Bitcoin Forum

Economy => Scam Accusations => Topic started by: jtoomim on January 20, 2014, 05:47:27 AM



Title: TehoM attempted a Bitrated email spear-phishing scam
Post by: jtoomim on January 20, 2014, 05:47:27 AM
https://bitcointalk.org/index.php?topic=419491.0

This thread was cleaned and locked by TehoM. It was an offer for a sale of a November Jupiter from Australia.

Early on, he asked to hurry, since he claimed to need to leave in 30 minutes, and also claimed to have another buyer trying to buy. This struck an alarm bell, since scammers like to make people think they're rushed so that they spend more time sending money and less time thinking about things. But I humored him. The seller offered to do escrow with Bitrated, and allowed me to choose the arbitrator, and wrote the Terms of Agreement himself. After I agreed to his wording of the terms of agreement to him over email, I got this message from "transactions@bitrated.com":




 

Transaction ID: 000012309
Arbitrator: arbitcoin

for

 

TehoM (Thom Mayne)
&
[redacted - jtoomim]

 

 

====BEGIN TERMS OF AGREEMENT====

 

Thom Mayne (thomjmayne@yahoo.com)
[redacted - jtoomim] ([redacted - email address])

 

TehoM will ship the Jupiter to:
[redacted - address]
[redacted - address]
[redacted - address]

 
Shipment is to be made within 48 hours of payment into bitrated using an express courier
service such as FedEx Priority International or DHL Express or UPS Worldwide Saver.
Payment is 8 bitcoins. Shipping and handling is free.
 
The item to be sold is a November batch KNCMiner Jupiter with 4 working modules,
hashing at approximately 670 Gh/s.
 
Refund address for jtoomim: [redacted]
Payment address for TehoM: 1NbMYa9sNv85TFCEhF51dpR6Zfzzg2ya6w
 

====END TERMS OF AGREEMENT====

 

Instructions for the buyer:

Ensure the Terms of Agreement are accurate and true
Release 7.5 Bitcoin to the following address:
1J1bSi1jw5j5Jm8oPpzu3SXJFp3bJTAELg
You will receive an e-mail with a link that provides status updates for this transaction as well as
contact information for the arbitrator (please give this e-mail 5-10 minutes to arrive).
Instructions for the seller:

Once funds are received you will be notified by e-mail to proceed with the
shipping of the KnC Jupiter
Once the multi-sig wallet is funded, you will receive a link to a status page to track this transaction.
Bitrated is open source, under the MIT License - Please do not reply to this e-mail
Security · Terms · Privacy · About · Contact



I noticed the difference between 7.5 BTC and 8 BTC in that email, and asked him if he would be okay with 7.5 BTC. He said 7.5 BTC would be fine. (WTF?) I also noticed that I had no proof that the email was really from Bitrated, and that that address could be anything, so I logged into bitrated and tried to create a transaction myself, and noticed that it didn't send any emails or even ask for an email address. So I didn't give him anything, and called him on his BS. He then stopped answering messages.

DO NOT send money to any address listed in an email purporting to be from Bitrated or any other agency. Emails are not secure and are easy to spoof.


Title: Re: TehoM attempted a Bitrated email spear-phishing scam
Post by: crashoveride54902 on January 20, 2014, 10:11:59 PM
i can vouch for this...guess i can say goodbye to 7.5btc FML :( never used bitrated so i didn't know how it worked...well 3rd scams a charm right? i should be good for life now right?


Title: Re: TehoM attempted a Bitrated email spear-phishing scam
Post by: shesek on January 20, 2014, 11:48:53 PM
Ouch. I'm very sorry to hear that, crashoveride. It appears like you were indeed scammed. Its just awful that people are using a service like Bitrated as a tool to scam people, where it should serve for the exact opposite purpose.

Just to make it clear - using Bitrated requires using the interface to generate a key pair, and users should only ever pay to the multisig address shown on the website after they created/joined a transaction and accepted the terms. Bitrated doesn't ever send emails (especially not with payment addresses), nor it has any numerical identifier for transaction IDs.

I'm going to add a warning in Bitrated about this, though I'm a bit doubtful that it'll help much - with that scam, the primary interaction users have with "Bitrated" is via the spoofed email, I'm not sure they'll take the time to go over the website and learn how Bitrated should work.

I will also setup DKIM (http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) and SPF (http://en.wikipedia.org/wiki/Sender_Policy_Framework) on our mail servers, to make it harder to spoof emails from our domain for users that have an email client who supports that.

Edit: I also created a post on r/bitcoin (http://www.reddit.com/r/Bitcoin/comments/1vpxvx/psa_scammers_are_sending_spoofed_emails_from/) to warn users about this.


Title: Re: TehoM attempted a Bitrated email spear-phishing scam
Post by: crashoveride54902 on January 21, 2014, 12:26:24 AM
And I'll offer half of the 7.5 btc i was scammed if anyone can help me track down this guy and recover it :)


Title: Re: TehoM attempted a Bitrated email spear-phishing scam
Post by: omegaflare on January 21, 2014, 05:12:42 AM
I'll do it. Give me time and I will get it done.