomware - only with the exception that I wouldn't ask for a ransom Smiley
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
February 18, 2021, 01:56:55 AM
#7
Your email must be exposed in public or has been used to a service who were hacked. I hope you deleted the email without clicking any link.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
February 17, 2021, 11:29:13 PM
#6
If the electrum.org domain is under control of ThomasV and/or core Electrum devs then how did this guy manage to send an e-mail using an address from that domain since the mail DNS records for electrum.org (if there are even any) aren't even pointing to his mail provider?
It's spoofed. The email header should indicate that it is not sent from Electrum.org but via something else as it will almost always go through a few hops. Most email services will filter them out. It's entirely possible that the domain is just another that looks similar.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
February 17, 2021, 12:11:08 PM
#5
<[email protected]> is scam and it may try to send a message to you in different formats.

If the electrum.org domain is under control of ThomasV and/or core Electrum devs then how did this guy manage to send an e-mail using an address from that domain since the mail DNS records for electrum.org (if there are even any) aren't even pointing to his mail provider?
legendary
Activity: 2702
Merit: 4002
February 17, 2021, 11:31:26 AM
#4
Remember: Emails can be spoofed. It does not matter how authentic email sender even if it contains a link to ELECUTRM.ORG you must verify the signature.

Anyway, i googled that email address and found this

Quote
just now a guy claiming he is from Electrum support sent me e-mail to enter my 12 word code (seed) to confirm the wallet and it will be re-authenticated and btc will by synced back... jesus... scammers everywhere... and he used [email protected] mail

Source ---> https://www.reddit.com/user/bole1301111/comments/

<[email protected]> is scam and it may try to send a message to you in different formats.
Do not approve it and avoid posting your e-mail publicly.
legendary
Activity: 2268
Merit: 18748
February 17, 2021, 10:55:28 AM
#3
You can see from the official download page (and only place you should download from) that the current version remains 4.0.9 - https://electrum.org/#download
More importantly, if you follow the recommended practice of verifying the signatures with ThomasV's public key* then you can never fall victim to malicious version of Electrum.

Now ask yourself why that email address is receiving phishing attempts. Where have you used it that it has been leaked? Has it been part of a database leak along with other sensitive information about you or even passwords? Do you need to set up some new email addresses? Do you need to change your passwords?

*How to verify Electrum - https://bitcoinelectrum.com/how-to-verify-your-electrum-download/
ThomasV's public key - https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
February 17, 2021, 10:05:33 AM
#2
No, it is a phishing attempt. Electrum does not and should not have your email address (other than the 2FA wallet, which AFAIK goes to TrustedCoin and not Electrum so it wouldn't matter). It also doesn't notify the users of any updates other than in the interface itself.
jr. member
Activity: 32
Merit: 37
February 17, 2021, 10:04:26 AM
#1
I just received an email from "Electrum Official" <[email protected]> saying:

------------
New wallet with updated encrypted vault!  Cold Storage 
Keep your private keys offline, and go online with a watching-only wallet.  Add-ons 
Electrum supports third-party plugins: Multisig services, Hardware wallets, etc.  Instant On 
Electrum is fast, because it uses servers that index the Bitcoin blockchain.  Download update 

Electrum v.4.0.9-1 is available for download 
 ©  Electrum  2021 
Electrum Technologies GmbH 
Paul-Lincke-Ufer 8d | 10999 Berlin | Germany   

-----------

Is this genuine?
Jump to: