It is easy for newbies to fall for this phishing scam.
This is just one reason why Firefox browser is much better than chrome browser, because Firefox is showing exact punny codes
Code:
https://xn--polniex-v2c.com/
Topic: {Warning}: Poloniex Phishing Website (Read 189 times)
It is easy for newbies to fall for this phishing scam.
This is just one reason why Firefox browser is much better than chrome browser, because Firefox is showing exact punny codes
Phising sites like this trick a lot of people because they use almost the same domain name and only have different signs in a few letters.
The template used is the same and makes no difference. if we are tricked into entering a username and password then we are in a trap.
Usually phishing website links like this are spread via Email or on Telegram with a message stating that you won a Bitcoin prize which can be withdrawn immediately. Must be more careful with phishing websites like this.
The template used is the same and makes no difference. if we are tricked into entering a username and password then we are in a trap.
Usually phishing website links like this are spread via Email or on Telegram with a message stating that you won a Bitcoin prize which can be withdrawn immediately. Must be more careful with phishing websites like this.
Another phishing site. Just how many actually are like these in the internet?
So sad that hackers or scammers had done their best too to scam other people being creative enough to make replicate the original site or a hacking program that could record important details of crypto wallet. It may be difficult to deal this fake sites but as long as everyone will keep an awareness to this then it can minimize the possible number of getting phished out of this phishing site. Just always do share and report this kind of activities.
So sad that hackers or scammers had done their best too to scam other people being creative enough to make replicate the original site or a hacking program that could record important details of crypto wallet. It may be difficult to deal this fake sites but as long as everyone will keep an awareness to this then it can minimize the possible number of getting phished out of this phishing site. Just always do share and report this kind of activities.
There is a phishing Poloniex website:
Code:
PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com
xn--polniex-v2c.com
Shouldn't this be moved to Scam Accusations board? This kind of thread fits there more than in here. I know this is just a warning for the beginners, but Poloniex are for trading (which SA is a sub-board of Trading Disc), and most traders or even warnings such this are better be reside on the Scam Acc board. Better move this, it is the newbie/beginner's initiative to take a look on that board as well..
Enough said, as plvbob0070 had mentioned, Poloniex already had this feature to detect if a site with their name is legit or not. It was a problem back then as many had been phishing people with fake Poloniex websites after the platform had its popularity in trading industry.
The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
Honestly, you made a valid point in your submission here. Sometimes I wonder why sites with same sounding names are allowed on similar domain as it is highly deceitful. It's the same way we have bitcointalk.org and bitcointalk.com. Even now, I am quite sure not many noticed the missing "e" in the bolded polonix above. A lot of people are too hasty to crosscheck sites they visit from the url which is the simplest service they can avail themselves. I think doing what tranthidungFor crypto newbies, they must visit coinmarketcap.com or coingecko.com or both to check info and get links of exchanges.
suggested here. That's how I have been tackling new sites too.
Try to check the URL carefully, and you can clearly see that there’s a diacritic on the letters which you won’t find on their legitimate website. We should be aware that it can be considered as a red flag, and scammers used it to confuse the users. Fortunately, Poloniex has compiled lists of their websites, social media sites, and apps to help their users avoid such incidents.
Reference:
Reference:
Code:
https://support.poloniex.com/hc/en-us/articles/360041708873-How-to-identify-legitimate-Poloniex-websites-social-media-profiles-and-communications
This has become common some years ago, but what keeps me wondering are domain providers, they ought not to allow some domain names to be used after a similar legit company has taken it. There was one we discussed previously which is a phishing site that is mimicking/similar to atomic wallet. And this type here in question is the one that resemble polonix. Also are another that steal monero from victims recently. I think there should be something that can be done against this fake and scam phishing sites before they are using the site for malicious activities.
Also, people need to learn about this scam methods, it is not something hard at all to learn, from the look of the above phishing website, I can easily conclud they are actually scamming. The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
And about the domain creation date, this has been a very powerful tools to professionals to conclud that the site can belong to a scammer, but some scammers are still very patient to make use of old domain name websites that has been inactive for years but in rear cases.
Also, people need to learn about this scam methods, it is not something hard at all to learn, from the look of the above phishing website, I can easily conclud they are actually scamming. The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
And about the domain creation date, this has been a very powerful tools to professionals to conclud that the site can belong to a scammer, but some scammers are still very patient to make use of old domain name websites that has been inactive for years but in rear cases.
Normally, this type of phishing sites leave plenty of links working, pointing to the original site, but have a fake login page to grab your credentials. Here, all the links (at least all those I tried) redirect you to the login page. When you provide the credentials, it (presumably) traps them, and redirects you to the original Poloniex site, trying to make it look that there was a glitch, and that you needed to provide the credentials again to gain access. If you do, you’d enter your Poloniex account, and may not even have given it a second thought.
I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.
The original domain name cannot be duplicated exactly as it is already created, but variations to the characters can be added to make it different but it would yet look very similar to the original website. This phishing website can then be spammed on various platforms or sent through email attacks and unsuspecting users can click on it. Scammers also copy the code of the original website to make the layout of the fake one look very similar, but they would include their tweaks to it which would help them retrieve sensitive information like login details, private keys etcetera.There has been many cases of such phishing website getting on results of search engines like Google, so always double check and triple check websites you visit.
Hey! thanks for the heads up, I have done reporting this URL to Google. I got confused with the way these scammers have set up this URL. I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.
Done reporting the phishing site.
Can you fix the code with the phishing link at the beginning? The fake website isn't that long and can be on a single line. I almost reported poloniexdotcom instead of poloniexdotcom/xn--polniex-v2c.com
Can you fix the code with the phishing link at the beginning? The fake website isn't that long and can be on a single line. I almost reported poloniexdotcom instead of poloniexdotcom/xn--polniex-v2c.com
Scammers who own that phishing site use a very old method (Personally I see phishing sites that aim at Poloniex in 2017 when the exchange was the hottest in crypto before it slipped behind Bittrex, then Binance).
I am thankful for you to report it and bring the scam method here so that I think it is a good time to re-read Punycode and how to protect yourself from Homograph Phishing attacks?
For exchanges, to be safe:
What to do to avoid phishing sites
[LEARN] Phishing Quizzes - Beginners & Experts
I am thankful for you to report it and bring the scam method here so that I think it is a good time to re-read Punycode and how to protect yourself from Homograph Phishing attacks?
For exchanges, to be safe:
- Bookmark domain addresses
- Make your own sheets to save domain addresses (for double checks)
- Use third-party coin market websites, ie. coinmarketcap.com or coingecko.com (for tripple checks)
What to do to avoid phishing sites
[LEARN] Phishing Quizzes - Beginners & Experts
There is a phishing Poloniex website:
Visually pleasing and really looks like the original and real https://www.poloniex.com/.
But if you are going to magnify the website name, these cyber criminals are using what we call Homograph or Cyrillic attack
.
The website was created last month.
I already reported this to namecheap:
https://whois.domaintools.com/xn--polniex-v2c.com
And also to Google's https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Code:
PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com
xn--polniex-v2c.com
Visually pleasing and really looks like the original and real https://www.poloniex.com/.
But if you are going to magnify the website name, these cyber criminals are using what we call Homograph or Cyrillic attack
.The website was created last month.
I already reported this to namecheap:
https://whois.domaintools.com/xn--polniex-v2c.com
Code:
General Information
Ticket ID #TBZ-974-82258
Type Issue
Priority High
Subject: Phishing site:https://polȯniex.com/
Ticket ID #TBZ-974-82258
Type Issue
Priority High
Subject: Phishing site:https://polȯniex.com/
And also to Google's https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Jump to: