Author

Topic: Request: add bitcointalk.TO to [phishing] list (Read 992 times)

copper member
Activity: 2996
Merit: 2374
September 04, 2018, 08:50:27 AM
#43
I’m sure most mirrors sell ads or otherwise monetize their site.

This is also true for nearly every other website on the internet.

There are probably too many mirrors and potential domains with similar spellings to bitcointalk for it to make sense to buy them. It would probably make sense to register unused domains though, especially considering how much money the forum is swimming in.
legendary
Activity: 2968
Merit: 3061
Join the world-leading crypto sportsbook NOW!
I don't think that domain is making an active effort to trick people into giving any kind of personal information. If you have evidence this site is trying to obtain some personal information via deception, you should post said evidence.

Bitcointalk.to appears to be a mirror of some sort, similar to the many other mirrors that are out there. Mirrors are useful in that they give people behind things like the GFW additional ways to access the forum, and its free flow of information.
+1

Just the fact that the captcha doesn't work in the login page kinda "proves" that phishing isn't the main focus of the website. In fact, maybe they don't even record logins (just don't try to login, maybe they do).

Also, wasn't the forum changing every mention to https://bitcointalk.to to https://bitcointalk.org ? What changed?

Maybe they're just trying to leech traffic for whatever reason. Their plan might be to sell it at some point or monetise it (is there any ads on that site?). I clicked on a mirror a while back and it had a pop up advert so that's one way they might choose to monetise mirroring this board.

I don't think that domain is making an active effort to trick people into giving any kind of personal information. If you have evidence this site is trying to obtain some personal information via deception, you should post said evidence.

Bitcointalk.to appears to be a mirror of some sort, similar to the many other mirrors that are out there. Mirrors are useful in that they give people behind things like the GFW additional ways to access the forum, and its free flow of information.

Is it possible for bitcointalk.org to purchase the domain to avoid getting phished? Or it will costs a fortune if you will buy another domain just for this reason?

This would be akin to paying ransoms. If you pay one then once people realise you cough up for such things others would then start doing it (or the same party does it again in the hope you'll keep paying them). If you purchased this domain, then people will just start using others like bitcointalk.ch, bitcointalk.jp and so on and then you have to keep buying them or buy all the possible similar domains you can as a preemptive measure and it just never ends.  It would be much easier to just try police them as they pop up by filtering them out etc. Not perfect by any means but better than playing cat and mouse with unscrupulous individuals who are looking to extort you.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Also, wasn't the forum changing every mention to https://bitcointalk.to to https://bitcointalk.org ? What changed?
I don't know if it did in the past, but it doesn't change the link now.

Is it possible for bitcointalk.org to purchase the domain to avoid getting phished?
That would give a great incentive to scammers to register many more phishing sites.

It's already wordfiltered, just in a different way than sites that are 100% clear phishing.
I can't figure out how it's filtered. See the link quoted above.
administrator
Activity: 5222
Merit: 13032
It's already wordfiltered, just in a different way than sites that are 100% clear phishing.

Is it possible for bitcointalk.org to purchase the domain to avoid getting phished? Or it will costs a fortune if you will buy another domain just for this reason?

That'd be subsidizing bad behavior.
legendary
Activity: 2758
Merit: 6830
Is it possible for bitcointalk.org to purchase the domain to avoid getting phished? Or it will costs a fortune if you will buy another domain just for this reason?
The owner needs to agree on selling it. If - and only if - he wants to sell it, he can ask for any price he wants (even unrealistic prices).
member
Activity: 336
Merit: 42
I don't think that domain is making an active effort to trick people into giving any kind of personal information. If you have evidence this site is trying to obtain some personal information via deception, you should post said evidence.

Bitcointalk.to appears to be a mirror of some sort, similar to the many other mirrors that are out there. Mirrors are useful in that they give people behind things like the GFW additional ways to access the forum, and its free flow of information.

