Bitcoin Forum

That email you received was a phishing attempt to steal your mtgox user details.

mgtox. Cute.

This is why you should never access critical sites through a link in the mail, and why you should check the URL of critical sites. (Though they probably got your email from the DB leak which was mtgox's fault, so...)

http://data.motor-talk.de/data/galleries/0/73/9244/33609952/fuuuuuuu-8162741967659844985.png


Yeah... luckily I never reuse passwords...

Many users don't have the technical skills or desire to maintain and secure their own wallet.  Online services like this will always be necessary.

I would like to do an unofficial poll: How many users here also frequent 4chan? :D

(To any who don't get the reference - the above image is a very popular meme on the boards at 4chan.org).

(/thread hijack)

We try to push yubikey usage a lot, to avoid this. That's why we offered more than 1000 free yubikeys so far, and hope people understand that security is not that simple.

Wow, out of all people, if you fall for simple phishing emails, I believe that you need to reevaluate your stance on third parties taking care of your currencies specifically.  You should not be trusted with funds of any kind using a digital medium.

Yes, I realize this is not your fault. And usually I never click links in emails. However, I got this yesterday evening, I was tired and this caught me by surprise and did not look close enough.

Fortunately I am somewhat experienced in security and could prevent my e-mail and other accounts from being compromised. But just to be completely sure, I am now going to change all my passwords on all bitcoin related sites. (to a 20+ digit one!)

While I have none other to blame but me, this should still be a warning to everyone out there!
.

It's always easy to point fingers and troll like that. But mistakes happen and I fully admit my error. You should not feel so secure, you think you are an "expert" and something like this will NEVER happen to you, prepare for a rude awakening one day.

I'd also like to point out that I did in fact prevent any significant damage by using an intelligent password scheme!

But I guess you are just trolling...

How does the yubikey help in this case? I mean once the phishing site has the username, password and one yubikey code they can still login to the real mtgox.

That is simply not true.

You guessed wrong.  I do not claim to be an expert, I am giving you specifically pretty sound advice here.  Don't trust yourself when it comes to these emails claiming to be from Mt. Gox at all, if you know the situations surrounding Gox and still chose to check into that email, well 'they got ya!'

Be harder on yourself, change passwords often, use different passwords, don't click on links directly from emails, easy enough basic rules that if you aren't following, just bow yourself out at this point, because if the focus on security is coming down to you keeping an eye on your own wallet, well, see this thread for how that turns out when you can't follow basic rules (https://bitcointalk.org/index.php?topic=42041.0).

See this thread (https://bitcointalk.org/index.php?topic=34921.0) to get a clearer definition of the most misused word on these forums since "scammer"


Please, quit trying to troll Mt. Gox and those who enjoy third party wallet services here when clearly this is user error.

Heya m8, in order to keep from quoting little tidbits from each poster I will just reply to you here.

There is one glaring problem everyone has missed so far. Details:https://www.mgtox.com/users/blocked

  That is why we don't use links in emails. If you clicked there and put in your login details then the phisher's have it now.
EVERYONE that was on the orig leaked list should have chnaged their email they were using as well. And all others should take a little bit of time to learn about phishing in general and that it is most certainly not limited to Gox users being targets. Every bank, online financial site, stock site, etc etc has phising emails sent out to look like them in the hopes of someone not knowing to never clicky clicky in them. Check the header, check the links.(mouse over will show its usually differnt than what is displayed)

On a side note, it gives us another dirty Phishers DB to fill up with bogus info. ;p *whips out the 45GB user/pass dict and gets to work



Edit;  Just saw your edit. :/  Not your fault just gotta be more careful. Could we please change the title to reflect that this is 'New Phish email faking Mtgox Blocked User Alert'

/fixed.

The *real* reason why you shouldn't trust 3rd party wallets, including MtGox, is of course that at any moment in time, the host can decide to take off with your money and there's nothing you, or anyone else, can do against it.

I, of course, realize this. This incident was not a failure of awareness, it was a failure of attention!


I never claimed anything but.

Everyone noticed it, and I mentioned it explicitly.

So you did, *sips some more coffee*. If that had been a link I woulda clicked on it as I had not noticed you used the mgtox. *is ashamed at his poor observational skills*

It was a link. I did click.

Dame another hack of Mt. Gox
Message on my mail with account blocked at 3:15 Pm

My bitcoins seem to be stolen!
Please take imidiate action

Dear Febuz,

There has been a withdraw from your Mt.Gox account:

Transaction reference: 1e68bbc8-2a64-42ee-b11c-
ea4c62557a63
Date: 2011-09-07 14:06:28 GMT


Kind regards,
Edwin

Ayee :/  It happens. Were you able to log into the real MtGox site and change your password? If not contact Tux and ask him if he can lock the acct or help you recover it.

Get this thief! Mt. Gox you owe me these BTC... beware of lawsuits, security hacked again

Wed 07 Sep 2011 02:06:28 PM GMT    Withdraw    Bitcoin withdraw to 1B5enUXe6WAMKSXPRFZRbVLqbyM4eFY8So    0.08946000 BTC    0.00000000 BTC
Wed 07 Sep 2011 02:06:14 PM GMT    Fee    BTC bought: [tid:1315404374902777] 0.09000000 BTC at $6.91999 (0.6% fee)    0.00054000 BTC    0.08946000 BTC
Wed 07 Sep 2011 02:06:14 PM GMT    In    BTC bought: [tid:1315404374902777] 0.09000000 BTC at $6.91999    0.09000000 BTC    0.09000000 BTC
Wed 07 Sep 2011 02:05:40 PM GMT    Withdraw    Bitcoin withdraw to 15VQSCzhhfdgdDPsNt7y6aQCRA21LaZ8Kh    9.27910000 BTC    0.0000

If you fall for a phishing email and loose your funds how is that in any way shape or form mtgox's fault and why should they rectify your wrong doing?

Mail forwards to...
http://www.mtgax.tk/users/blocked

But bitcoins were stolen before I saw they phise for the password over there

MiningBuddy, I did not fall for phising.
My account was comprised without my intervention I was inactive with my account and on the market, thank you for your immidiate reaction. This seems to me as a serious hack my password was like hH49afr&*** complex but maybe not complex enough

[Querying whois.dot.tk]
[whois.dot.tk]
   
   Rights restricted by copyright. See
   http://www.dot.tk/en/pageF00.html

   Domain name:
      MTGAX.TK

   Organisation:
      BV Dot TK
      Dot TK administrator
      P.O. Box 11774
      1001 GT  Amsterdam
      Netherlands
      Phone: +31 20 5315725
      Fax: +31 20 5315721
      E-mail: abuse: abuse@dot.tk, copyright infringement: copyright@dot.tk

   Domain Nameservers:
      NS01.DOT.TK
      NS02.DOT.TK
      NS03.DOT.TK
      NS04.DOT.TK

Just send this message to take out this mtgax.tk account
--------------
Dear dot.tk administrator,

The account http://www.mtgax.tk/users/blocked
is currenlty used for Phising.
And is involved in theft of my money a few minutes ago.

Kind Regards,

they been fishing/scamming 2 weeks prior to this with www.mtgox.tk, you gotta watch your links better bro, or read the forums.

Oke, thank you, that explains could explain why, but.... Thanks brother. Though this pisses me off. And Mt.gox enabled this to happen, I have time enough to work this out and will find a legion to fight Mt.Gox opens space for better exchanges.

www.mtgox.com must have been comprised earlier otherwise they would not be able to phise for my password.
If this is true, mtgox is responsible
mtgox should have warned me about this incidence.
I never type something else as this site to log into my account.
I did not receive phishing mail.

so hmongotaku please take back your insinuation.

https://support.mtgox.com/forums/20232703-phishing-forum

Kind regards,

Only an idiot would fall in that scam

mgtox? rotfl

wake up people, if you are too idiot to use a computer, please stop using it.

True Gabi, fact stays that my BTC were robbed before i had taken any action.
I'm experienced with computers, Thank you.
Join me if you experienced a similar kind of theft, fuck the pishing scam.
 

Email from
info@mtgox.com via spb.docker.ru to me   
3:15 PM (2 hours ago)


   

Uh, actually, you claimed that this is a reason not to trust mtgox, so I call bullshit.

This is exactly why Flexcoin has a STRICT no links in e-mail policy.

If you get a link in an e-mail claiming to be from Flexcoin,  it's not legit.   We do not send out links in any e-mails.  Period.

Why Mt.Gox, Tradehilll and others didn't follow our lead is mind boggling.   Every bitcoin site should follow this policy as it completely removes the threat of phishing attacks as it's well known that our policy is no links, or images in e-mails.

Please read my posts (https://bitcointalk.org/index.php?topic=42041.msg511861#msg511861) before engaging in wild accusations.
.

Please read the titles of your posts before you post them:  "This is why you still shouldn't trust any 3rd party wallets. (Mt. Gox)"

I'd be even better if all you guys started OpenPGP-signing communications.  That makes it easy for people who care to verify the origin.

You think people who fall for mtgax.tk would verify open PGP signatures?

I don't know how to respond to this. You blame Gox for following a link to mgtox?

That's a valid point...

Or just read the title of the thread.

Trolling Gox still going on.  I didn't report your post, you can still be a better person and edit it yourself, otherwise your hating on Gox at this time, especially with personal commentary from Tux himself, super obvious at this point.  How long can this charade go on really.

That's too complicated for Grandma to use.  I am not sure about the Exchange's mission... but flexcoin's goal is to have widespread adoption of bitcoin's .. that means making it simple to use.   I doubt Grandma is going to be using OpenPGP ..

I also doubt Grandma will be using BTC. 99% of us are either geeks, or have everything managed by geeks. OpenPGP is a great way of authenticating, but so is the "no emails" policy. One obvious thing is there is only mtgox.com or etc. Just read the actual URL you are on, straight forward.

Well yes, Grandma isn't going to use OpenPGP, but she'll just ignore the sig.  Just like my mom, a grandma, does when I send her emails since I sign everything.  MagicalTux had a good point that someone who uses OpenPGP regularly probably wouldn't fall for a blatant phishing attempt.  But still, whenever I get an email about a security risk from an exchange, I currently need to double-check headers to verify it's validity.  It would be nice if I could let Enigmail do the work for me.

What The Fuck? I thought bitcoin users are pretty advanced users of technology, yet here we have multiple people fell for a simple phishing email. (btw I received the same phishing email today, laughed at it for a second, then threw it in the trash folder).

Grandma doesn't need to know she is using OpenPGP, anymore than she needs to know PayPal is using a Verisign extended validation SSL certificate. All she needs is the mail client to tell her "this message is legitimate" and the browser to tell her "this website is legitimate".

There's no Certified Advanced User of Technology (CAUT) training. People can be "advanced" and yet have gaps in knowledge in some areas, such as security. Also, even CAUTs with the necessary knowledge make mistakes.

Also, if people who are not advanced users of technology are using Bitcoin, that's a good thing.

lol great thread

~hover~

Bitmarket.eu requires email confirmation to change the BTC withdrawal address. I like this feature. Does anyone know why none of the other exchanges have it?

TRO...no wait... he's right.

Did I miss something? Wasn't this thread about MtGox phishing emails and countermeasures?  ::)

Matthew N. Wright, you should open a new thread to trash people individually. It's common practice here at the forums.

Yes, you say this right now, while you are fully aware. I've gotten 100s of similar spam e-mails over the years (fake ebay, fake paypal etc.) and always laughed them off.

The problem is I got this mtgox fake mail at a time I just got home from a long day at work (I work in manual labor!) and I wasn't at it 100%.

See, at any other point in time this wouldn't have happened. This just got me at the wrong time. Stupid, I know, but what can you do?
.

Due to breach of trust and gross negligence by Sirius and Theymos who recklessly transferred my private and personal data on this forum to a Japaneze company without my permission I am leaving this forum and deleting all my posts. Goodbye.

lol, oh my.  I always find the Flexcoin happening to find a way to promote in the worst situations for others sad, this is all new levels of Flexcoin sadness I never even checked into.



Quit being an ass and change the title of the thread to reflect the reality instead of singling out "Mt Gox" giving an impression that they did something here.  Quit trolling.   Forums have the ability to edit posts just for this reason and you seem to be straight up refusing to at this time.  Not sure why you called me a troll because all it did was make me notice how bad you are trolling and still are.  Every post you make and leave this initial one unchanged is nearly an attack, as at this point you have even acknowledged fault.

Can you point us to one of your posts where you warned people about this "obvious" risk in storing your bitcoins at mybitcoin (or MtGox, or TH for that matter)? If you can't than this was just another captain-hindsight post.

Due to breach of trust and gross negligence by Sirius and Theymos who recklessly transferred my private and personal data on this forum to a Japaneze company without my permission I am leaving this forum and deleting all my posts. Goodbye.

That is also in hindsight of someone getting his mybitcoin account compromised. Where have you been actively telling people NOT to use 3rd party wallets? Going "I told you so" only works if you actually told people so.

Matt,  seriously get off your high horse...  Troll somewhere else...   Lexicon theme was developed internally for the blogging side. We built it internally... I hope you understand that...  then of course we offered it on a theme site for additional revenue.  

The banking area is not based on wordpress.. but you wouldn't know that because you only know how to bash but not research?  The chances are you don't even have an account to be educated enough on how the system works.   So No your trashing isn't warranted...   not even close.

Whatever... I don't care much at all what you say.. we're building a service.. don't use it...  In fact it appears that most of your posts are attacking people personally..  I just happened to be the next one in line.  

If you must know, I found the title offensive because it's not all 3ed party wallets,  it was Mt.Gox that DIDN'T follow the proper procedure in my opinion (no links).

Start your own bitcoin business then...  hopefully I'll find your posts somewhere and bash you for kicks.


Actually I would like to start picking on you... after researching your posts it appears that the majorty of them are bashing and not contributing?   

Seriously are you EVER going to help the bitcoin community or just run around trolling?   Seriously Matthew N. Wright do you have anything to contribute?

I know man.. but I think that's the problem.  We have to widen the appeal of the technology to spread beyond us to reach sustainability. All the bitcoin services and the default client need to be easy to use and easy to understand.

There. You happy now?? What you wanna do me next? Bend over?!?! lol

/trololol

p.s. I aint gonna delete that post, gonna stay there for reference.

bye,
oOo

I recieve a mail about free yubikey yesterday, I thought it's another phishing mail at first. Thanks you very much!

Did you get my PM? I really need your help.