I made an account on this suspicious website:
https://probitcoin.in/I talked to the owner via his support chat.
I'm sorry for my English here... It's a bit hard to explain. I have simplified it below:
Me: How are passwords stored in your database?
Him: We only keep the MD5 of the password, not the raw password
Me: Can you show me my MD5 then? My username is X.
Him: The MD5 of your password is 5f4dcc3b5aa765d61d8327deb882cf99.
My real password is "Password", which has md5: dc647eb65e6711e155375218212b3964
The md5 he gave me corresponds to "password" and not "Password"...
In other words, the owner of this website quickly tried to enter my RAW password into an md5 calculator, but mistyped it...
I then tested to log in with both passwords, and the lowercase one doesn't work (which is the one that corresponds to the MD5 that he claims is stored in his database)
Immediatly after i tested this, he told me in the live chat that there is a connection error, and then he signed off. 10 seconds later, i could not connect to his website at all, and it's still offline at the time i'm posting this.
I have tried with different IP addresses, all fail to connect to his website (so it's not like only my IP is blocked)
The password i mention here is ofcourse not my real one, nor did i give him a password i use anywhere else. (yes, i was smart enough)