|
Title: PSA: New electrum.org phishing attempt Post by: Wind_FURY on June 29, 2019, 07:55:23 AM Be careful electrum users/newbies. Scammers, hackers, and thieves are becoming more active because of the new Bitcoin rally.
You are all targets, especially newbies. https://twitter.com/electrumwallet/status/1144678604523147265?s=21 Quote Do you see that little fleck of dust under the domain name in the left screenshot? Actually not dust. Enable show_punycode in Firefox in order to avoid phishing URLs. https://pbs.twimg.com/media/D-K1VLCWkAQBEYu?format=png&name=900x900 Title: Re: PSA: New electrum.org phishing attempt Post by: dnpotter on June 29, 2019, 09:01:38 AM Thanks for the heads up.
Title: Re: PSA: New electrum.org phishing attempt Post by: hatshepsut93 on June 29, 2019, 11:00:17 AM Nice catch, and nice tip about Firefox!
Also, people really shouldn't be googling or clicking on some links to websites after their first visit - important sites should always be bookmarked and accessed with bookmark. Same goes for typing - autocomplete can lead to a fake site, or you can make a typo and get to hacker's site. And before visiting the site for the first time, always google search what the official site is, and check people's discussions first - never simply click on one of the results. Title: Re: PSA: New electrum.org phishing attempt Post by: jossiel on June 29, 2019, 10:02:11 PM I remember that there's also same character of that letter 'L' that has been used as Binance phishing site before. Thanks for the warning.
I see that there's also a post like this on Beginners and Help. Warning: Another Electrum phishing site (https://bitcointalk.org/index.php?topic=5159860.0) Title: Re: PSA: New electrum.org phishing attempt Post by: jerry0 on July 11, 2019, 12:38:25 AM How did you find that electrum site? Was it through google or electrum? Because if you type in manually yourself
www.electrum.org You should be fine right? Title: Re: PSA: New electrum.org phishing attempt Post by: nc50lc on July 11, 2019, 03:27:52 AM How did you find that electrum site? Was it through google or electrum? Because if you type in manually yourself Yes.www.electrum.org You should be fine right? FYI, the "eļectrum.org" is the ASCII version of punycode (https://en.wikipedia.org/wiki/Punycode): "xn--eectrum-9hb.org" <--- Warning: phishing site. It will be displayed as the latter if you're using Firefox with show_punycode enabled. Try to type the original url on the right box here: https://www.punycoder.com/ (https://www.punycoder.com/) then press "<<Convert to text" and it will be displayed as eļectrum.org. Title: Re: PSA: New electrum.org phishing attempt Post by: Artemis3 on July 30, 2019, 02:46:57 AM How did you find that electrum site? Was it through google or electrum? Because if you type in manually yourself www.electrum.org You should be fine right? This is fine but its not the end of the story. There is another possible attack vector by malware messing your dns or hosts file, so it might resolve electrum.org to a rogue phishing site. So no, not even that is safe enough (and actually searching it might give you the real IP address instead). I think the only way to be sure is doing the gpg signature check:
Title: Re: PSA: New electrum.org phishing attempt Post by: joniboini on July 30, 2019, 03:11:28 AM There is another possible attack vector by malware messing your dns or hosts file, so it might resolve electrum.org to a rogue phishing site. So no, not even that is safe enough (and actually searching it might give you the real IP address instead). Another way to solve this is to use a live OS to access the website, download the files and verify it. Installing anti-phishing malware might also help to prevent you accidentally access a punycode website, but of course, that won't work if your DNS was hijacked. |