Title: Mt Gox email spoof...don't fall for it Post by: jork on March 30, 2013, 06:31:41 PM Just received a very well done spoof email asking me to "re-verify my account" at Mt Gox because I used a VPN to access it. Don't fall for it! It sends you to a non-mtgox IP address that is a very well done copy of the real one. To test it I entered bogus account info and would you believe it! I got confirmed! I'm sure they'll get access to some accounts with this...It looks very authentic.
Here's the text of the spoof... From: "Mt.Gox"<info@mtgox.com> Date: March 30, 2013, 1:39:08 PM EDT Subject: [Mt.Gox] Account Verification. Reply-To: <info@mtgox.com> Dear User, We stated when you registered an account with us that accessing your account via the Tor network and/or public proxies can lead to a temporary suspension of your account, and having to submit AML documents to us. You are recieving this e-mail because we suspect you of accessing your account via the Tor network and/or public proxies. To prevent your account from being suspended you are now required to verify your account you must do this from your home network, without the use of the Tor network and/or public proxies. Click here to begin the verification process. http://188.190.99.224/user-panel/ Best regards, Mt.Gox team info@mtgox.com Title: Re: Mt Gox email spoof...don't fall for it Post by: jackjack on March 30, 2013, 06:37:41 PM Down
Title: Re: Mt Gox email spoof...don't fall for it Post by: spunit262 on March 30, 2013, 06:49:42 PM Down It's up for me, just have to click though my browsers big red phishing warning.Title: Re: Mt Gox email spoof...don't fall for it Post by: mufa23 on March 30, 2013, 06:59:40 PM But you received the email from "info@mtgox.com"? It's that an actual MtGox email account?
Title: Re: Mt Gox email spoof...don't fall for it Post by: Tamerz on March 30, 2013, 07:12:02 PM I got the same email and just came on to post this. It is spoofed from info@mtgox.com but the verification link points to a fishing site instead of the real one.
Title: Re: Mt Gox email spoof...don't fall for it Post by: jork on March 30, 2013, 07:13:48 PM It's very easy to spoof the "from:" address of an email.
Title: Re: Mt Gox email spoof...don't fall for it Post by: nimda on March 30, 2013, 07:45:25 PM Can you post the full email headers?
Title: Re: Mt Gox email spoof...don't fall for it Post by: GernMiester on March 30, 2013, 08:08:51 PM That old leaked list rearing its ugly head again..
Title: Re: Mt Gox email spoof...don't fall for it Post by: Tamerz on March 30, 2013, 08:17:52 PM Can you post the full email headers? Code: x-store-info:8Rlnjmxvy6L6cXs23gz/9HW3P3dIQ3IM1LzSJUtLUc4yN+HKAcM7JKKiY+saelOcD955T9yOw8f7HRE94ouZY2wNCjK2IqFhg0CuxfbbOdhQ8+gRAm/8reg8Ou22/6FEiD1MkCrNqVI= Title: Re: Mt Gox email spoof...don't fall for it Post by: Meizirkki on March 30, 2013, 08:24:12 PM Let's piss off the attackers and everyone fill in random wrong info :D
Title: Re: Mt Gox email spoof...don't fall for it Post by: zvs on March 30, 2013, 08:41:50 PM yeah, i filled it in
username: yomommashouse password: :o i didnt check to see what javascript was on there, but mine is disabled Title: Re: Mt Gox email spoof...don't fall for it Post by: Lethn on March 30, 2013, 08:58:24 PM It's good you're warning people but phew it amazes me the scams and such Bitcoin people are falling for these days lol >_> it should be common knowledge now that all these companies already have your details and can do whatever they need to do right from their own computers.
Title: Re: Mt Gox email spoof...don't fall for it Post by: nimda on March 30, 2013, 09:44:21 PM Can you post the full email headers? Code: [Some headers] Title: Re: Mt Gox email spoof...don't fall for it Post by: WiW on March 31, 2013, 01:15:21 PM Quote Reported Phishing Website Ahead! Google Chrome has blocked access to 188.190.99.224. This website has been reported as a phishing website. Phishing websites are designed to trick you into disclosing your login, password or other sensitive information by disguising themselves as other websites you may trust. Besides, the fact that the address it's pointing you to is an IP address and not mtgox.com should set off your alarms before you even click it, if the email alone is not enough... Title: Re: Mt Gox email spoof...don't fall for it Post by: Amitabh S on March 31, 2013, 05:11:44 PM Whois:
IP : 188.190.99.224 Neighborhood Host : tradz.infium.net Not OK Country : Ukraine Location: http://www.infosniper.net/index.php?ip_address=188.190.99.224&map_source=1&overview_map=1&lang=1&map_type=1&zoom_level=7 Title: Re: Mt Gox email spoof...don't fall for it Post by: jp on March 31, 2013, 06:09:23 PM So if you just visit the base of the site: 188.190.99.224 and click "view source", you find something interesting:
Code: <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js" type="text/javascript"></script> Title: Re: Mt Gox email spoof...don't fall for it Post by: jp on March 31, 2013, 06:10:18 PM Notice derek.andersons@hotmail.com? No one could really be that dumb, could they?
|