|
Title: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: masulum on October 28, 2019, 05:37:58 PM Please double check sender of the email you received. Here is another Blockchain.com email clone I have received today.
Email sender: Code: erickqq20her@gmx.com https://i.ibb.co/tJcyzcb/image.png (https://ibb.co/jrG7zGL) If you are clicking this email, you will redirect to _____________________________________ Code: https://biockchaine.com/en/btc/tx/c603dae6d270849a11bd2e4b0469066282052b498264dea131e86069/ Login page of this website (checking using Sandboxie): _____________________________________ https://i.ibb.co/JFNDZd1/image.png (https://ibb.co/DgN0dbJ) Domain information: biockchaine.com Domain lookup: Code: Domain Name: biockchaine.com Original website: https://blockchain.com or https://blockchain.info Known original email: noreply@blockchain.com no-reply@blockchain.info Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: kolonel_x on October 28, 2019, 06:45:26 PM The look of this site is exactly the same as the original only a different domain, scamers have now done everything to fool many people, at this time I don't receive emails like that, but I will be vigilant and be careful when viewing domains.
Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: panganib999 on October 28, 2019, 06:58:19 PM The look of this site is exactly the same as the original only a different domain, scamers have now done everything to fool many people, at this time I don't receive emails like that, but I will be vigilant and be careful when viewing domains. This fake website could trick and fool so many crypto enthusiasts especially beginners. Beginners aren't really familiar with the site so they are probably the ones that have a high risk of falling into these traps. Good thing this was posted here so people, again, especially the beginners could take note and be warned of this one. Scammers are doing everything just to collect information through phishing and use it for executing other schemes like identity theft or stealing assets, so beginners or the so-called newbies, be cautious, y'all has been warned.Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: JeromeTash on October 28, 2019, 06:59:19 PM Hahaha the email part was a real redflag... seems like some cheap ass scammer who is using a personal email service ;D
You could also add that people should keep a keen eye on the email address sending the message Some Known official Email addresses from blockchain wallet's support are; Code: noreply@blockchain.com Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on October 28, 2019, 09:31:46 PM This kind of email usually go straight to your spam folder, especially if you use GMail which have great spam detection. Gmx is white listed email addrss i think. Because gmx is email hosting provider too. Maybe this is the reason why their email not marked as spam. -snip- Thank you, i will add thisTitle: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Chikito on October 28, 2019, 11:53:40 PM Blockchain.com aka Blockchain.info have a lot of problems.
When we go to Web Wallets (https://bitcointalk.org/index.php?board=222.0) board, We will be funded about 95% problem, scamming, phishing about that site. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: joniboini on October 29, 2019, 03:02:57 AM Do we need a new thread if there's a new phishing email sent to our inbox?
I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Rmcdermott927 on October 29, 2019, 03:53:00 AM Hahaha the email part was a real redflag... seems like some cheap ass scammer who is using a personal email service ;D You could also add that people should keep a keen eye on the email address sending the message Some Known official Email addresses from blockchain wallet's support are; Code: noreply@blockchain.com Sadly, as lazy as this scam was, it will inevitably make some money, Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Lafu on October 29, 2019, 04:10:07 AM Nice catch masulum !
Guess this will be not the only and last phishing clone for blockchain.com ! This phishing things getting bigger and bigger and they also getting smarter on how they doing it . Always checking the webpage 2 times before you will enter the site. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on October 29, 2019, 04:29:15 AM Nice catch masulum ! Thank you very muchGuess this will be not the only and last phishing clone for blockchain.com ! Exacly, every day, someone will try new ways to get a victim. And I agree with you, to double check every URL inside action button, hyperlink in email, file sharing or hyperlink on website.This phishing things getting bigger and bigger and they also getting smarter on how they doing it . Always checking the webpage 2 times before you will enter the site. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: erickastella on October 29, 2019, 06:54:36 AM thank you for this information is very valuable, in my opinion phishing is almost exactly the same as the original if people who want to log in do not see the url address of the website, my tips if you want to log on to the website first check the url or not, because it can we just login via phishing web
Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Kakmakr on October 29, 2019, 07:01:29 AM Do we need a new thread if there's a new phishing email sent to our inbox? I know the purpose is good, but if anyone has at least a little security awareness, then they won't even bother to check the suspicious link in the first place. Yes, it is always a good idea to remind people about this type of attack and to highlight the most recent ones that are doing the rounds. ;) People have a very short memory and they are bombarded with many different attacks, so a reminder will not hurt anyone. A good habit will always be not to "click" on any links that are provided in any email and to rather type the address of the websites and services you use on the Internet. <Also do not use the auto complete feature, because hackers have even exploited that in the past> Thank you OP for reminding us. ;) Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: lobat999 on October 29, 2019, 07:33:45 AM It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want! :)
Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP. :) Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: ABCbits on October 29, 2019, 05:26:16 PM This kind of email usually go straight to your spam folder, especially if you use GMail which have great spam detection. Gmx is white listed email addrss i think. Because gmx is email hosting provider too. Maybe this is the reason why their email not marked as spam. That makes sense, but GMail also scan email content before determine whether it's spam or not. AFAIK detecting email impersonation should be easy for google. You might want to report the mail as spam/spam if you haven't, so GMail filtering will be better Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Sirait on October 29, 2019, 06:58:31 PM It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want! :) they will never stop because their brains are only filled with greed and laziness. the movements of people like them must be minimized. some time ago a scammer was arrested by my country's police, the mode is the same that is spreading malware in fake e-mail messages.Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP. :) phenomena like this must continue to be broadcast because the memory of humans is limited. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: lobat999 on October 29, 2019, 10:13:15 PM It seems these people who are into phishing modus operandi will stop at nothing, even if they have to clone all the crypto related sites just to get what they want! :) they will never stop because their brains are only filled with greed and laziness. the movements of people like them must be minimized. some time ago a scammer was arrested by my country's police, the mode is the same that is spreading malware in fake e-mail messages.Thankfully people nowadays are very well aware of this kinds of phishing emails because the crypto-community are helping each other give mass awareness about this kinds of evil and shameless acts. Great job OP. :) phenomena like this must continue to be broadcast because the memory of humans is limited. I was wondering why do they still continue these kinds of illicit acts? Actually these email sources maybe be traced to its source through digital forensics but I think nobody will come after them and let them be indicted. There should be some kind of international police like the Interpol to tackle this job and enforce the teeth of the law. After all, cyberlaws are already in effect to most parts of the world and all we need is an international cooperation among Governments to enforce it. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: Lafu on October 29, 2019, 10:59:33 PM I dont know if Blockchain.com has and App for smartphones or mobiles too on the Googleplay platform.
But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes . I look for it when i have the time maybe there is something i can find about that. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on October 29, 2019, 11:13:58 PM That makes sense, but GMail also scan email content before determine whether it's spam or not. AFAIK detecting email impersonation should be easy for google. You might want to report the mail as spam/spam if you haven't, so GMail filtering will be better Thank you, Email has been reported to my email provider, in this case, I am using Yandex email service for custom domain. With few emails I have with the same domain, just that email received phishing mail. Maybe because I use this email to register on airdrop few years ago. I dont know if Blockchain.com has and App for smartphones or mobiles too on the Googleplay platform. But if they have one too maybe watch out if you use or install that too there are the same phishing apps as Webpages sometimes . I look for it when i have the time maybe there is something i can find about that. Yes, blockchain.com has Android & iOS app: https://www.blockchain.com/wallet Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: dkbit98 on October 30, 2019, 12:09:01 AM Thanks for reporting one more scammer phishing link attempt...
people need to always double check browsers url address and email sender address. I recently received similar thing directing me to fake Chainlink website... but phishing website was chianlink.io not chainlink.io more info: https://bitcointalk.org/index.php?topic=5195454 Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on October 30, 2019, 02:22:51 AM <snip> I recently received similar thing directing me to fake Chainlink website... but phishing website was chianlink.io not chainlink.io <snip> I already mention your thread on another thread about phishing behind HTTPS address. You can read here Phishing attempts increase 400%, many malicious URLs found on trusted domains (https://bitcointalk.org/index.php?topic=5078786.msg52857487#msg52857487). That's good, Bitcointalk member very active to create a warning thread about phishing, malware and virus sites. Thank you for your contribution to add info about Chainlink here :) Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: keychainX on October 30, 2019, 09:29:06 AM Quote Original website: Its not enough to just check sender e-mail, there is software that can fake a real blockchain from sender name, but when you click on link it will reroute you to the fake site.https://blockchain.com or https://blockchain.info Known original email: noreply@blockchain.com no-reply@blockchain.info[/size] Updates: Some thread must read by newbies or anyone that doesn't care about phishing before:
Best practice would be if you did not expect any mail, just remove it without opening. By just click open the spammer will know you took action and opened it, its called 1-pixel tracker and is used as a marketing technique. The sender will know your ip and date/tine of touching the mail. /KX Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: panganib999 on October 31, 2019, 06:06:01 PM Please double check sender of the email you received. This is indeed the first that must be done once we recieve an email. If the sender isn't someone we know, don't shut guard down. As much as possible if the email was from a stranger, ignore it or if you consider reading it, never click any links that are attached to it. People are getting to greedy and greedy as time goes by and tgey are willing to do anythung just to phish something from you. The site seems legit but is actually a fake, never trust the looks and make sure to get to know legitimate sites so you can distinguish which is fake and whixh is not.p"0"Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on November 02, 2019, 12:54:48 AM Its not enough to just check sender e-mail, there is software that can fake a real blockchain from sender name, but when you click on link it will reroute you to the fake site. Best practice would be if you did not expect any mail, just remove it without opening. By just click open the spammer will know you took action and opened it, its called 1-pixel tracker and is used as a marketing technique. The sender will know your ip and date/tine of touching the mail. /KX I know about domain spoofing to make phishing email sender address same as original sender. That can be very dangerous to member who not double checking content inside email. Just removed without opening email, it's easy if (phishing target) email not registered to blockchain.com. But how about someone who get this email and also registered on blockchain.com, i think they will open that phishing email, and very possible to click anything inside content. edit: typo Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: masulum on November 14, 2019, 11:45:31 AM Another fake blockchain.com website. This website offers free Ethereum to users. The "LOL" thing on this website is, offer ETH but using Stellar Logo ;D
https://i.ibb.co/vXwHP62/image.png Website information: Domain Name: ETHEREUM-BLOCKHAINE.COM Registry Domain ID: 2454895476_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://tucowsdomains.com Updated Date: 2019-11-13T20:00:15 Creation Date: 2019-11-13T19:55:26 Registrar Registration Expiration Date: 2020-11-13T19:55:26 Registrar: TUCOWS, INC. Registrar IANA ID: 69 Code: ethereum-blockhaine.com/ Be careful, re-check your domain address before login. Title: Re: [WARNING] Blockchain.com Clone - PHISING Post by: nelson4lov on November 14, 2019, 01:38:06 PM Thanks for the heads up @masulum. These phishing attacks are becoming too rampant nowadays. They've gone from spamming phishing links in chat channels like Telegram and whatsapp groups, discord servers and now It's email. I'm not forget the constant phishing attacks in the replies of popular crypto users. Since there's no permanent solution, It's best to always apply caution when visiting external links. If there's one thing that I know, It's that ; if an opportunity or offer is too good to be true, that's because it probably is.
Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Form Malware) Post by: masulum on June 03, 2020, 09:07:15 AM today I received an email in the name of blockchain.com. However, fortunately, I did not register my email to open an account at the service. So I know that this is a phishing/malware email. However, I have something to say here that the e-mail link on the e-mail I received does not use its own domain name. However, they chose to use public cloud storage, in this case, scammers use Google Docs services.
Here are the links and e-mail screenshots: https://i.postimg.cc/cJg9FhbC/92736506-1591173573-0-8965482.jpg Code: The link under view in wallet button: https://docs.google.com/document/pub?id=10zgWhYSe24D411WsXu9As1LdFhXG8d4-2r54M3DtKqM <-- DON'T OPEN THIS PAGE From this case, I want to remind all of the newbie or old members to re-check the link before clicking,
Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: masulum on June 03, 2020, 03:11:30 PM Actually, my email not registered on any bounty, I think they get my email from another case. Since I know if my email registered on the marketplace before and one of the biggest data breaches in Indonesia. Else, I agree with you @Maestro75 if BM not asking email for bounty participants anymore, because BM doesn't need it. And for you as hunters, maybe you can skip any campaign who asking your email to join, to prevent something bad come to you.
Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: Yaunfitda on June 04, 2020, 08:03:23 AM There is also another attempts recently, using puny code attack.
It was open by @Slow death, beware of https://login.xn--blockchan-2pba.com/#/login (https://bitcointalk.org/index.php?topic=5252858.0). Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: Falconer on June 04, 2020, 12:47:40 PM <skip> You have to prepare a backup email for that, no need to pass it because we don't know if the campaign has good potential and protects our identity. Several campaigns previously requested email and KYC verification, most participants avoided it and in the end, they had passed potential tokens that have been listed on the top exchange.And for you as hunters, maybe you can skip any campaign who asking your email to join, to prevent something bad come to you. Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: masulum on June 04, 2020, 02:53:24 PM @Falconer, it can be a option if someone still wants to join in campaign that ask email. Or, the other option to asked campaign manager to hide the email column from public spreadsheet. Because we never know what happen with that email in the future. When member relogin to that email, and receive an email contains phishing/malware, it still have possibility to clicked unwanted link if he/she not aware with that email.
Title: Re: [UPDATES] Blockchain.com Clone - PHISHING (New: Google Docs Malware) Post by: Falconer on June 05, 2020, 05:34:16 AM @Falconer, it can be a option if someone still wants to join in campaign that ask email. Or, the other option to asked campaign manager to hide the email column from public spreadsheet. Because we never know what happen with that email in the future. When member relogin to that email, and receive an email contains phishing/malware, it still have possibility to clicked unwanted link if he/she not aware with that email. The target of scammers is to collect as many emails as possible from spreadsheets because the victims are targeted members of the world of cryptocurrency, I am also worried that the manager (bad reputation) is also part of the scammer and manages the bounty scam to collect data from campaign participants, then use the backup email option to not trapped in the black world. |