Is it possible for bitcointalk.org to purchase the domain to avoid getting phished? Or it will costs a fortune if you will buy another domain just for this reason?
newbie
Activity: 3
Merit: 0
I lost my junior member account to those ass munchers.  I locked it so they can't use it.  But I can't get it back because I don't have a key staked - never posted a key in bounty or sig or nothing.  Fucking fuck those hacker fucks until their eye balls are bleeding jiz.
legendary
Activity: 2758
Merit: 6830
I don't think that domain is making an active effort to trick people into giving any kind of personal information. If you have evidence this site is trying to obtain some personal information via deception, you should post said evidence.

Bitcointalk.to appears to be a mirror of some sort, similar to the many other mirrors that are out there. Mirrors are useful in that they give people behind things like the GFW additional ways to access the forum, and its free flow of information.
+1

Just the fact that the captcha doesn't work in the login page kinda "proves" that phishing isn't the main focus of the website. In fact, maybe they don't even record logins (just don't try to login, maybe they do).

Also, wasn't the forum changing every mention to https://bitcointalk.to to https://bitcointalk.org ? What changed?
legendary
Activity: 2534
Merit: 1517
#1 VIP Crypto Casino
I think I can keep bumping this until the title reads "add [phishing] to [phishing] list" Wink

An interesting fact, as cheater hunter sometimes I need to copy paste one eth address on google bar search and often I find the eth address from a research as bitcointalk.to while the bitcointalk.org is not even shown on the results of google.
If you copy the .to link and you change the .to with .org, the page it esixt on our forum.

Why google shows .to researches but not the .org ones?
copper member
Activity: 2996
Merit: 2374
I don't think that domain is making an active effort to trick people into giving any kind of personal information. If you have evidence this site is trying to obtain some personal information via deception, you should post said evidence.

Bitcointalk.to appears to be a mirror of some sort, similar to the many other mirrors that are out there. Mirrors are useful in that they give people behind things like the GFW additional ways to access the forum, and its free flow of information.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
I'm pretty sure that theymos has seen this, what can be the reason that it's not added yet to the list with phishing sites?

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I think I can keep bumping this until the title reads "add [phishing] to [phishing] list" Wink
hero member
Activity: 2660
Merit: 551
I must admit that I'm also guilty of having linked that phishing site in the forum last February but LoyceV quickly PM me and I edited my post.

Honesty baffles me how a phishing site can outrank the real one on Google search.

I checked the backlinks of that phishing link and most of them are garbage. The owner has bad intentions of having this site copied this community, so I have no doubtsthat he/she/they knows black-hat methods on how to get into Google's page 1 and outrank us.
sr. member
Activity: 602
Merit: 327
Politeness: 1227: - 0 / +1
Today is the first time I hear .to is a phishing site, and this is one of the reasons, it always pops up in Google, I always thought it was just a backup copy of the forum or a mobile version. I was wondering why I get logged out each time.
iasenko was right, if ever that you've logged-in in that site, you should change your password immediately. There are lot of Phishing sites out there waiting for victims, this ".to" domain of Bitcointalk is not alone. You should be very careful about clicking links and always check if you are in the right link. Bookmarking Bitcointalk.org will somehow save your account.
I have discussed ".to" phishing site before. Here's the link https://bitcointalksearch.org/topic/m.40187218
Try to visit it if you have sometime.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
Honesty baffles me how a phishing site can outrank the real one on Google search.
Today is the first time I hear .to is a phishing site, and this is one of the reasons, it always pops up in Google, I always thought it was just a backup copy of the forum or a mobile version. I was wondering why I get logged out each time.
I hope you never tried to log in there. Maybe now is the time to change your password just in case.
hero member
Activity: 1134
Merit: 502
Honesty baffles me how a phishing site can outrank the real one on Google search.
Today is the first time I hear .to is a phishing site, and this is one of the reasons, it always pops up in Google, I always thought it was just a backup copy of the forum or a mobile version. I was wondering why I get logged out each time.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
I wonder how the other phishing sites were changed to [phishing] for no time but this sh!t is still unhanded for so many months now.

I still ask why? The case with bitcointaLLk was resolved in matter of days, here we are talking about months, many months..
copper member
Activity: 630
Merit: 420
We are Bitcoin!
If bitcointalk[.]to gets added to the phishing list, it will probably get filtered out and changed to something like "[phishing]".
Thanks mate, make sense now however I thought there is a public list of phishing sites. My bad.
member
Activity: 280
Merit: 41
Honesty baffles me how a phishing site can outrank the real one on Google search.
legendary
Activity: 2758
Merit: 6830
I think I can keep bumping this until the title reads "add [phishing] to [phishing] list" Wink
Where is the "add [phishing] to [phishing] list" ?
If bitcointalk[.]to gets added to the phishing list, it will probably get filtered out and changed to something like "[phishing]".

Notice the title of the thread.
copper member
Activity: 630
Merit: 420
We are Bitcoin!
I think I can keep bumping this until the title reads "add [phishing] to [phishing] list" Wink
Where is the "add [phishing] to [phishing] list" ?
legendary
Activity: 2758
Merit: 6830
As of now, the site has been shut off. The phishing site is offline
Still working here.

Here is an archive from right now: https://archive.is/8oHxX
member
Activity: 317
Merit: 13
★Adconity.com★
As of now, the site has been shut off. The phishing site is offline
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
I wonder how the other phishing sites were changed to [phishing] for no time but this sh!t is still unhanded for so many months now.
newbie
Activity: 39
Merit: 0
how did they get a copy of the forum database because they have the same exact topics/users/posts
full member
Activity: 1176
Merit: 162
I was redirected on that domain last week too, I search some ico on google and it was redirected to that site but it is suspicious because
I am logout and I quickly check the domain and it was different so be attentive guys. Everyone need to see this Thread.
or install Cryptonite by MetaCert this is an extention on chrome it helps to avoid phishing sites.
copper member
Activity: 1526
Merit: 2890
I will bump this too, because I have fallen once for this .to site. Even though I knew about it but due to it appeared in Google search I open the linked and tried to login also with my correct username and password.
Yes there was captcha error but, I only realized after I tried to login.

If there is such phishing sites list, theymos please ad [bitcointalk].[to] to this list.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(


I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
So thanks to this they had to lock this phishing and nobody was fooled anymore.

Let me explain you in a simple way what is this because it looks like you have no Idea.
This method allows you to block any links to this phishing domain locally on your own computer by editing one system file called "hosts". The function of the file is to map an IP address to a web site. Normally all the mapping is done automatically but in some cases you can do it manually.
In the above example the IP address /127.0.0.1/which is mapped to the phishing site is called a localhost /it is assigned to your computer by default/ and all the calls to the site are redirected to it, so they return en error.
This prevent you from opening phishing link from this domain.

Hope is more clear now.
hero member
Activity: 2352
Merit: 905
Metawin.com - Truly the best casino ever
But since it's impossible to ban all unwanted url, we have to make a list of accepted urls like: bitcointalk.org, bitblender.io, cointelegraph.com and etc websites.
A whitelist is very tricky: if one of them would turn into a scam, the forum could be blamed for whitelisting them.

I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
So thanks to this they had to lock this phishing and nobody was fooled anymore.
Do you even know what that post is about?
Well, whitelist may sounds risky but look things differently. This whitelist mustn't claim which website is scam or not. I mean it will just collect original URLs of serviced offered on our website and only phishing will be prevented, it has to do nothing with website's trustworthiness.

And what's about user above you, no he doesn't know what that post is about, quoted here blindly  Grin
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
But since it's impossible to ban all unwanted url, we have to make a list of accepted urls like: bitcointalk.org, bitblender.io, cointelegraph.com and etc websites.
A whitelist is very tricky: if one of them would turn into a scam, the forum could be blamed for whitelisting them.

I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
So thanks to this they had to lock this phishing and nobody was fooled anymore.
Do you even know what that post is about?
member
Activity: 322
Merit: 23
***-snip-
Fortunately, it doesn't seem a phishing site but a static copy in where you can only find this false thread, but you cannot modify in any sense the site, you cannot log in, so your Bitcointalk identity is secure.
I've tried to make a google search regarding the topic and it is not positioned, gladly, in fact, this is really difficult to find if you don't know with precision the name of the fake site.
Nevertheless, this piece of shit, this crap, this scammer, has won something with it, and at the cost of 9 people here...
What da, 9 people fooled at this phishing site by the scammer and giving some bitcoin hoping to doubled with and they think that is real Satoshi. I am too curious how scammer make this phishing site looks like real.

Well, thanks to LoyceV we all aware and warn of that phishing site that probably we are the next victim, much better just bookmark the site and then easily to click bookmark site of bitcointalk.org everytime you use.


I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
So thanks to this they had to lock this phishing and nobody was fooled anymore.
hero member
Activity: 2352
Merit: 905
Metawin.com - Truly the best casino ever
Yesterday, user Sanya_sun (now banned) was spamming phishing links to Bitcointalk.org spelled with double L ("taLLk"). Most of his posts have been deleted, but there's one left:
Satoshi retrurns! Shocked Shocked Shocked
https://[phishing]/index.php.topic=5.msg28.php
It's very nice to see the phishing link is now automatically replaced by a warning!
My request: please do the same with the phishing link mentioned in the topic title. Those links are often posted, probably because Google keeps showing them.
Thank you, you just gave me some thoughts.
Not only bitcointalk phishing urls, we have to do the same about mixers and etc.
But since it's impossible to ban all unwanted url, we have to make a list of accepted urls like: bitcointalk.org, bitblender.io, cointelegraph.com and etc websites.
If anyone decides to open ANN thread, there must be someone who will add their url in list.
Maybe it takes some work but crypto is the place where most scammers try their best with different methods to scam people (like mixer, mining, gambling script)...
legendary
Activity: 2758
Merit: 6830
This site has to be closed permanently. I had some links in my guide and in my merit giveaway thread, leading to the .to domain.
Thanks to vlad230 I got them cleaned up, but just wondering how did I end up with the phishing links in the first place?
I started writing my guide back in the autumn last year when I was a newbie so probably they were already circulating in the forum.
You probably got them on Google. I had a few of them in one of my posts when I was researching an user.

Loyce was the one that warned me. And I see that he didn't mention adding the fake website to your hosts file while it hasn't been blacklisted.

I totally fell for the cloned site, until I realized I couldn't see your trust ratings.
I have added this line to /etc/hosts
Code:
127.0.0.1       bitcointalk.to
Now my computer can't access that phishing site anymore.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
This site has to be closed permanently. I had some links in my guide and in my merit giveaway thread, leading to the .to domain.
Thanks to vlad230 I got them cleaned up, but just wondering how did I end up with the phishing links in the first place?
I started writing my guide back in the autumn last year when I was a newbie so probably they were already circulating in the forum.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Another red flag is 3 members gave more than 50 merits to the user which is not allowed in the forum.
This is incorrect: it's not allowed to give more than 50 merit per month to the same user. But you can give 50 merit again the next month.

Check Satoshi's first post for yourself.
hero member
Activity: 1680
Merit: 655
They got the guts to copy the site entirely but any member who is familiar with the site and its members would see this is a fake one. Just by typing the phishing site you instantly get redirected to Satoshi's "post" which is a no-brainer, another thing is when you try to log-in it won't work as it will again redirect you to the post. I just hope that this site will shut off entirely you can even see that this phishing site copied some notable members here in the forum and that is including the theymos.

Edited: Thanks LoyceV I have removed my mistake.
member
Activity: 434
Merit: 18
WPP ENERGY - BACKED ASSET GREEN ENERGY TOKEN
Please beware of those phishing sites. Being cautious on the URL's will not take time and its for our own good. My suggestion is to add bitcointalk.org to our bookmarks so we can typographical error. This is were phishing sites takes advantage. Checking the secure section just beside the URL is also a great practice. Sanya_sun won't stop trying to hack other account using phishing sites so always be cautious guys.
sr. member
Activity: 602
Merit: 327
Politeness: 1227: - 0 / +1
Thanks LoyceV, I've been aware about this Phishing site lately when I heard about this rumors that Members of Bitcointalk.org are being hacked and the possible reason is because they might be a victim of Phishing. Although this Sanya_sun is banned, we can't assure that there are no more Accounts/Members spreading this phishing link and trying to scam people around here.

Looks like double checking the link before clicking it is the best solution. But how if we didn't notice it. Links like this https://[phishing]/index.php.topic=5.msg28.php is much easier to find out if its phishing or not but how if the links is hidden in a text like this Phishing (The url provided is a link to Phishing's definition, just an example)
See? We must be double careful in clicking links. It's a relief that phishing sites automatically shows "phishing" so that it can warn people of Bitcointalk.org immediately.
legendary
Activity: 3346
Merit: 3125
Oh my god, i almost opened that thread yesterday, too sleepy to do that, and come back to pc this morning hoping to read it, but i found this thread instead. Maybe, yesterday, i will click to that link because news about satoshi is interesting and intriguing but thanks i didnt. This phishing case should be moderated fastly by moderator or admin, and automation on replacing the link to [phishing] is a great way to deal with this case. Just need a lot of database of phishing link so it will run perfectly.

Thanks LoyceV, you saved my life.

The site is still working, despite the links to it are closed by now:


Also, the scammer has won some dollars by creating this site, taking a look at the BTC address he/she posted on the fake site, the winnings are:



Fortunately, it doesn't seem a phishing site but a static copy in where you can only find this false thread, but you cannot modify in any sense the site, you cannot log in, so your Bitcointalk identity is secure.
I've tried to make a google search regarding the topic and it is not positioned, gladly, in fact, this is really difficult to find if you don't know with precision the name of the fake site.
Nevertheless, this piece of shit, this crap, this scammer, has won something with it, and at the cost of 9 people here...
member
Activity: 317
Merit: 13
★Adconity.com★
I actually believed it, until I checked satoshis real profile and saw that he never was active

Good that she's now banned
legendary
Activity: 2814
Merit: 2472
https://JetCash.com
It's great to see the domain is being replaced by the word "phishing" in links. This will help to protect Bitcoin Talk members. At first I thought it would be a good idea to replace all references to the domain, but on reflection, I think it would be better to leave the name intact in warning posts that don't contain an active link. This will help to protect lurkers and Google users who are not members of Bitcoin Talk. If we can make sure that these scams are not profitable, then hopefully we can reduce the number of them in the future.
sr. member
Activity: 476
Merit: 359
Oh my god, i almost opened that thread yesterday, too sleepy to do that, and come back to pc this morning hoping to read it, but i found this thread instead. Maybe, yesterday, i will click to that link because news about satoshi is interesting and intriguing but thanks i didnt. This phishing case should be moderated fastly by moderator or admin, and automation on replacing the link to [phishing] is a great way to deal with this case. Just need a lot of database of phishing link so it will run perfectly.

Thanks LoyceV, you saved my life.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Yesterday, user Sanya_sun (now banned) was spamming phishing links to Bitcointalk.org spelled with double L ("taLLk"). Most of his posts have been deleted, but there's one left:
Satoshi retrurns! Shocked Shocked Shocked
https://[phishing]/index.php.topic=5.msg28.php
It's very nice to see the phishing link is now automatically replaced by a warning!
My request: please do the same with the phishing link mentioned in the topic title. Those links are often posted, probably because Google keeps showing them.
Jump to: