@Falconer, it can be a option if someone still wants to join in campaign that ask email. Or, the other option to asked campaign manager to hide the email column from public spreadsheet. Because we never know what happen with that email in the future. When member relogin to that email, and receive an email contains phishing/malware, it still have possibility to clicked unwanted link if he/she not aware with that email.
The target of scammers is to collect as many emails as possible from spreadsheets because the victims are targeted members of the world of cryptocurrency, I am also worried that the manager (bad reputation) is also part of the scammer and manages the bounty scam to collect data from campaign participants, then use the backup email option to not trapped in the black world. 
Topic: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) (Read 512 times)
June 04, 2020, 09:53:24 AM
@Falconer, it can be a option if someone still wants to join in campaign that ask email. Or, the other option to asked campaign manager to hide the email column from public spreadsheet. Because we never know what happen with that email in the future. When member relogin to that email, and receive an email contains phishing/malware, it still have possibility to clicked unwanted link if he/she not aware with that email.
June 04, 2020, 07:47:40 AM
And for you as hunters, maybe you can skip any campaign who asking your email to join, to prevent something bad come to you.
June 04, 2020, 03:03:23 AM
There is also another attempts recently, using puny code attack.
It was open by @Slow death, beware of https://login.xn--blockchan-2pba.com/#/login.
It was open by @Slow death, beware of https://login.xn--blockchan-2pba.com/#/login.
June 03, 2020, 10:11:30 AM
Actually, my email not registered on any bounty, I think they get my email from another case. Since I know if my email registered on the marketplace before and one of the biggest data breaches in Indonesia. Else, I agree with you @Maestro75 if BM not asking email for bounty participants anymore, because BM doesn't need it. And for you as hunters, maybe you can skip any campaign who asking your email to join, to prevent something bad come to you.
June 03, 2020, 04:07:15 AM
today I received an email in the name of blockchain.com. However, fortunately, I did not register my email to open an account at the service. So I know that this is a phishing/malware email. However, I have something to say here that the e-mail link on the e-mail I received does not use its own domain name. However, they chose to use public cloud storage, in this case, scammers use Google Docs services.
Here are the links and e-mail screenshots:
From this case, I want to remind all of the newbie or old members to re-check the link before clicking,
Here are the links and e-mail screenshots:
Code:
The link under view in wallet button: https://docs.google.com/document/pub?id=10zgWhYSe24D411WsXu9As1LdFhXG8d4-2r54M3DtKqM <-- DON'T OPEN THIS PAGE
VirusTotal status: https://www.virustotal.com/gui/url/11143bdb9b6f04a6d855f7d500df4921baba72642bf1600d68de8b6f3c57e2dd/detectionFrom this case, I want to remind all of the newbie or old members to re-check the link before clicking,
- check email sender,
- use capitalized text to make sure they are not using similar text.,
- don't trust documents from any strange person who shared a link from cloud storage,
- please use virus scanner before opening the link or ignore it.
November 14, 2019, 08:38:06 AM
Thanks for the heads up @masulum. These phishing attacks are becoming too rampant nowadays. They've gone from spamming phishing links in chat channels like Telegram and whatsapp groups, discord servers and now It's email. I'm not forget the constant phishing attacks in the replies of popular crypto users. Since there's no permanent solution, It's best to always apply caution when visiting external links. If there's one thing that I know, It's that ; if an opportunity or offer is too good to be true, that's because it probably is.
November 14, 2019, 06:45:31 AM
Another fake blockchain.com website. This website offers free Ethereum to users. The "LOL" thing on this website is, offer ETH but using Stellar Logo 
Website information:
Domain Name: ETHEREUM-BLOCKHAINE.COM
Registry Domain ID: 2454895476_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2019-11-13T20:00:15
Creation Date: 2019-11-13T19:55:26
Registrar Registration Expiration Date: 2020-11-13T19:55:26
Registrar: TUCOWS, INC.
Registrar IANA ID: 69
Be careful, re-check your domain address before login.
Website information:
Domain Name: ETHEREUM-BLOCKHAINE.COM
Registry Domain ID: 2454895476_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2019-11-13T20:00:15
Creation Date: 2019-11-13T19:55:26
Registrar Registration Expiration Date: 2020-11-13T19:55:26
Registrar: TUCOWS, INC.
Registrar IANA ID: 69
Code:
ethereum-blockhaine.com/
Be careful, re-check your domain address before login.
November 01, 2019, 07:54:48 PM
Its not enough to just check sender e-mail, there is software that can fake a real blockchain from sender name, but when you click on link it will reroute you to the fake site.
Best practice would be if you did not expect any mail, just remove it without opening. By just click open the spammer will know you took action and opened it, its called 1-pixel tracker and is used as a marketing technique. The sender will know your ip and date/tine of touching the mail.
/KX
Best practice would be if you did not expect any mail, just remove it without opening. By just click open the spammer will know you took action and opened it, its called 1-pixel tracker and is used as a marketing technique. The sender will know your ip and date/tine of touching the mail.
/KX
I know about domain spoofing to make phishing email sender address same as original sender. That can be very dangerous to member who not double checking content inside email.
Just removed without opening email, it's easy if (phishing target) email not registered to blockchain.com. But how about someone who get this email and also registered on blockchain.com, i think they will open that phishing email, and very possible to click anything inside content.
edit: typo
October 31, 2019, 01:06:01 PM
Please double check sender of the email you received.
This is indeed the first that must be done once we recieve an email. If the sender isn't someone we know, don't shut guard down. As much as possible if the email was from a stranger, ignore it or if you consider reading it, never click any links that are attached to it. People are getting to greedy and greedy as time goes by and tgey are willing to do anythung just to phish something from you. The site seems legit but is actually a fake, never trust the looks and make sure to get to know legitimate sites so you can distinguish which is fake and whixh is not.p"0" October 30, 2019, 04:29:06 AM
Quote
Original website:
https://blockchain.com or https://blockchain.info
Known original email:
[email protected]
[email protected][/size]
Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Its not enough to just check sender e-mail, there is software that can fake a real blockchain from sender name, but when you click on link it will reroute you to the fake site.https://blockchain.com or https://blockchain.info
Known original email:
[email protected]
[email protected][/size]
Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Best practice would be if you did not expect any mail, just remove it without opening. By just click open the spammer will know you took action and opened it, its called 1-pixel tracker and is used as a marketing technique. The sender will know your ip and date/tine of touching the mail.
/KX
October 29, 2019, 09:22:51 PM
I recently received similar thing directing me to fake Chainlink website...
but phishing website was chianlink.io not chainlink.io
I already mention your thread on another thread about phishing behind HTTPS address. You can read here Phishing attempts increase 400%, many malicious URLs found on trusted domains. That's good, Bitcointalk member very active to create a warning thread about phishing, malware and virus sites.
Thank you for your contribution to add info about Chainlink here
October 29, 2019, 07:09:01 PM
Thanks for reporting one more scammer phishing link attempt...
people need to always double check browsers url address and email sender address.
I recently received similar thing directing me to fake Chainlink website...
but phishing website was chianlink.io not chainlink.io
more info:
https://bitcointalksearch.org/topic/chainlink-phishing-scam-chianlinkio-5195454
people need to always double check browsers url address and email sender address.
I recently received similar thing directing me to fake Chainlink website...
but phishing website was chianlink.io not chainlink.io
more info:
https://bitcointalksearch.org/topic/chainlink-phishing-scam-chianlinkio-5195454
October 29, 2019, 06:13:58 PM
That makes sense, but GMail also scan email content before determine whether it's spam or not. AFAIK detecting email impersonation should be easy for google.
You might want to report the mail as spam/spam if you haven't, so GMail filtering will be better
You might want to report the mail as spam/spam if you haven't, so GMail filtering will be better
Thank you, Email has been reported to my email provider, in this case, I am using Yandex email service for custom domain. With few emails I have with the same domain, just that email received phishing mail. Maybe because I use this email to register on airdrop few years ago.
I dont know if Blockchain.com has and App for smartphones or mobiles too on the Googleplay platform.
But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes .
I look for it when i have the time maybe there is something i can find about that.
But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes .
I look for it when i have the time maybe there is something i can find about that.
Yes, blockchain.com has Android & iOS app: https://www.blockchain.com/wallet
October 29, 2019, 05:59:33 PM
I dont know if Blockchain.com has and App for smartphones or mobiles too on the Googleplay platform.
But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes .
I look for it when i have the time maybe there is something i can find about that.
But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes .
I look for it when i have the time maybe there is something i can find about that.
October 29, 2019, 05:13:15 PM
It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want!
Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
they will never stop because their brains are only filled with greed and laziness. the movements of people like them must be minimized. some time ago a scammer was arrested by my country's police, the mode is the same that is spreading malware in fake e-mail messages.Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
phenomena like this must continue to be broadcast because the memory of humans is limited.
I was wondering why do they still continue these kinds of illicit acts? Actually these email sources maybe be traced to its source through digital forensics but I think nobody will come after them and let them be indicted.
There should be some kind of international police like the Interpol to tackle this job and enforce the teeth of the law. After all, cyberlaws are already in effect to most parts of the world and all we need is an international cooperation among Governments to enforce it.
October 29, 2019, 01:58:31 PM
It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want!
Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
they will never stop because their brains are only filled with greed and laziness. the movements of people like them must be minimized. some time ago a scammer was arrested by my country's police, the mode is the same that is spreading malware in fake e-mail messages.Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
phenomena like this must continue to be broadcast because the memory of humans is limited.
October 29, 2019, 12:26:16 PM
This kind of email usually go straight to your spam folder, especially if you use GMail which have great spam detection.
Gmx is white listed email addrss i think. Because gmx is email hosting provider too. Maybe this is the reason why their email not marked as spam.
That makes sense, but GMail also scan email content before determine whether it's spam or not. AFAIK detecting email impersonation should be easy for google.
You might want to report the mail as spam/spam if you haven't, so GMail filtering will be better
October 29, 2019, 02:33:45 AM
It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want!
Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP.
October 29, 2019, 02:01:29 AM
Do we need a new thread if there's a new phishing email sent to our inbox?
I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place.
I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place.
Yes, it is always a good idea to remind people about this type of attack and to highlight the most recent ones that are doing the rounds.
People have a very short memory and they are bombarded with many different attacks, so a reminder will not hurt anyone. A good habit will always be not to "click" on any links that are provided in any email and to rather type the address of the websites and services you use on the Internet.
Thank you OP for reminding us.
October 29, 2019, 01:54:36 AM
thank you for this information is very valuable, in my opinion phishing is almost exactly the same as the original if people who want to log in do not see the url address of the website, my tips if you want to log on to the website first check the url or not, because it can we just login via phishing web
October 28, 2019, 11:29:15 PM
Nice catch masulum !
Thank you very muchGuess this will be not the only and last phishing clone for blockchain.com !
This phishing things getting bigger and bigger and they also getting smarter on how they doing it .
Always checking the webpage 2 times before you will enter the site.
Exacly, every day, someone will try new ways to get a victim. And I agree with you, to double check every URL inside action button, hyperlink in email, file sharing or hyperlink on website. This phishing things getting bigger and bigger and they also getting smarter on how they doing it .
Always checking the webpage 2 times before you will enter the site.
October 28, 2019, 11:10:07 PM
Nice catch masulum !
Guess this will be not the only and last phishing clone for blockchain.com !
This phishing things getting bigger and bigger and they also getting smarter on how they doing it .
Always checking the webpage 2 times before you will enter the site.
Guess this will be not the only and last phishing clone for blockchain.com !
This phishing things getting bigger and bigger and they also getting smarter on how they doing it .
Always checking the webpage 2 times before you will enter the site.
October 28, 2019, 10:53:00 PM
Hahaha the email part was a real redflag... seems like some cheap ass scammer who is using a personal email service
You could also add that people should keep a keen eye on the email address sending the message
Some Known official Email addresses from blockchain wallet's support are;
You could also add that people should keep a keen eye on the email address sending the message
Some Known official Email addresses from blockchain wallet's support are;
Code:
Sadly, as lazy as this scam was, it will inevitably make some money,
October 28, 2019, 10:02:57 PM
Do we need a new thread if there's a new phishing email sent to our inbox?
I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place.
I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place.
October 28, 2019, 06:53:40 PM
Blockchain.com aka Blockchain.info have a lot of problems.
When we go to Web Wallets board, We will be funded about 95% problem, scamming, phishing about that site.
When we go to Web Wallets board, We will be funded about 95% problem, scamming, phishing about that site.
October 28, 2019, 04:31:46 PM
This kind of email usually go straight to your spam folder, especially if you use GMail which have great spam detection.
Gmx is white listed email addrss i think. Because gmx is email hosting provider too. Maybe this is the reason why their email not marked as spam.
-snip-
Thank you, i will add this 
October 28, 2019, 01:59:19 PM
Hahaha the email part was a real redflag... seems like some cheap ass scammer who is using a personal email service
You could also add that people should keep a keen eye on the email address sending the message
Some Known official Email addresses from blockchain wallet's support are;
You could also add that people should keep a keen eye on the email address sending the message
Some Known official Email addresses from blockchain wallet's support are;
Code:
October 28, 2019, 01:58:19 PM
The look of this site is exactly the same as the original only a different domain, scamers have now done everything to fool many people, at this time I don't receive emails like that, but I will be vigilant and be careful when viewing domains.
This fake website could trick and fool so many crypto enthusiasts especially beginners. Beginners aren't really familiar with the site so they are probably the ones that have a high risk of falling into these traps. Good thing this was posted here so people, again, especially the beginners could take note and be warned of this one. Scammers are doing everything just to collect information through phishing and use it for executing other schemes like identity theft or stealing assets, so beginners or the so-called newbies, be cautious, y'all has been warned. October 28, 2019, 01:45:26 PM
The look of this site is exactly the same as the original only a different domain, scamers have now done everything to fool many people, at this time I don't receive emails like that, but I will be vigilant and be careful when viewing domains.
October 28, 2019, 12:37:58 PM
Please double check sender of the email you received. Here is another Blockchain.com email clone I have received today.
Email sender:
If you are clicking this email, you will redirect to
_____________________________________
Login page of this website (checking using Sandboxie):
_____________________________________
Domain information:
biockchaine.com
Domain lookup:
Original website:
https://blockchain.com or https://blockchain.info
Known original email:
[email protected]
[email protected]
Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Email sender:
Code:
If you are clicking this email, you will redirect to
_____________________________________
Code:
https://biockchaine.com/en/btc/tx/c603dae6d270849a11bd2e4b0469066282052b498264dea131e86069/
Login page of this website (checking using Sandboxie):
_____________________________________
Domain information:
biockchaine.com
Domain lookup:
Code:
Domain Name: biockchaine.com
Registry Domain ID: 2429545862_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.registrar.eu
Registrar URL: http://www.registrar.eu
Updated Date: 2019-09-03T18:25:04Z
Creation Date: 2019-09-03T13:01:45Z
Registrar Registration Expiration Date: 2020-09-03T13:01:45Z
Registrar: Hosting Concepts B.V. d/b/a Openprovider
Registrar IANA ID: 1647
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +31.104482297
Original website:
https://blockchain.com or https://blockchain.info
Known original email:
[email protected]
[email protected]
Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Jump to: