Pages:
Author

Topic: scammers using Exodus wallet fake email (Read 358 times)

full member
Activity: 896
Merit: 193
web developer for hire
August 06, 2023, 04:58:30 PM
#31
It's important I posted about Exodus wallet fake emails. Exodus Wallet didn't send emails asking for seeds or passwords. Telling ppl about the fake emails was important so it's done I'll lock the thread.
legendary
Activity: 2730
Merit: 7065
August 05, 2023, 02:48:44 AM
#30
I don't know how it is now, especially when they offer a third-party built-in exchange on the wallet. I dont if its still there.
I am guessing they offer some sort of instant swaps like many other wallets that have built-in exchanges. Instant exchanges are custodial. Some services like ChangeNOW like to falsely claim they are non-custodial or "free of custody" as they say. They are not. You need to deposit your coins into their addresses, and they hold the keys. Not only that, but your crypto could get frozen, and you could be asked to undergo KYC, explain the source of funds, explain how you got them, etc., etc. If we were talking about non-custodial services, you could then recover your coins, show them the middle-finger, and go elsewhere. But you can't. 
hero member
Activity: 1554
Merit: 880
pxzone.online
August 04, 2023, 05:35:03 PM
#29
which makes me think that Exodus was once a custodial service. 
I always thought that they are because of this recovery process. I don't know how it is now, especially when they offer a third-party built-in exchange on the wallet. I dont if its still there.
legendary
Activity: 2730
Merit: 7065
August 04, 2023, 11:31:05 AM
#28
I don't know, it is sent to the user's email after creating a wallet, only if the user input an email for the recovery purpose[1]
This seems to be an old recovery feature that you could use to regain access to your Exodus wallet if you installed the software on a different computer, for example, or if it stopped working on your current one. But if you have your seed, the email recovery feature isn't needed. They don't mention that you need a wallet file for successful recovery, which makes me think that Exodus was once a custodial service. 
hero member
Activity: 812
Merit: 619
August 03, 2023, 01:05:06 PM
#27
I've received fake emails from scammers pretending they're from Metamask. All they're after is for seeds or passwords to steal your money. I remember it had phishing links so I reported it. I should've put that info in a thread as a warning. Your idea for bookmarking official sites should protect users from risks so we should be doing it.

Yes add all scamming attempt faced by you to aware Bitcointalk family. actually scammers using different techniques and as a crypto user we should know every tricked they use to cheat people. I think Google should also now work on verified mail sign just like twitter to make it secure somehow. This verification sign should be given to only big company used for funding and business.

Bookmarking all big projects, exchanges ,wallets official site is very necessary because google will show promotional ads on the top and 99% are phising sites which will clean your wallet after connecting. sometimes we directed to these sites in hurry which cause big loss.
full member
Activity: 896
Merit: 193
web developer for hire
August 03, 2023, 08:00:40 AM
#26
I've received fake emails from scammers pretending they're from Metamask. All they're after is for seeds or passwords to steal your money. I remember it had phishing links so I reported it. I should've put that info in a thread as a warning. Your idea for bookmarking official sites should protect users from risks so we should be doing it.


If you receive the same email don't click or you'll be diverted to a scam site. You'll be threatened with funds being seized if you don't deliver your Exodus Wallet private key. They're scaring people with lies so if you've received it delete it. Don't worry nothing will happen as long as you don't click.

One of the common and old attempt of the scammers to scam people. I also recieved mails from fake Metamask email to update my Metamask because old Metamask has malware. when I clicked on this site , its asking for paraphrase which is clear scam. Thanks for sharing here to keep aware Bitcointalk community and i hope no one will be fool to trust on these mails.

we should always download app from official store and also bookmark official sites, official Twitter account and should not believe on any mail, sms or any attempt which is not related to official one.
hero member
Activity: 812
Merit: 619
August 03, 2023, 06:42:19 AM
#25

If you receive the same email don't click or you'll be diverted to a scam site. You'll be threatened with funds being seized if you don't deliver your Exodus Wallet private key. They're scaring people with lies so if you've received it delete it. Don't worry nothing will happen as long as you don't click.

One of the common and old attempt of the scammers to scam people. I also recieved mails from fake Metamask email to update my Metamask because old Metamask has malware. when I clicked on this site , its asking for paraphrase which is clear scam. Thanks for sharing here to keep aware Bitcointalk community and i hope no one will be fool to trust on these mails.

we should always download app from official store and also bookmark official sites, official Twitter account and should not believe on any mail, sms or any attempt which is not related to official one.
full member
Activity: 896
Merit: 193
web developer for hire
August 03, 2023, 06:33:48 AM
#24
I don't use Exodus wallet so didn't know how their users restore wallets. Users giving emails addresses to wallet providers isn't safe that option shouldn't be available. Scammers are attempting to extract seeds from users from phishing links. They're sending bulk emails with expectations of catching Exodus users to entrap.

Yes Exidos wallet is a non-custodial wallet so this email is meaningless, as long as you have control of your keys there is no fear.

Of course, trolls try to scare people who think that something may have happened to the wallet, so they may visit the phishing link out of curiosity to see what is going on.

But the point I would make in general is why people put their coins into a wallet that requires login or email or KYC or any of those things, the wallet should be fully decentralized.
hero member
Activity: 406
Merit: 443
August 03, 2023, 06:16:15 AM
#23
But the point I would make in general is why people put their coins into a wallet that requires login or email or KYC or any of those things, the wallet should be fully decentralized.
Exchanges are often described as centralized or decentralized, as you need a third party to exchange betwwen crypto and crypto to fiat.
wallets are described as closed source, open source, or non-custodial, custodial, but if the wallet is central (you need to connect to a central node), it is still safe if your private key generated in true random entropy and in clean opensource OS, the only problem here is privacy.

People use Exodus wallet because of the paid articles that appear when you search using keywords like BEST BITCOIN WALLET OR MILTICRYPTO WALLET and it's attractive but after a while you'll notice that its fees are high, it's closed source, and has no privacy.
hero member
Activity: 1554
Merit: 880
pxzone.online
August 03, 2023, 06:07:15 AM
#22
It is used as an email backup for recovery purposes. Using a non-custodial open source wallet is the most recommended one. No email required, no need to rely on the company/developers knowledge for recovery/installation, just your secured device for it to install and use.
Do you know this for a fact or is it an educated guess? Exodus is a closed-source wallet but it's non-custodial.
The bold part is my recommendation when using a wallet. I'm not saying it is what exodus is, in fact it's the opposite.

You control your keys, so what kind of sensitive information would they be storing and sending via email for recovery?
I don't know, it is sent to the user's email after creating a wallet, only if the user input an email for the recovery purpose[1]

[1] https://www.exodus.com/support/article/39-how-do-i-restore-from-email-backup#

legendary
Activity: 2730
Merit: 7065
August 03, 2023, 04:56:04 AM
#21
I relay the most on trustwallet.
Your choice of wallet isn't much better either. If you are using it as a multicoin mobile wallet, then ok. You don't really have many good alternatives. If you store bitcoins in it, then you could do much better.

It is used as an email backup for recovery purposes. Using a non-custodial open source wallet is the most recommended one. No email required, no need to rely on the company/developers knowledge for recovery/installation, just your secured device for it to install and use.
Do you know this for a fact or is it an educated guess? Exodus is a closed-source wallet but it's non-custodial. You control your keys, so what kind of sensitive information would they be storing and sending via email for recovery?

And the other thing at the end of this message is that they say that they can block the account of users who avoided doing what they sent them and seize all their funds. Exodus cannot, and nobody can't do this because Exodus Wallet does not store personal information, and any user has full control over his wallet and its security. "Your keys, your crypto"
In theory, yes, they shouldn't have any way to do that. But like with any other closed-source wallet, no one but the developers know.
legendary
Activity: 1848
Merit: 1982
Fully Regulated Crypto Casino
August 03, 2023, 04:07:52 AM
#20
Yes Exidos wallet is a non-custodial wallet so this email is meaningless, as long as you have control of your keys there is no fear.

Of course, trolls try to scare people who think that something may have happened to the wallet, so they may visit the phishing link out of curiosity to see what is going on.

But the point I would make in general is why people put their coins into a wallet that requires login or email or KYC or any of those things, the wallet should be fully decentralized.
legendary
Activity: 3416
Merit: 1225
August 02, 2023, 05:33:58 PM
#19
We've seen scammers using spoof emails they won't stop so I've stopped clicking links in emails. That's how malware spreads. I'll paste the link address to Tor only if I'm concerned or else I don't waste energy leaving it in the spam folder.

They've spoofed it with fake email I'm sure it isn't theirs it's a company brand they're stealing.
Even if they are sent to you from [email protected], you should be careful not to trust the links listed.
Only a centralized and custodial-based wallet, will send you an email about updates but you're not going to receive it when it's a non-custodial wallet, when I was using Exodus, all updates are on the wallet you'll get a notification within the wallet,

The only time I communicated with the Exodus team is when I faced an issue, after the issue on their third-party exchange I shifted to a more secure wallet and hardware wallet, they may have a lot of features and keeps adding more but their being A close source is something to worry about, you can use it for a fast transaction but never as storage.
sr. member
Activity: 728
Merit: 421
August 02, 2023, 03:47:17 PM
#18
It is unfortunate that newbies are the preys falling victim of these nefarious act by scammers. Since they are new to the system, they would be desperate coupled with fear of missing out and without  their consciousness get trapped in situations like this and before they can realise themselves, it's already late and the deed has been done.
One needs to be careful these days the way they open and click links because you clicking a link you have no idea about makes you curious to know about what you have clicked and in so doing that, you just might get hooked up in the process. Possibly if not access to your wallet, your details might be stolen through your saved password through your web browser.
Scammers are every where online looking for loopholes to carry out their dirty acts and as such, one needs to be careful. Avoid links you have no knowledge about and if you must click it do some research on it as it would cost you nothing to be on the safe side rather than being a victim.
Well done for this exposure OP.
full member
Activity: 896
Merit: 193
web developer for hire
August 02, 2023, 02:34:16 PM
#17
We've seen scammers using spoof emails they won't stop so I've stopped clicking links in emails. That's how malware spreads. I'll paste the link address to Tor only if I'm concerned or else I don't waste energy leaving it in the spam folder.

They've spoofed it with fake email I'm sure it isn't theirs it's a company brand they're stealing.
Even if they are sent to you from [email protected], you should be careful not to trust the links listed.
legendary
Activity: 2576
Merit: 1655
They've spoofed it with fake email I'm sure it isn't theirs it's a company brand they're stealing.
Even if they are sent to you from [email protected], you should be careful not to trust the links listed.


After news of Atomic wallet hack I wouldn't stop with Exodus wallet I'd advise eyes open before sending cryptocurrency to wallets.

I don't understand your point, you mean a closed source wallet correct? or just use an open source well reviewed wallet.
These wallets are an option for beginners because of the attractive UI, in addition to the paid articles, as if you search for keywords such as BEST BITCOIN WALLET, you will find many articles recommending you to use the Exodus wallet.

It's a closed source wallet, nevertheless if you have used Exodus before, you know that their fees are not fair as it is very high so that is another turn off for this wallet. As for the the emails, for sure it was harvested or could come from other hacks that is related to crypto and that's why people here are receiving such emails. In any case we should be aware that this is an obvious scam attempts and we shouldn't click any link from unknown sources.
hero member
Activity: 406
Merit: 443
They've spoofed it with fake email I'm sure it isn't theirs it's a company brand they're stealing.
Even if they are sent to you from [email protected], you should be careful not to trust the links listed.


After news of Atomic wallet hack I wouldn't stop with Exodus wallet I'd advise eyes open before sending cryptocurrency to wallets.

I don't understand your point, you mean a closed source wallet correct? or just use an open source well reviewed wallet.
These wallets are an option for beginners because of the attractive UI, in addition to the paid articles, as if you search for keywords such as BEST BITCOIN WALLET, you will find many articles recommending you to use the Exodus wallet.
full member
Activity: 896
Merit: 193
web developer for hire
It would be nice if you can tell us from which address this email came from.
They've spoofed it with fake email I'm sure it isn't theirs it's a company brand they're stealing. The link's to figsworld.com but the emails from "Exodus Support" <[email protected]>

Avoid Exodus wallet.
After news of Atomic wallet hack I wouldn't stop with Exodus wallet I'd advise eyes open before sending cryptocurrency to wallets.
hero member
Activity: 406
Merit: 443
The idea that there is a bulit in exchange within the platform and to the extent that it facilitates a lot of things, it is harmful for beginners as you send your money to a third party application that will freeze it according to the terms of use. The wallet is not responsible for any fraud that happens to you, in addition to the great damage to privacy and the possibility of being exposed to phishing attacks.
All this leads us to the idea that the wallet is closed source and has control over the synchronization of addresses, with the ease of cracking the PIN.

Here a blogger proves how hackers can easily extract the private key from Exodus wallet.

https://www.upsightsecurity.com/post/hot-wallets-during-crypto-winter



Avoid Exodus wallet.
hero member
Activity: 2212
Merit: 670
Signature designer - start @$10 - PM me!
I don't even understand why would a "wallet" collect users emails or names. Luckily I never used this exudes wallet. I relay the most on trustwallet.
It was the old backup method they used (before version 19.2.1)[1] seems to have been removed now.
Actually it doesn't matter if you are an exodus user or not, scammer spam attacks are usually sent randomly. And don't think that they couldn't possibly send you a similar email on behalf of Trustwallet if you ever reveal your email.

1. https://www.exodus.com/support/article/39-how-do-i-restore-from-email-backup
Pages:
Jump to: