|
Title: [List] Phishing Cryptocurrency Site Post by: Chikito on October 30, 2019, 01:50:14 AM Updated 16 December 2021
New Phishing Phishing Trust Wallet (https://bitcointalk.org/index.php?topic=5197078.msg58736402#msg58736402) Old Post (#post_OldPost) Old Post - Fake Optimism.io website (https://bitcointalk.org/index.php?topic=5197078.msg58145136#msg58145136) - Chipmixer.com.mx Phishing (https://bitcointalk.org/index.php?topic=5197078.msg58134708#msg58134708) - Shiba INU Phishing Site (https://bitcointalk.org/index.php?topic=5197078.msg58120123#msg58120123) - Fake Facebook Ethereum Giveaway (https://bitcointalk.org/index.php?topic=5197078.msg58112442#msg58112442) - Chipminxer Phishing (https://bitcointalk.org/index.php?topic=5197078.msg57960450#msg57960450) - Phishing axie infinity website (https://bitcointalk.org/index.php?topic=5197078.msg57924379#msg57924379) - Metamask Site Phishing (https://bitcointalk.org/index.php?topic=5197078.msg57860033#msg57860033) - Phishing chipmixẹr.com (https://bitcointalk.org/index.php?topic=5197078.msg57526063#msg57526063) - Phishing exodus.ac wallet (https://bitcointalk.org/index.php?topic=5197078.msg57341057#msg57341057) - Phishing pancakeswap.cheap (https://bitcointalk.org/index.php?topic=5197078.msg57228372#msg57228372) - Phishing Chipmixer on Review Website (https://bitcointalk.org/index.php?topic=5197078.msg57134374#msg57134374) - Fake Give Away 1inch.gift (https://bitcointalk.org/index.php?topic=5197078.msg57065996#msg57065996) - Phishing Walletconnection.org (https://bitcointalk.org/index.php?topic=5197078.msg57028918#msg57028918) - Phishing uniswap-meta Wallet (https://bitcointalk.org/index.php?topic=5197078.msg56971168#msg56971168) - Wilder World Fake Public Sale (https://bitcointalk.org/index.php?topic=5197078.msg56959035#msg56959035) - Fake Chipmixer.co.uk (chipmixkd2wgbqoy.onion) (https://bitcointalk.org/index.php?topic=5197078.msg56915159#msg56915159) - Phishing Exodus Wallet (https://bitcointalk.org/index.php?topic=5197078.msg56878021#msg56878021) - Phishing Myetherwallet (https://bitcointalk.org/index.php?topic=5197078.msg56823944#msg56823944) - FAKE Trezor Wallet (https://bitcointalk.org/index.php?topic=5197078.msg56753512#msg56753512) - Fake Electrum Wallet (https://bitcointalk.org/index.php?topic=5197078.msg56715520#msg56715520) - Scam walletinterlink.com (https://bitcointalk.org/index.php?topic=5197078.msg56634179#msg56634179) - Web Phishing Trezor (https://bitcointalk.org/index.php?topic=5197078.msg56574709#msg56574709) - Fake Myetherwallet and Uniswap (https://bitcointalk.org/index.php?topic=5197078.msg56563943#msg56563943) - Scam/Phishing validatewebwallets.online (https://bitcointalk.org/index.php?topic=5197078.msg56231180#msg56231180) - Phishing BestChange (bestchainge.club) (https://bitcointalk.org/index.php?topic=5197078.msg56187917#msg56187917) - Fake Exodus wallet (https://bitcointalk.org/index.php?topic=5197078.msg56172723#msg56172723) - Fake walletconnect.org (https://bitcointalk.org/index.php?topic=5197078.msg56045916#msg56045916) - Fake Uniswap (uinswop) (https://bitcointalk.org/index.php?topic=5197078.msg56045916#msg56045916) - Phishing Paxful Exchange (https://bitcointalk.org/index.php?topic=5197078.msg55966096#msg55966096) - Fake Elon Musk giveaway (https://bitcointalk.org/index.php?topic=5197078.msg55942863#msg55942863) - Fake Mycelium wallet on Android (https://bitcointalk.org/index.php?topic=5197078.msg55938106#msg55938106) - Phishing Uniswap (https://bitcointalk.org/index.php?topic=5197078.msg55919582#msg55919582) - Fake Binance Airdrop (https://bitcointalk.org/index.php?topic=5197078.msg55885129#msg55885129) - Phishing [coingecko.pro exchange] (https://bitcointalk.org/index.php?topic=5197078.msg55830601#msg55830601) - [uni-airdrop.org and bit2x.uno] (https://bitcointalk.org/index.php?topic=5197078.msg55575326#msg55575326) - [https://elonmuskxpro.com/] (https://bitcointalk.org/index.php?topic=5197078.msg55558012#msg55558012) - [https://money-tesla.com/] (https://bitcointalk.org/index.php?topic=5197078.msg55549582#msg55549582) - [https://uniswap.eth.link/] (https://bitcointalk.org/index.php?topic=5197078.msg55524597#msg55524597) - [Fake musk-coins.com] (https://bitcointalk.org/index.php?topic=5197078.msg55521033#msg55521033) - [Chipmixer Onion Link] (https://bitcointalk.org/index.php?topic=5197078.msg55477539#msg55477539) - [uni-drop.com] (https://bitcointalk.org/index.php?topic=5197078.msg55406283#msg55406283) - [uniswcp.org and justswapv2.com] (https://bitcointalk.org/index.php?topic=5197078.msg55363889#msg55363889) - [binancezh.com and uniswapz.org] (https://bitcointalk.org/index.php?topic=5197078.msg55356965#msg55356965) - Unireward and Unii.finance (https://bitcointalk.org/index.php?topic=5197078.msg55350870#msg55350870) - coin-ex.ru and besetchange.ru (https://bitcointalk.org/index.php?topic=5197078.msg55330698#msg55330698) - Uniswap.ug and https://socialbtc.org/ (https://bitcointalk.org/index.php?topic=5197078.msg55318706#msg55318706) - https://uniswapv.com/ (https://bitcointalk.org/index.php?topic=5197078.msg55277384#msg55277384) - https://ripplelab.in (https://bitcointalk.org/index.php?topic=5197078.msg55197020#msg55197020) - https://bledner.io/ (https://bitcointalk.org/index.php?topic=5197078.msg55172445#msg55172445) - http://drop-eth.org/ (https://bitcointalk.org/index.php?topic=5197078.msg55159333#msg55159333) - https://binancefound.com/ (https://bitcointalk.org/index.php?topic=5197078.msg55133155#msg55133155) - exiodus.com (https://bitcointalk.org/index.php?topic=5197078.msg55123034#msg55123034) - https://bin-crypto.com/ (https://bitcointalk.org/index.php?topic=5197078.msg55120529#msg55120529) - https://supportbnb.com/ (https://bitcointalk.org/index.php?topic=5197078.msg55077478#msg55077478) - https://vitalikbb.top/ (https://bitcointalk.org/index.php?topic=5197078.msg55073045#msg55073045) - https://autopoolcrypto.com/ (https://bitcointalk.org/index.php?topic=5197078.msg55040744#msg55040744) - https://spacex-btc.biz/ (https://bitcointalk.org/index.php?topic=5197078.msg55010837#msg55010837) - https://myetherwallet.com-to-the-access.com/index.php? (https://bitcointalk.org/index.php?topic=5197078.msg54978285#msg54978285) - https://tslahelp.me/ (https://bitcointalk.org/index.php?topic=5197078.msg54976820#msg54976820) - https://2ethereum.org/ (https://bitcointalk.org/index.php?topic=5197078.msg54959631#msg54959631) - http://Giveaway.is (https://bitcointalk.org/index.php?topic=5197078.msg54940926#msg54940926) - https://muskx.co/ (https://bitcointalk.org/index.php?topic=5197078.msg54911406#msg54911406) - https://elonpromo.org/ (https://bitcointalk.org/index.php?topic=5197078.msg54910438#msg54910438) - https://guadra.com (https://bitcointalk.org/index.php?topic=5197078.msg54716002#msg54716002) - https://clowallet.network/ (https://bitcointalk.org/index.php?topic=5197078.msg54686263#msg54686263) - http://paxfuloffers.com/ (https://bitcointalk.org/index.php?topic=5197078.msg54672997#msg54672997) - https://myfusionwallet.net/ (https://bitcointalk.org/index.php?topic=5197078.msg54655623#msg54655623) - http://jaxxx.io/ (https://bitcointalk.org/index.php?topic=5197078.msg54632917#msg54632917) - www.chambtc.us (https://bitcointalk.org/index.php?topic=5197078.msg54451730#msg54451730) - http://ethventure.com/ (https://bitcointalk.org/index.php?topic=5197078.msg54205188#msg54205188) - http://bitcoin-barcode-generator.com/ (https://bitcointalk.org/index.php?topic=5197078.msg54075510#msg54075510) - https://bitcoinelon.com/ (https://bitcointalk.org/index.php?topic=5197078.msg54067713#msg54067713) - blendér.io (https://bitcointalk.org/index.php?topic=5197078.msg53927238#msg53927238) - https://donaldcrypto.com/ (https://bitcointalk.org/index.php?topic=5197078.msg53820146#msg53820146) - https://www.free-ether.com/ (https://bitcointalk.org/index.php?topic=5197078.msg53809916#msg53809916) - smatmixer.io (https://bitcointalk.org/index.php?topic=5197078.msg53734558#msg53734558) - https://lrezor.io/ (https://bitcointalk.org/index.php?topic=5197078.msg53661184#msg53661184) - https://eth-giveout.com/ (https://bitcointalk.org/index.php?topic=5197078.msg53490881#msg53490881) - www.treezor.io (https://bitcointalk.org/index.php?topic=5197078.msg53144770#msg53144770) - http://muetherewallet.com/ (https://bitcointalk.org/index.php?topic=5197078.msg53092292#msg53092292) - https://exmo.me/ (https://bitcointalk.org/index.php?topic=5197078.msg53080066#msg53080066) - locabicoins.net (https://bitcointalk.org/index.php?topic=5197078.msg52996068#msg52996068) - btnance.org (https://bitcointalk.org/index.php?topic=5197078.msg52957323#msg52957323) - monnero.org (https://bitcointalk.org/index.php?topic=5197078.msg52922655#msg52922655) Beginners and newbie should be careful about the phishing website. A lot of Scammers out there used a fake website to steal your Bitcoin and Cryptocurrency. Read 5 Ways to Identify a Phishing Website (https://www.metacompliance.com/blog/5-ways-to-identify-a-phishing-website/) and Read [GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto (https://bitcointalk.org/index.php?topic=5122515) On this thread, I want to share what we found out there. For Example 1. Phishing exodus website: //exodlus.io https://i.ibb.co/z7w72nT/888.png When scanning virus total has warned: https://www.virustotal.com/gui/url/8bb6a4ef386b9c29d2cc00509aa3a44ec7d7dbf792f057074ad0ec471d8611e9/detection BitDefender-Phishing Flagged Ip address 185.212.130.65 Related IP (https://www.virustotal.com/gui/ip-address/185.212.130.65/relations) 2. Fake electrum site : electum.org https://i.ibb.co/K7Hhs2J/electrum.png Title: Re: [Warning] Phising Exodus Website [exodlus.io] Post by: yazher on October 30, 2019, 02:14:48 AM Be careful to beginner and newbie checking twice before doing something The site looks legit when you first see it, Thankfully we have this thing called "virus total" who can scan sites that used for phishing. We to be careful about logging in on some wallets website Address. these are prone to this kind of attack. I saw someone who is nearly scam by this method. He got an offer from some unknown user, and they gave them a look-alike of their exchange site. then he was asked for his log-in exchange ID. Thankfully he was quick to manage to figure out that the site was not real and it was indeed a phishing site. Just like this one. Title: Re: [Warning] Phising Exodus, Electrum, Bitcoincore.Litecoin Website Post by: Chikito on October 30, 2019, 02:56:32 AM I see that IP address related to localbitcoinis.net (https://bitcointalk.org/index.php?topic=5196898.msg52916039#msg52916039)
Code: 2019-10-30-exodlus.io Still same Flagged Ip address 185.212.130.65 (https://www.virustotal.com/gui/ip-address/185.212.130.65/relations) This Quote guimlner.org minergate.ru.com monnero.org Fake : guimlner.org https://i.ibb.co/znhHvkH/guiminer.png Fake : minergate.ru.com https://i.ibb.co/VxfQ6vx/minergate.png Fake: monnero.org https://i.ibb.co/qrdVc3v/monero.png Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: Krislaw on October 30, 2019, 11:33:55 AM Quote https://www.electum.org/#download Clicked Standalone Executable and windows installerhttps://download.electrum.org/3.3.8/electrum-3.3.8.exe https://download.electrum.org/3.3.8/electrum-3.3.8-setup.exe is it direct to a true site? Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: barnes13 on October 30, 2019, 11:44:46 AM Quote https://www.electum.org/#download Clicked Standalone Executable and windows installerhttps://download.electrum.org/3.3.8/electrum-3.3.8.exe https://download.electrum.org/3.3.8/electrum-3.3.8-setup.exe is it direct to a true site? Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: Lucius on October 30, 2019, 11:50:10 AM From Russia with love and desire for you coins :o
What anyone can do is report these pages on the following link : https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en With more reports sites will be blocked in most browsers (Chrome&Firefox), and also by some security software. It is the most effective way to protect all those who could become potential victims, and it takes just a few minutes of your time. I did my part, let's block them as soon as possible. Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: Chikito on October 30, 2019, 12:06:14 PM I think that he can now use the original link and in the future, the link can turn into a program that he has inserted a virus in? Maybe Next when a lot of people trust fake site Scammer prepares to inject a virus, Fake electrum looks clean from virus atm. When looking at fake exodus site I found a lot of phishing https://www.virustotal.com/gui/url/8bb6a4ef386b9c29d2cc00509aa3a44ec7d7dbf792f057074ad0ec471d8611e9/detection Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: barnes13 on October 30, 2019, 12:33:24 PM <…> If the fake website directs the download link to the electrum original site, what benefits can he get from this? Do you think that the crime he committed hasn't been perfect? I think that he can now use the original link and in the future the link can turn into a program that he has inserted a virus in? The download links do not point to the original proper files (at least not now). Both download options (windows and Mac OS) point to the same file, which is already detected as a phishing file: https://www.virustotal.com/gui/url/96eb2fe1512ef9c7b08b13b6b4f7e1f01671f122c572188978775379741165ce/detection Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: JeromeTash on October 30, 2019, 12:39:18 PM If the fake website from Exodus I can clearly see they put phishing on the program, but have you seen the fake website from Electrum? The link to download the file provided is exactly the same as the one on the original Electrum website: https://www.virustotal.com/gui/url/ba31287b8adf984730d6ff37f414e165d61dac7f3cb226b967d48262931fab48/detection There is a also a possibility that they are still updating their website. If you look at the domain information, the domain is newly registered. Perhaps they are still planning to include their malicious files soon.It's good that OP discovered the phishing sites very early. Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: DdmrDdmr on October 30, 2019, 12:50:25 PM <...> Yes, you're right. I just did a side by side comparison on all the links and they all seem to be original so far. It’s likely that they created the page ahead of the development as @JeromeTash suggests, and were discovered sooner that they expected. Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: barnes13 on October 30, 2019, 03:51:55 PM Maybe I want to give some advice to you if you find a site like that, we can report it via Google or Yahoo.
The steps to report it through Google are very easy: Step 1: Go to page: https://safebrowsing.google.com/safebrowsing/report_badware/ Step 2: Write the URL that is suspected as fake or scam website Step 3: You can write additional details about the website and explain it in the space provided Step 4: Click "submit report" and Google will investigate it. Steps to report via Yahoo you can see it by visiting this link: https://safety.yahoo.com/MY/Security/REPORTING-SECURITY-ISSUES-MY.html Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: Lafu on October 30, 2019, 08:40:13 PM Looks like there is now again some wave of phishing sites like it was last year at some point .
Always read the Name in the adress field and check it a few times before you enter or connect to the webpage , Wallet or anything ! Also check a few times what you downloading or doing when you have to insert your password and Login details . I cant say it often enough ! Check everything 2 times or more when you Login in something specialy when money or crypto is involved ! Its your money and Coins Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: Chikito on October 31, 2019, 01:02:58 AM https://safebrowsing.google.com/safebrowsing/report_badware/ When we look at the history Scammer always changes the domain. https://safety.yahoo.com/MY/Security/REPORTING-SECURITY-ISSUES-MY.html Scammer always changes it into another fake website. I am ready to report that IP address here https://www.abuseipdb.com/ Still, don't know what the best place to report IP address like your both link Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: notblox1 on October 31, 2019, 01:31:22 AM Thanks for warning us!
Looks like this is some kind of bad Russian only version of exodus phishing. I reported it also...so let's hope they will take it down soon. Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: erickastella on October 31, 2019, 08:23:13 AM thank you very much my brother with this I can avoid phishing very much, I am very helped by this post, thank you very much for sharing the information my friend
I also have a suggestion that there is an antivirus called ESET antivirus which is very powerful because it can detect phishing and other websites. Title: Re: [Warning] Phising Cryptocurrency Website Post by: Chikito on October 31, 2019, 01:16:06 PM Found Fake MyEtherwallet: myetherewallet.info
Code: Domain Name: WWW-MYETHEREWALLET.INFO https://www.virustotal.com/gui/url/c214a72e293e3f54dd2af812cf1f53c19656a4a61c9cc4436963204483ee2d89/detection https://i.ibb.co/pX7grXL/eth.png Related with: https://www.virustotal.com/gui/ip-address/194.58.112.174/relations Code: myelherewallut.com Title: Re: [Warning] Phising Cryptocurrency Website Post by: SabrinaCane on October 31, 2019, 03:37:25 PM OHMYDAYS thanks for the warning! I have just had a call from this number that offered to sell me bitcoin and told me to go to this webpage!! I told him I had to check it over first and give him a call back and stumbled across this https://scam-numbers.co.uk/Number/0031858888229/ (https://scam-numbers.co.uk/Number/0031858888229/) and also this post so thanks guys! Seems to be a scam for sure! If anyone can point me in the direction of a legitimate seller that would be grand! Thanks, Sabrina x
Title: Re: [Warning] Phising Exodus, Electrum, Bitcoin core,Litecoin Website Post by: panganib999 on October 31, 2019, 05:54:04 PM I think that he can now use the original link and in the future, the link can turn into a program that he has inserted a virus in? Maybe Next when a lot of people trust fake site Scammer prepares to inject a virus, Fake electrum looks clean from virus atm. When looking at fake exodus site I found a lot of phishing https://www.virustotal.com/gui/url/8bb6a4ef386b9c29d2cc00509aa3a44ec7d7dbf792f057074ad0ec471d8611e9/detection Title: Re: [Warning] Phising Cryptocurrency Website Post by: Bightening on October 31, 2019, 10:37:53 PM OHMYDAYS thanks for the warning! I have just had a call from this number that offered to sell me bitcoin and told me to go to this webpage!! I told him I had to check it over first and give him a call back and stumbled across this https://scam-numbers.co.uk/Number/0031858888229/ (https://scam-numbers.co.uk/Number/0031858888229/) and also this post so thanks guys! Seems to be a scam for sure! If anyone can point me in the direction of a legitimate seller that would be grand! Thanks, Sabrina x There’re a good number of exchanges that would sell you bitcoins. I don’t know your country/region, or your payment option, so can’t help. Phishing tricks keep getting better. Every internet user should keep that information in mind every time you use the internet, most especially when it comes to finances and privacy. I’m working on a thread that explains more details on phishing tricks forum users like btt are liable to, and should be aware of. Title: Re: [Warning] Phising Cryptocurrency Website Post by: Casdinyard on November 01, 2019, 03:24:51 AM OHMYDAYS thanks for the warning! I have just had a call from this number that offered to sell me bitcoin and told me to go to this webpage!! I told him I had to check it over first and give him a call back and stumbled across this https://scam-numbers.co.uk/Number/0031858888229/ (https://scam-numbers.co.uk/Number/0031858888229/) and also this post so thanks guys! Seems to be a scam for sure! If anyone can point me in the direction of a legitimate seller that would be grand! Thanks, Sabrina x If you prefer to buy on your local, head on here. https://localbitcoins.com/ But you can buy more conveniently on exchange sites sich as binance and bittrex and other reputed sites. You can create your account here. https://www.binance.com/m-register.html https://global.bittrex.com/account/register Good thing you didn't easily believe on those cold callers. Next time be careful where you sign up such as giving your personal information since cold callers use this to keep bothering you. Title: Re: [Warning] Phising Cryptocurrency Website Post by: Chikito on November 01, 2019, 06:20:00 AM Be careful of this :
fake MyEtherWallet: https[:]//myetherwallet-extra-bonuses.000webhostapp.com/access-my-wallet/ reported. https://i.ibb.co/WFdXfkF/343.png Code: Domain Name: 000WEBHOSTAPP.COM Title: Re: [Warning] Phising Cryptocurrency Website Post by: Wysi on November 01, 2019, 09:44:25 AM Be careful of this : fake MyEtherWallet: https[:]//myetherwallet-extra-bonuses.000webhostapp.com/access-my-wallet/ reported. https://i.ibb.co/WFdXfkF/343.png Code: Domain Name: 000WEBHOSTAPP.COM These hackers an go to any extend in order to cheat people. Thank you so much for bringing this to our notice as this will help most of the newbies and those users who are rarely uses MEW. MEW is doing it's part by asking us to double check the URL link before we enter any details. We need to be more cautious as these hackers might come up with same tactics for other exchanges as well. Title: Re: [Warning] Phising Cryptocurrency Website Post by: Chikito on November 01, 2019, 01:12:43 PM Found another LocalBitcoins Phising site
Fake: localbcoin.com https://i.ibb.co/q7dSJKV/local-bitcoin.png Scanned by Virustotal https://www.virustotal.com/gui/url/98ec2e650058b3d527d441a7d8d614ea77d32335b83aebeac78f98c0cbe7c007/detection https://i.ibb.co/7bcXCdd/phising.png Code: Domain Name: LOCALBCOIN.COM Be Aware newbie should double-check before sign in Title: Re: [Warning] Phising Cryptocurrency Website Post by: Lucius on November 01, 2019, 03:00:09 PM I check all links posted by OP, and only last for fake LB is blocked by Chrome as a dangerous site, all other sites are still fully accessible and pose a threat to uninformed users. More reports will help to change the situation and to do that just report all links to: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Title: Re: [Warning] Phising Cryptocurrency Website Post by: Chikito on November 02, 2019, 11:44:27 AM I check all links posted by OP, and only last for fake LB is blocked by Chrome as a dangerous site, all other sites are still fully accessible and pose a threat to uninformed users. More reports will help to change the situation and to do that just report all links to: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en I did the report. Maybe google support team have a weekend.And today found fake binance dex: btnance.org https://i.ibb.co/QPN8Kp5/bi.png https://www.virustotal.com/gui/url/2d98a050dc1ce3d617da8d4a59f253147f51b3d7dd837e06506b7f449da732b4/detection Title: Re: [Warning] Phising Cryptocurrency Website Post by: masulum on November 02, 2019, 04:15:53 PM @OP to avoid any accident unwanted clicking any suspicious website, maybe you can edit link and make it un-clickable, or better to use code tag. Sometimes when visiting this forum using mobile phone, it's very possible to make unwanted clicking content.
Thank you, and good job to make any phishing website related to crypto in one place. Title: Re: [Warning] Phising Cryptocurrency Website Post by: Casdinyard on November 03, 2019, 10:04:08 AM @OP to avoid any accident unwanted clicking any suspicious website, maybe you can edit link and make it un-clickable, or better to use code tag. Or don't put the link anymore and besides there's already an image of the fake site. Just to be more safe, I mean some are not really mindful. Btw, already reported the sites. Thanks for the heads up. Keep it up. Title: Re: [Warning] Phising Cryptocurrency Website Post by: panganib999 on November 03, 2019, 02:53:49 PM Phishing exodus wallet site: https://exodlus.io Woah. It seems legit that it won't give you any doubts and red flags about joining and using it. These criminals are really getting smarter and smarter as they try to develop and make more phishing and scamming sites. This is why beginners, it is essential if you take vigilance seriously and take it with you all through out your journey here in crypto space. This thread would be very helpful to raise awareness for beginners. Also always avoid impulsively clicking links from unknown sources you could avoid click baits.original here: https://exodus.io/ Look screenshot here ; https://i.ibb.co/z7w72nT/888.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 04, 2019, 04:13:00 AM Phishing exodus wallet site: Found another fake exodus : Code: //exodlus.io Code: //exodlus.com https://www.virustotal.com/gui/url/0b7e767c5b2ee3a3a69e4c84711609fef7d842fc2da926a3e63e4081f9ff02d3/detection Scanned and nothing virus on site What the different? Let's check domain information Fake - Domain EXODLUS.COM info Code: Domain name: EXODLUS.COM Fake - Domain EXODLUS.IO info Code: Domain Name: EXODLUS.IO Real Exodus.io Info Code: Domain Name: EXODUS.IO The newbie must be careful about giveaway like this site: Code: //freebtceth.com Those aren't given away BTC and ETH, you will get the virus and scammed. https://www.virustotal.com/gui/url/ad081ab0ad668b09021d22fbc91ce363c57b924bb1f25ea9ceacd59c83762030/detection https://www.virustotal.com/gui/url/eb5e8d1cd0d0e6b364a80f08a9cae10b4bfe012de46425b7e740bff2cc75fb9d/detection https://www.virustotal.com/gui/url/eed4f52ce1ad8da6f40e6f2cd34f49bc0e3728403112c38645da87682dbe2ae2/detection Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 06, 2019, 04:39:01 AM >>> Help me to report IP address: 185.212.130.65 because always make the phishing site
https://www.virustotal.com/gui/ip-address/185.212.130.65/relations Code: 2019-11-06-exodlus.io https://i.ibb.co/xJ3dJrG/atomic.png Scammer every day makes phishing like atomicwalet.com, locaibitcolns.com, litecoln.org, exodlus.io, etc. I did report and need more people here to report those IP. Thanks. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: ~Money~ on November 07, 2019, 10:56:51 AM >>> Help me to report IP address: 185.212.130.65 because always make the phishing site https://www.virustotal.com/gui/ip-address/185.212.130.65/relations .... Scammer every day makes phishing like atomicwalet.com, locaibitcolns.com, litecoln.org, exodlus.io, etc. I did report and need more people here to report those IP. Thanks. Netherlands DCs won't care much about content on their servers, they are famous in this field since the beginning, I had build a case against someone using their servers to make DDoS attacks in very big scales but they didn't even replied emails and court simply closed the case :D :D reporting those IPs might help other services take action in sending warning messages to their users, but if you are trying to report them to bring those IPs or servers down, you won't face any success easily Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 08, 2019, 06:01:23 AM Found this
Original site : https://bittab.io/ Fake webite : //bittab.org/ Code: Domain Name: BITTAB.IO Code: Domain Name: BITTAB.ORG https://i.ibb.co/gVVjHhs/qwaaer.png Be careful No different with original website Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 15, 2019, 02:52:03 AM Real Website: https://exmo.com/
Phishing website Code: https://exmo.me/ https://i.ibb.co/hX1q3Zp/aaa.png Real Website: https://exmo.com/ Code: Domain Name: EXMO.COM Phishing website Code: Domain Name: EXMO.ME https://www.virustotal.com/gui/url/a7c9f98d3cf4a248bdaf05a6d0461f5ef85bdd2d33d89a47f134c602a13d105b/detection https://i.ibb.co/SnZ7m6d/33.png Be Careful Noobs Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 16, 2019, 01:11:18 PM Let's see how Scammer manipulated MyEtherWallet
Code: http://muetherewallet.com/ https://www.virustotal.com/gui/url/37c0a2a5637bb8281cc9380521a05a71e8df0fc8145369a90abd4fb76a1605af/detection https://www.virustotal.com/gui/url/a33df647cffe55ad19f68768b5b7b405dc1b1dd0c49304e2d341ff364970e3e2/detection https://www.virustotal.com/gui/url/af3748494186d8324bbb2e27efddc7d6f88f31b3bc5a464f8592b2e594721745/detection https://www.virustotal.com/gui/url/3f29d61018c75517c59473a1d2542b699ee68a19f612c28a965032b5566eba03/detection https://www.virustotal.com/gui/url/3fe9099a684ef833a09fc72dfe23ba2ce7ae7770f58c97301a373816497418b9/detection https://www.virustotal.com/gui/url/637b8188d639b613d3c553413e7f62ed8cec8e689d4cfefcd7527007292eb93b/detection https://www.virustotal.com/gui/url/3fd3fc809e360bec502f6fbfe08d6a1e837357cffd2d5f0706a167df966c8d53/detection https://www.virustotal.com/gui/url/64bef2b379158dd717f86ce9f2bff6ba473c16dada47819290a076b9931407d2/detection https://www.virustotal.com/gui/url/dd1b7ce1a738d1b96859bdcf6c5dd692db5387c0c43ccabcf705050307e009d7/detection https://www.virustotal.com/gui/url/191abfdf5f38b48af58b30f0d7547d7205f8c896b0881d661fdf90a4ce919518/detection One of them still make the offering https://i.ibb.co/9tb7cMz/1.png Newbie and beginner must far away from those sites, they will be stolen your money Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on November 22, 2019, 06:54:10 AM This IP 149.129.176.152 have Multi Phising site cryptocurrency : Trezor, ledger, etc
https://www.virustotal.com/gui/ip-address/149.129.176.152/relations Code: www.treezor.io Example : Code: treezor.io https://www.virustotal.com/gui/url/8739ebbfb4442de492fa5b0328f179a81dde142609eef9e8ecd1028f4b3116d0/detection BitDefender Phishing ESET Phishing Fortinet Phishing G-Data Phishing Sophos AV Malicious I thing the scammer Will continue to make phishing site using that IP, be carefull nobsss.. Title: Re: [Warning] Phishing Phishing Blockchain.com Post by: Chikito on November 26, 2019, 11:39:00 AM Phishing Blockchain.com
Code: https://login-blockchajn.com https://i.ibb.co/fp2zvRm/bloc.png Domain Information: Code: IP Address: 103.16.228.163 https://www.virustotal.com/gui/url/06326ba8493ba4efae4856518c627a5128642773dde28b14ede3b3f78603a17c/detection BitDefender-Phishing CLEAN MX-Phishing Be Careful Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on December 15, 2019, 02:30:01 AM Fake Give away Bitcoin and Ethereum
Code: http://elonmuskgo.com/ Be aware scammer use fake medium Elon musk to give away Bitcoin and ethereum https://i.ibb.co/8zXm6dL/1.png (https://ibb.co/WDsHgP4) The link will direct you to send BTC and ETH to get 10X, this is fake and potential scam. https://i.ibb.co/RTPfBC8/2.png (https://ibb.co/9H26VqP) https://i.ibb.co/wYD2ZD3/3.png (https://ibb.co/kMYPVYk) https://www.virustotal.com/gui/url/4539c3892433c86efa77b48f6ad88f48c696ee970983aa14ad6439328d7a09ba/detection Code: IP Address: 195.24.68.21 Let's see related IP https://www.virustotal.com/gui/ip-address/195.24.68.21/relations https://i.ibb.co/nsjXqbL/44.png (https://ibb.co/FbzQkKD) Be careful Elon musk never give away cryptocurrency Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on December 30, 2019, 12:03:12 AM Warning BTC and eth give away, sending your fund first for receipt 100x BTC and eth.
Code: http://btcandeth.com/ https://i.ibb.co/THmkbLH/22.png (https://ibb.co/ZhWVYmh) Domain information Code: IP Address: 185.174.174.220 It's really fake, don't send your Bitcoin. They will be scamming you. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: TravelMug on January 01, 2020, 04:39:07 AM I found this fake ETH giveaway:
Code: https://eth-giveout.com/ https://i.ibb.co/1vypYTR/Screen-Shot-2020-01-01-at-12-25-54-PM.png (https://ibb.co/2nVL0dc) Scammers ETH: Code: 0xB5c06ce49d0C63211E5d335Cf42ecdA5C3f30D8a Code: IP Address: 162.241.217.210 - 1,641 other sites hosted on this server https://www.virustotal.com/gui/ip-address/162.241.217.210/relations https://i.ibb.co/XyMmd7n/Screen-Shot-2020-01-01-at-12-35-55-PM.png (https://ibb.co/PT0Bbc2) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Jiyens3 on January 01, 2020, 05:33:28 PM Beginners and newbie on the cryptocurrency world should be careful about the phishing website. A lot of Scammers out there used a fake website to steal your Bitcoin. so usefull thread, phising web very harmful. such you said above many phising website and on of them is myetherwallet Read 5 Ways to Identify a Phishing Website (https://www.metacompliance.com/blog/5-ways-to-identify-a-phishing-website/) and Read [GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto (https://bitcointalk.org/index.php?topic=5122515) On this thread, I want to share what I found out there. 1. Phishing exodus website: //exodlus.io original: https://exodus.io/ Look screenshot here ; Code: Network When scanning virus total has warned: https://www.virustotal.com/gui/url/8bb6a4ef386b9c29d2cc00509aa3a44ec7d7dbf792f057074ad0ec471d8611e9/detection BitDefender-Phishing Flagged Ip address 185.212.130.65 Related IP (https://www.virustotal.com/gui/ip-address/185.212.130.65/relations) Look This fake site using same IP address : Quote electum.org litecoln.org bitcolncore.org guimlner.org minergate.ru.com nvldia.ru monnero.org 2. Fake electrum site : electum.org 3. Fake litecoin site : litecoln.org 4. Fake Bitcoincore site: bitcolncore.org 5. Phising Localbitcoins (https://bitcointalk.org/index.php?topic=5196898.0) 6. Phishing Blockchain.info (https://bitcointalk.org/index.php?topic=5198777.0) I will update this thread when I found another phishing. honestly, i have experienced phising in myetherwallet. i am forgot how i can go to for phising web then suddenly i lose all my token in myetherwallet so sad about that. so from that case i always to bookmark all important address Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on January 11, 2020, 11:38:38 AM Find more Phishing like this
be carefull do not click this link Code: http://newcryptogift.com/ https://i.postimg.cc/9fLQmrRM/22.png Don't deposit anything. this is 100% scam, will steal your money. and same like this Code: https://elongive.net https://i.postimg.cc/Hj1pZMKS/233.png Elon musk never gives away cryptocurrency. When you find like those phishing, please report into: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on January 19, 2020, 06:35:29 AM Criminals are not resting, and so are we:
https://i.ibb.co/d4pg0cJ/Screen-Shot-2020-01-19-at-2-29-05-PM.png (https://ibb.co/fdNvYSG) Code: https://muskgiveaway.com/ https://i.ibb.co/jJmcmkC/Screen-Shot-2020-01-19-at-2-31-54-PM.png (https://ibb.co/J3VfVjY) Code: https://elongive.live/ Kindly help me report this sites, thanks again. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on January 21, 2020, 05:19:08 AM Very clever, :D
Code: FAKE PHISHING SITE: https://lrezor.io/ If you mistype or didn't see the mis spelling, I'm sure you will fall for the trap. https://i.ibb.co/0GZDVYT/Screen-Shot-2020-01-21-at-1-16-52-PM.png (https://ibb.co/wzC0rpV) Archive: http://web.archive.org/save/https://lrezor.io/ Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on January 21, 2020, 10:45:30 AM Code: FAKE PHISHING SITE: https://lrezor.io/ look like this domain has connected malicius keylogger too. https://www.virustotal.com/gui/ip-address/104.31.68.49/relations https://i.postimg.cc/sX14NF56/22.png We should be careful that's Ip address and domain to not download file from untrusted source. Also, Official trezor has an announcement about "the fake Trezor Wallet beta-testing application form circulating in Telegram being spread by accounts pretending to be Trezor team members." https://twitter.com/Trezor/status/1218179757847797760 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on January 29, 2020, 11:17:38 PM Warning phishing mixing service
Fake: Code: smatmixer.io Code: https://smatmixer.io/en/start-mixing.html Picture https://i.postimg.cc/dVDT6868/smat.png Domain Information: Code: IP Address: 104.27.149.87 We should careful, double-check your written before action. Real Website: https://smartmixer.io Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 02, 2020, 10:17:59 AM Eventhough Elon Musk has shown his true colors about bitcoin, cyber criminals are still using his name:
Code: https://musk.bet/ https://i.ibb.co/D5sMhtV/Screen-Shot-2020-02-02-at-6-14-11-PM.png (https://ibb.co/SRWmbPs) Code: https://teslagive.vip/ https://i.ibb.co/x17gBT4/Screen-Shot-2020-02-02-at-6-17-14-PM.png (https://ibb.co/8r7xfZh) Edit: Another LBC Phished site: Code: https://localbitcoins.name/ https://i.ibb.co/9Nr5NRY/Screen-Shot-2020-02-02-at-6-21-48-PM.png (https://ibb.co/6mWCm6s) Quote Registrant REDACTED FOR PRIVACY Registrant Org REDACTED FOR PRIVACY Registrant Country ru Registrar 1API GmbH IANA ID: 1387 URL: http://www.1api.net Whois Server: whois.1api.net (p) Registrar Status clientTransferProhibited Dates 7 days old Created on 2020-01-26 Expires on 2021-01-26 Updated on 2020-01-26 Name Servers NS3.CNMSN.COM (has 7,009 domains) NS4.CNMSN.COM (has 7,009 domains) Reverse NS Tech Contact REDACTED FOR PRIVACY REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY IP Address 185.178.208.178 - 20 other sites hosted on this server http://whois.domaintools.com/localbitcoins.name Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 09, 2020, 11:49:26 PM Kindly add:
Code: https://earn2xethnow.com/ https://i.ibb.co/XZ6dtfg/Screen-Shot-2020-02-10-at-7-47-33-AM.png (https://ibb.co/xSwc6K0) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 10, 2020, 03:52:31 AM Code: https://earn2xethnow.com/ Seems that's IP have flagged, all domain as fake ethereum giveaway https://www.virustotal.com/gui/ip-address/81.16.29.111/relations Code: real2xeth.com Domain and IP's Information Code: IP Address: 81.16.29.111 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: masulum on February 10, 2020, 01:42:32 PM FAKE ETHEREUM GIVEAWAY ETH Address: 0x69898205539f2556dfdfc202c711646638eb9626Code: https://www.free-ether.com/ https://www.virustotal.com/gui/ip-address/198.54.120.214/relations Code: Domain name: free-ether.com Page screenshot: https://imgbb.online/images/2020/02/10/22bbb1750973.md.png (https://imgbb.online/i/UoUQ) FAKE ELON MUSK/TESLA CRYPTO GIVEAWAY Code: https://elonxgifts.com FAKE BINANCE GIVEAWAY Code: binancefutures-eth.com Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 10, 2020, 11:27:35 PM I already posted it here. (https://bitcointalk.org/index.php?topic=5149062.msg53812965#msg53812965/) But I think it's worth to mentioned him in this board as well.
Code: https://craigsecret.com/ https://i.ibb.co/pz5bvW2/Screen-Shot-2020-02-11-at-5-41-25-AM.png (https://ibb.co/J7gmRxn) Archived: http://web.archive.org/save/https://craigsecret.com/ Code: Domain Name: CRAIGSECRET.COM https://www.whois.net/ Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 11, 2020, 09:42:14 PM I found another "crypto gold", ;D
Code: https://donaldcrypto.com/ BTC wallet: Code: 1PEqxR9JmWMUFB4J1Qb6RzGLGSx4ru5emc ETH wallet: Code: 0x8f263aD0FfD2aEAaF33aEEB6e689f1D7E6bB4dcd https://i.ibb.co/3WtwBHd/Screen-Shot-2020-02-12-at-5-36-56-AM.png (https://ibb.co/k0YpQFB) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 13, 2020, 01:17:27 AM Be Careful, someone has lost his money by sent to fake mixing service
I leave an alert here, there is a fake website called smantmixer.io Unfortunately I ended up losing one of my transactions by sending my balance to this fake site. :'( Fake: Code: smantmixer.io Warning for us to double checking before do anything else. Real Website: https://smartmixer.io Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 13, 2020, 11:53:48 PM Code: https://elonxspace.com/ https://i.ibb.co/gjDJXJX/Screen-Shot-2020-02-14-at-7-50-53-AM.png (https://ibb.co/M2R7j7j) BTC Wallet: Code: 14aDScg4SeF4GDNLTpXezGPsfKkhoENweV Code: 0xbe4F201CA79AD8961a35D0B96BE2fF42445a7d8a Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on February 15, 2020, 10:59:14 PM Brad Garlinghouse (Ripple CEO) Fake Giveaway
Code: https://xrp2020.net/ https://i.ibb.co/6BLDbLQ/Screen-Shot-2020-02-16-at-6-50-46-AM.png (https://ibb.co/tXFYcFR) XRP Wallet: Code: rw65sa4wHeGVUxaEVWWc6CUKP92qP46vnr Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 16, 2020, 12:14:16 AM Code: https://elonxspace.com/ Link has alot of virus detected https://www.virustotal.com/gui/url/326f63444b3aabd904e57234288ac9c6e78b479bf796e21a91ff2982a70da4cb/detection https://i.postimg.cc/vBjr2bXR/Screenshot-from-2020-02-16-00-04-43.png IP relations https://www.virustotal.com/gui/ip-address/190.115.21.130/relations Code: www.muskgift.net Code: https://xrp2020.net/ IP relations https://www.virustotal.com/gui/ip-address/77.83.173.172/relations Code: xrpx10.org Be careful scammer always make new site and similiar fake giveaway/phising, don't click any link to avoid malware injection into your PC. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 20, 2020, 12:00:35 AM Be aware fake giveaway and phishing
1. Code: https://telegra.ph/Official-Competition-rules-02-17-2 Don't sent anything, this is fake competition https://i.postimg.cc/8zN2Cb05/1.png 2. Code: https://fiddle.jshell.net/ug9L52of/4/show/ Fake Ethereum Giveaway https://i.postimg.cc/hvVYDJ8T/2.png Scammer will dissapear after you send your ethereum 3. Code: https://telegra.ph/Binance-New-Fiat-Listings-02-19 Fake Bitcoin giveaway by fake CZ Binance https://i.postimg.cc/g05t3yN3/3.png 4. Code: https://telegra.ph/Bitcoin-Halving-and-New-Fiat-Listings-to-Binance-02-18 CZ Binance never giveaway cryptocurrency https://i.postimg.cc/wjjwP4rh/4.png Be Careful Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 24, 2020, 04:50:49 AM [Scam] Fake Vitalic butterin Give away using medium blog
Code: https://medium.com/@vitalikbuterinceo/ethereum-eth-2-0-news-67094a3f4331 Quote To participate you just need to send between 5 ETH to 500+ ETH to the contribution address and we will immediately send you back between 10 ETH to 5000 ETH the address you sent it from. Every person can participate only one time; the minimum contribution is 5 ETH and the maximum contribution is 500 ETH. - For example If you send 10–50+ ETH , you will be airdropped 100 ETH back. https://i.postimg.cc/Ls94yJBF/2gtt.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on February 28, 2020, 06:26:56 AM Be aware cloning and phishing blender.io
Code: blendér.io Code: http://xn--blendr-fva.io https://i.postimg.cc/NM3t2djk/1.png https://i.postimg.cc/MH1S71c2/2.png You can see different domain and address service And more clonning and phishing fund by @logfiles Code: https://blender.work Please help to report it all to https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en Real Website: https://blender.io Service address: 1Fd1zWsLCP8okiExCrhzvU4TD8zKYfgbZ1 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: dragonvslinux on February 29, 2020, 07:37:40 AM Nice topic. It's very useful to remember that phishing websites work due to human error, not just that of clicking the wrong link, but in this case typing the wrong link.
For anyone concerned about this remember to check the SSL certificate of the website. I also strongly recommend using a chromium-based (https://brave.com/) browser to warn you of scams. For example, by typing electrum wrong and entering the phishing link url takes me here, instead of taking you directly to the scam: https://dzone.com/storage/temp/10288105-deceptive-site-ahead.png (https://dzone.com/articles/what-is-deceptive-site-ahead-warning-in-chrome-and) If a big red flag doesn't warn you not to proceed, then you probably can't be helped :P Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on March 08, 2020, 06:08:49 AM For example, by typing electrum wrong and entering the phishing link URL takes me here, instead of taking you directly to the scam: a warning will appear if website have been reported.More fake/phishing Elon musk give away available every day, we must be careful, Elon musk or any relevant never give away Bitcoin and altcoin, those sites will scamming you by sending malware and never sending back what you sent. here, I was found today: Code: https://teslafree.info/ https://i.postimg.cc/43S8R4yZ/1.png https://i.postimg.cc/Y2x744qg/2.png when we Look at the picture, scammer use fake medium for scamming purpose domain information: Code: Domain Name: teslagoods.info Be careful. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on March 11, 2020, 02:39:40 PM Last couple of days:
Code: https://btcethpromo.info/ Same images being used, sometimes it's tiring to hunt for this kind of phishing websites, but if you think the people you are going to save in this community by giving them warnings, it's worth in the end. :) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on March 18, 2020, 12:00:22 AM Same images being used, sometimes it's tiring to hunt for this kind of phishing websites, but if you think the people you are going to save in this community by giving them warnings, it's worth in the end. :) same like this, using fake medium and "double your crypto" schemeCode: https://eventcrypto.org/btc/ https://i.postimg.cc/1z0WPbjx/222.png All reported and this not yet over, scammer every day trying to scam people by using fake and phishing give away, be careful. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: TravelMug on March 21, 2020, 02:45:07 AM Another Elon Musk fake giveaway
Code: https://bitcoinelon.com/ https://talkimg.com/images/2023/10/19/RbWTW.png Quote Whois Record for BitCoinElon.com How does this work? Domain Profile Registrant Protection of Private Person Registrant Country ru Registrar Registrar of domain names REG.RU LLC REGISTRAR OF DOMAIN NAMES REG.RU LLC IANA ID: 1606 URL: https://www.reg.com,https://www.reg.ru,http://www.reg.ru Whois Server: whois.reg.com (p) Registrar Status clientTransferProhibited Dates 17 days old Created on 2020-03-03 Expires on 2021-03-03 Updated on 2020-03-03 Name Servers NS1.REG.RU (has 1,502,646 domains) NS2.REG.RU (has 1,502,646 domains) Tech Contact Protection of Private Person PO box 87, REG.RU Protection Service, Moscow, 123007, ru (p) (f) IP Address 194.58.112.174 - 175,467 other sites hosted on this server IP Location Russian Federation - Moskva - Moscow - Domain Names Registrar Reg.ru Ltd ASN Russian Federation AS197695 AS-REG, RU (registered Mar 28, 2011) Domain Status Registered And Active Website https://www.virustotal.com/gui/ip-address/194.58.112.174/relations https://talkimg.com/images/2023/10/19/RbeLJ.png BTC address: Code: 36NxXedkXecvw9VbyGTUd4Fm9tMgpVHv3u Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on March 22, 2020, 11:50:29 AM Cyber criminals attempt on QR code:
Code: http://bitcoin-barcode-generator.com/ https://i.ibb.co/BLtVvMj/Screen-Shot-2020-03-22-at-7-46-03-PM.png (https://ibb.co/9nN9B52) archived: http://web.archive.org/save/http://bitcoin-barcode-generator.com/ https://i.ibb.co/xL2jcNm/Screen-Shot-2020-03-22-at-7-49-00-PM.png (https://ibb.co/YQNkKxD) archived: http://web.archive.org/save/http://btc-to-qr.com/ Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on March 22, 2020, 12:21:11 PM Cyber criminals attempt on QR code: Thanks for adding those scam.I try using it and got different address generated https://i.postimg.cc/yNp89gQ9/3223.png And was scanned, My address changed into scammer address 343CXYVBKXT2VgELCdjEeMyPpfiKwkzUNg. We must be careful before using any Tool, be sure to always double check. because QR code as the results cannot be seen immediately. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on March 26, 2020, 05:29:42 PM Another new form of scam, I reported a similar theme/style from the scammers, [Scam]: Atomic wallet Complaint Form (https://bitcointalk.org/index.php?topic=5235476.0)
Code: PHISHING SITE: https://jaxx.live/ https://i.ibb.co/3YPym7z/Screen-Shot-2020-03-27-at-1-24-59-AM.png (https://ibb.co/Fqdb4KV) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on March 27, 2020, 03:03:20 PM Another fake Elon Musk Giveaway:
https://i.ibb.co/G9v605K/Screen-Shot-2020-03-27-at-11-00-56-PM.png (https://ibb.co/nBsGbLH) Code: Phishing site: https://mdl3.top/ Quote Registrar Key Systems LLC IANA ID: 1345 URL: http://www.key-systems.net Whois Server: whois.rrpproxy.net (p) Registrar Status clientTransferProhibited Dates 20 days old Created on 2020-03-07 Expires on 2021-03-07 Updated on 2020-03-26 Name Servers NS1.HOSTING.REG.RU (has 1,510,929 domains) NS2.HOSTING.REG.RU (has 1,510,929 domains) Tech Contact — IP Address 31.31.198.109 - 1,017 other sites hosted on this server IP Location Russian Federation - Moskva - Moscow - Domain Names Registrar Reg.ru Ltd ASN Russian Federation AS197695 AS-REG, RU (registered Mar 28, 2011) Hosting History 5 changes on 3 unique name servers over 2 years http://whois.domaintools.com/mdl3.top Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on April 01, 2020, 11:42:10 AM ( 1 ) Bitcoin doubler, I will assume that all transactions there are fake just to lure potential victims.
I also try to find the registered company, but so far I didn't get a hit so obviously, they wanted to look legit by having a company number but its all fake. Code: https://crypto-crown.ltd/ https://i.ibb.co/dPgZHgJ/Screen-Shot-2020-04-01-at-7-36-48-PM.png (https://ibb.co/m98pP8F) ( 2 ) Another one: Code: https://bit-coinvestor.com/ https://i.ibb.co/B3WY8gY/Screen-Shot-2020-04-01-at-7-44-20-PM.png (https://ibb.co/fF6TmCT) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on April 01, 2020, 12:07:16 PM I also try to find the registered company, but so far I didn't get a hit so obviously, they wanted to look legit by having a company number but its all fake. https://www.virustotal.com/gui/ip-address/193.233.15.195/relationsCode: https://crypto-crown.ltd/ IP address 193.233.15.0 using Smart Telecom S.A.R.L office at Beirut > https://www.ripe.net/membership/indices/data/lb.smarttelecom.html I am try to look up that's IP > https://ipinfo.io/AS51558, Still not find company name. just country, i am not sure about it. https://ipinfo.io/193.233.15.195 Code: City Cascade Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on April 03, 2020, 06:55:08 AM Fake/Phishing Binance Promo Give away
Code: http://binancepromo.com/ https://i.postimg.cc/MZ12drqL/wewq.png IP Address: 108.168.157.70 Detected as Malicious > https://www.virustotal.com/gui/ip-address/108.168.157.70/detection https://i.postimg.cc/05MbtvBC/qwqw.png Be careful.. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on April 12, 2020, 10:28:17 AM Another list of fake giveaways:
Code: http://ethventure.com/ https://i.ibb.co/gt7d5D3/Screen-Shot-2020-04-12-at-6-11-09-PM.png (https://ibb.co/JrdqfzK) Code: Whois Record for EthVenture.com http://whois.domaintools.com/ethventure.com Code: https://ethdrop.me/ https://i.ibb.co/bKTJSvW/Screen-Shot-2020-04-12-at-6-14-49-PM.png (https://ibb.co/qrK5tgy) Code: Whois Record for EthDrop.me http://whois.domaintools.com/ethdrop.me Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on April 13, 2020, 12:00:26 AM Another list of fake giveaways: I found any related fake/phishing same IP : https://www.virustotal.com/gui/ip-address/31.31.196.105/relationsCode: http://ethventure.com/ Code: https://eth-ethereum.ltd/ https://i.postimg.cc/tg7VMGrN/1.png Code: https://ethdrop.me/ Code: http://wordcoin.online We should ve careful and please report it > https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on April 18, 2020, 02:20:45 PM Ethereum and Bitcoin generator scammer website. And obviously, the same people are behind.
(1) Code: http://ethereum.cryptogenerator.live/ https://i.ibb.co/qNTvYdn/Screen-Shot-2020-04-18-at-10-14-41-PM.png (https://ibb.co/y6HrFXR) (2) Code: http://bitcoin.cryptogenerator.live/ https://i.ibb.co/JK2kV69/Screen-Shot-2020-04-18-at-10-16-29-PM.png (https://ibb.co/47MNzvH) Code: Domain Profile http://whois.domaintools.com/cryptogenerator.live Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on April 21, 2020, 11:50:12 AM Again, Fake give away by fake Elon musk
Code: https://promomusk.me/ https://i.postimg.cc/Cx2cFPRS/1.png A hundred transactions appear on the website using this address 1DZrNJ3V38x2VSHVk3yPT5gnyQRVZTujcC (https://www.blockchain.com/btc/address/1DZrNJ3V38x2VSHVk3yPT5gnyQRVZTujcC) are fake, we can see address only have 2 real transactions. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: NotATether on April 22, 2020, 12:09:40 AM Ethereum and Bitcoin generator scammer website. And obviously, the same people are behind. You know, I almost fell for one of these when I was a newbie. These kind of sites sucker in a lot of unsuspecting people. I'm busy compiling the scam links in this thread into an adblocker filter. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on April 24, 2020, 10:41:42 PM Obvious fake XRP give-away, using Tumblr as the medium.
Code: https://aprilcontest.tumblr.com/ https://i.ibb.co/D48qRqW/Screen-Shot-2020-04-25-at-6-36-23-AM.png (https://ibb.co/sj6BVBR) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on May 05, 2020, 11:05:01 PM Another Fake ETH giveaway:
https://i.imgur.com/UClkP24.png Archived: http://web.archive.org/save/https://giveaway.revproject.site/ Code: Whois Record for RevProject.site Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 06, 2020, 04:03:15 AM Another Fake ETH giveaway: Archived: http://web.archive.org/save/https://giveaway.revproject.site/ Code: IP Address 87.236.16.14 https://www.virustotal.com/gui/ip-address/87.236.16.14/relations https://i.postimg.cc/mkfNp5rG/yt.png Seem that IP's has relationship with another fake/phising electrum wallet Code: http://www.electrumwallet.buzz/#home archived1 (https://web.archive.org/web/20200506035759/http://www.electrumwallet.buzz/) and archived2 (https://web.archive.org/web/20200506035659/http://www.walletelectrum.com/#home) https://i.postimg.cc/xCb3R2nR/e.png Be careful Real Electrum is https://electrum.org Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on May 06, 2020, 11:08:10 PM Here is another bitcoin generator, be careful we are approaching halving, maybe newbies think that they can simply earn free bitcoin.
Code: http://bitgen.pro/ https://i.ibb.co/xFTzmW5/Screen-Shot-2020-05-07-at-7-04-56-AM.png (https://ibb.co/jJX3Vm4) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 13, 2020, 12:09:59 PM Be aware fake Steve Wozniak Bitcoin Giveaway
Code: https://telegra.ph/Steve-Wozniak-Foundation-15000-Bitcoin-Giveaway-Airdrop-05-10 https://i.postimg.cc/02XxMsYZ/1.png https://i.postimg.cc/Mpcw1Ftw/2.png scammer wallet https://www.blockchain.com/btc/address/1EQaEux5fu7uTGkrDBR2RRARwbqDFMALPw still empty, no transaction. Scammer IP relationship https://www.virustotal.com/gui/ip-address/107.150.102.158/relations https://i.postimg.cc/KzTrLx3T/3.png https://i.postimg.cc/cCMR9hm4/4.png Code: elonhelper.io Domain/IP Information: Code: IP Address: 107.150.102.158 Always be careful. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: OmegaStarScream on May 16, 2020, 03:18:49 PM exodusupdate.com (Found by UnDerDoG81 (https://bitcointalk.org/index.php?topic=5248044.msg54422156#msg54422156)).
Domain information: Code: Registrar NAMECHEAP INC NameCheap, Inc. In addition to reaching out to Exodus support (as mentioned in the ilnk above)... I scanned the .exe and no malware were found, but once I ran the .exe (using Sandboxie), it started downloading other files .vbs and .bat files (which most likely contain malicious code). Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 17, 2020, 01:11:08 AM exodusupdate.com (Found by UnDerDoG81 (https://bitcointalk.org/index.php?topic=5248044.msg54422156#msg54422156)). Thanks for Information. Look like that site has linking to some other. when I try searching the relationship, I find fake Bitcoin giveaway site.https://www.virustotal.com/gui/ip-address/199.188.200.50/relations https://i.postimg.cc/pVYkXbxd/1a.png Another relationship, Maybe Ponzi scheme Code: https://crypto-hub.net/ https://i.postimg.cc/y8w0yvB5/2a.png https://i.postimg.cc/Y984Z3Kt/3a.png All related to exodusupdate.com with a same IP address. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on May 17, 2020, 01:18:14 AM It's already been blocked by EAL.
And this is the official link: https://www.exodus.io Code: exodusupdate.com https://i.ibb.co/1vsNK6B/Screen-Shot-2020-05-17-at-9-15-34-AM.png (https://ibb.co/mDvKt8d) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on May 17, 2020, 10:09:12 PM First time that the scammers are using Xiaomi name to create a fake bitcoin giveaway.
Website: Code: https://xiaomibtc.com Bitcoin address of the scammers: Code: 37KPhFEL1uZqoJBpYq22ZGahaBc23ActpF https://i.ibb.co/BK0hLgs/Screen-Shot-2020-05-18-at-6-06-12-AM.png (https://ibb.co/Z1qQdhT) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 18, 2020, 12:00:51 AM First time that the scammers are using Xiaomi name to create a fake bitcoin giveaway. Website: Code: https://xiaomibtc.com - Adding more popular name - Fake popular name Bitcoin give away IP Address: 77.83.173.172 >> https://www.virustotal.com/gui/ip-address/77.83.173.172/relations Code: www.chambtc.org https://i.postimg.cc/rwLB9tjt/11.png Code: https://chamath-btc.com https://www.virustotal.com/gui/ip-address/104.24.108.170/relations https://i.postimg.cc/HL9wHTxy/22.png Code: https://alanbtc.com/ https://www.virustotal.com/gui/ip-address/104.27.183.23/relations https://i.postimg.cc/bJdsMP28/33.png Code: https://josephbtc.com https://www.virustotal.com/gui/ip-address/104.18.36.48/relations https://i.postimg.cc/jdT7XLhY/44.png Code: https://fordbtc.org/ https://www.virustotal.com/gui/ip-address/195.24.68.16/relations https://i.postimg.cc/GpP29jZB/55.png Code: https://telegra.ph/Dave-Ramsey-5000-BTC-Giveaway-05-17 https://i.postimg.cc/L4JJ3jPW/66.png Code: https://telegra.ph/5000-Bitcoin-Giveaway-05-12 https://i.postimg.cc/brnNcHHN/77.png Code: https://telegra.ph/Tony-Robbins-5000-Bitcoin-Giveaway-Airdrop-05-14 https://i.postimg.cc/gJXG8q7q/88.png Code: https://telegra.ph/Steve-Wozniak-Foundation-5000-Bitcoin-Giveaway-Airdrop-05-14-3 https://i.postimg.cc/zf3NYFqZ/99.png Code: https://bransonbtc.com/ https://i.postimg.cc/28mfSDCx/111.png Code: http://bloombergbtc.net/ https://i.postimg.cc/G205gF2j/2222.png ... and many more... I am just say, Be careful!. don't send anything! They don't giveaway Bitcoin. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 19, 2020, 12:37:35 PM This IP address has Alot of fake and Phishing Giveaway
https://www.virustotal.com/gui/ip-address/77.83.173.172/relations https://www.virustotal.com/gui/ip-address/178.159.42.11/relations Website: Code: www.chambtc.us Example picture https://i.postimg.cc/gcBZx4xm/oop.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on May 26, 2020, 11:21:08 AM Seems, exodus wallet favorite name purpose phishing, be careful always double check before entering.
Code: http://exodus.com.swtest.ru/bitcoin-wallet.html Domain information Code: IP-Address from DNS Host Lookup: 77.222.40.109 https://i.postimg.cc/sx3MvNhR/1.png domain has injected virus https://www.virustotal.com/gui/ip-address/77.222.40.109/relations Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on May 30, 2020, 10:33:36 PM Another fake XRP giveaway:
Code: https://www.ripple.re/ https://i.imgur.com/CrwT1cR.png And this scam cloud mining site, claiming to give exorbitant returns. Code: https://miningbase.cloud/ https://i.imgur.com/6s65EGc.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 03, 2020, 11:24:05 AM Bitcoin double here. Do not send any Bitcoin or Ethereum on this site.
Code: http://getbtcx.com/btc.html https://i.imgur.com/hiALDRI.png https://i.imgur.com/Fn3XW6M.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: vlad230 on June 04, 2020, 08:59:44 AM It seems the scammers went even further. They created a youtube channel called 'SpaceX Live' where they promote these scams.
There's a live video with SpaceX people talking about the launch: https://www.youtube.com/watch?v=a07f5F-Mcqg I have reported the video for scams but it seems like it wasn't taken down yet. Websites: Code: https://elonmuskdrop.com/ Do NOT send your BTC to these addresses! https://bitref.com/16V9ozW6499fJWmYebPcpNpq8P1BBbmjdV https://bitref.com/1SpaceMrzPknno6Bpf3NnvARiRnDrK7Ln They managed to get some BTC out of idiots after all ;D Later EDIT: The video was taken down now :) Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 07, 2020, 10:44:55 AM Fake Exodus website, as usual the feel and looks are the same here, you can easily get trick by it if you are not that very careful and it is obvious a phish site, just two days old.
Real website: https://www.exodus.io/ Code: PHISHING SITE - https://exodus.vc/ https://i.imgur.com/KBdXNM2.png Quote Whois Record for Exodus.vc How does this work? Domain Profile Registrant Country br Registrar Gandi SAS IANA ID: 81 URL: http://www.gandi.net Whois Server: whois.gandi.net (p) Registrar Status addPeriod, clientTransferProhibited, serverTransferProhibited Dates 2 days old Created on 2020-06-05 Expires on 2021-06-05 Updated on 2020-06-05 https://whois.domaintools.com/exodus.vc Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 16, 2020, 11:39:33 PM Fake Jaxx.io website, if you type an extra "x" on it, you might get trap, so just be careful and bookmark as scammers are mostly using this kind of typo squatting attacks.
Code: http://jaxxx.io/ https://i.imgur.com/KFmzVZv.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 19, 2020, 10:16:00 PM Be careful with the following trading platforms, similar themes and UI.
Code: https://fixxcoin.com/ https://i.imgur.com/WRCdGc1.png https://i.imgur.com/PskXdwi.png https://i.imgur.com/OwVTGFT.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 20, 2020, 11:14:56 PM Be careful with this fake Fusion wallet, don't create or accessed any using this website, they will steal your keys and your crypto.
Code: https://myfusionwallet.net/ https://i.imgur.com/pevqvSv.png Quote Whois Record for MyFusionWallet.net How does this work? Domain Profile Registrant Whois Privacy Registrant Org Private by Design, LLC Registrant Country us Registrar Porkbun LLC IANA ID: 1861 URL: http://www.porkbun.com,http://porkbun.com Whois Server: whois.porkbun.com (p) Registrar Status clientDeleteProhibited, clientTransferProhibited Dates 13 days old Created on 2020-06-07 Expires on 2021-06-07 Updated on 2020-06-07 https://whois.domaintools.com/myfusionwallet.net Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on June 21, 2020, 12:00:51 AM Be careful with this fake Fusion wallet, don't create or accessed any using this website, they will steal your keys and your crypto. Code: https://myfusionwallet.net/ Nice catch, seems That's IP's has another fake/phishing link: https://www.virustotal.com/gui/ip-address/198.54.120.244/relations https://i.postimg.cc/NGHFTsyY/fake.png Original Link: https://www.myfusionwallet.com Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 21, 2020, 11:30:30 PM ^^ And it really reinforced what we have believed in the past, those scammers are really connected to each other and probably colluding with other criminals as well. Cheap domain hosting + parking it for sometime before making their move and then recycle.
Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on June 23, 2020, 04:22:47 AM ^^ And it really reinforced what we have believed in the past, those scammers are really connected to each other and probably colluding with other criminals as well. Cheap domain hosting + parking it for sometime before making their move and then recycle. Easy way to scammer use cheap provider VPS and make new domain. like today I found new "Elon musk" again with one IP. Code: https://musk-live.com/ https://i.postimg.cc/FsThvNrn/musk.png https://www.virustotal.com/gui/ip-address/68.183.101.122/relations Code: 2020-06-21 www.musk-live.com Scammer made all those phishing only 1 week. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 23, 2020, 11:59:09 PM New Paxful phishing site:
And there's no such thing as paxful offers, do not enter your credentials here. Code: http://paxfuloffers.com/ https://i.imgur.com/g4gF78K.png Original Site: https://paxful.com/ Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 26, 2020, 11:53:33 AM Fake or clone Callisto wallet:
Code: https://clowallet.network/ https://i.imgur.com/nQygVbm.png This is the original: https://wallet.callisto.network/ But as you can see, very very similar in terms of look and feel of the original site. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on June 27, 2020, 11:51:53 PM Bitcoin doubler/Ponzi scheme spotted:
Just look at those profits you are going to make in 24-48 hours, Lol. For those newbies, doubler is a scam don't deposit or try it for yourself, not even a small amount. Code: https://growbitcoin.co.uk/ https://i.imgur.com/IKxyX7S.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on July 01, 2020, 01:41:57 AM Fake or clone Callisto wallet: Code: https://clowallet.network/ Same like before, usually scammer using same IP address to make new phishing and scam domain, https://www.virustotal.com/gui/ip-address/5.45.114.95/relations https://i.postimg.cc/FHPhyJF3/wa.png see Code: etzwallet.net Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on July 01, 2020, 04:23:47 PM Fake https://guarda.co/app/. Look at the spelling and the closeness of the website interface.
Code: PHISHING SITE: https://guadra.com/app/create https://i.imgur.com/ATdTfxv.png This is the original: https://guarda.co/app/ Fake site domain info: Quote Whois Record for GuaDra.com Domain Profile Registrant WhoisGuard Protected Registrant Org WhoisGuard, Inc. Registrant Country pa Registrar NAMECHEAP INC NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, clientTransferProhibited Dates 41 days old Created on 2020-05-21 Expires on 2021-05-21 Updated on 0000-12-31 Name Servers DNS1.NAMECHEAPHOSTING.COM (has 870,791 domains) DNS2.NAMECHEAPHOSTING.COM (has 870,791 domains) Tech Contact WhoisGuard Protected WhoisGuard, Inc. P.O. Box 0823-03411, Panama, Panama, pa (p) (f) IP Address 198.187.29.150 - 635 other sites hosted on this server IP Location United States Of America - Georgia - Atlanta - Namecheap Inc. ASN United States Of America AS22612 NAMECHEAP-NET, US (registered Jun 21, 2011) Domain Status Registered And Active Website https://whois.domaintools.com/guadra.com Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on July 07, 2020, 04:29:22 AM Code: PHISHING SITE: https://guadra.com/app/create I found new one, checked using https://dnstwister.report/search?ed=6775617264612e636f Code: http://wwwguarda.co/ https://i.postimg.cc/tTFB06SC/1.png the relationship of https://www.virustotal.com/gui/ip-address/104.203.20.6/relations https://i.postimg.cc/5N2SgDVt/2.png Code: wwwthetatoken.org https://i.postimg.cc/8PcLMWRJ/3.png and more... IP Information Code: NetRange: 104.202.0.0 - 104.203.255.255 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on July 07, 2020, 06:08:29 PM Bitcoin doubler:
Please stay away from this site, and don't deposit anything. Code: https://bit-airdrop.club/ https://i.imgur.com/6X0mpnR.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on July 14, 2020, 12:13:47 AM Fake ADA Cordano giveaway
Code: https://event-ada.info https://i.postimg.cc/T1yndk8w/ada1.png Domain: Quote IP Address: 172.67.131.47 Geolocation: US (United States), CA, California, 94107 San Francisco - Google Maps Reverse DNS entry: not found Domain Check Domain Name: event-ada.info Top Level Domain: INFO (Information) Domain Name: EVENT-ADA.INFO Registry Domain ID: D503300001185956611-LRMS Registrar WHOIS Server: whois.namecheap.com Registrar URL: www.namecheap.com Updated Date: 2020-07-13T00:45:31Z Creation Date: 2020-07-13T00:41:40Z Registry Expiry Date: 2021-07-13T00:41:40Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc Fake Kanyewest US President Giveaway Code: http://kanyebtc.org/ https://i.postimg.cc/QMxmLJMB/btc1.png Quote IP Address: 195.24.68.4 Geolocation: RU (Russian Federation), 48, Moscow City, 101752 Moscow - Google Maps Reverse DNS: wcarp.hosting.nic.ru Domain Check Domain Name: kanyebtc.org Top Level Domain: ORG (Organization) Domain Name: KANYEBTC.ORG Registry Domain ID: D402200000014076562-LROR Registrar WHOIS Server: https://www.nic.ru/whois Registrar URL: https://www.nic.ru/whois Updated Date: 2020-07-09T22:50:25Z Creation Date: 2020-07-09T22:50:25Z Registry Expiry Date: 2021-07-09T22:50:25Z Registrar Registration Expiration Date: Registrar: Regional Network Information Center, JSC dba RU-CENTER Registrar IANA ID: 463 Be Aware! Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on July 18, 2020, 03:37:52 PM Another one of Fake Elon Musk giveaway:
Code: https://muskpromotion.com/ Bitcoin address: Code: 1MuskJozYFQ56EVxHzg2rcZjPV91QNBH3H And has scammed a total of 0.00453667 BTC already. https://i.imgur.com/5v2QnS0.png Quote Registrant Protection of Private Person Registrant Country ru Registrar Registrar of domain names REG.RU LLC REGISTRAR OF DOMAIN NAMES REG.RU LLC IANA ID: 1606 URL: https://www.reg.com,https://www.reg.ru,http://www.reg.ru Whois Server: whois.reg.com (p) Registrar Status clientTransferProhibited Dates 57 days old Created on 2020-05-22 Expires on 2021-05-22 Updated on 2020-05-22 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on July 20, 2020, 03:03:07 AM Fake giveaway cardano and gemini
Code: https://www.cardano-event.com/ https://i.postimg.cc/252wvRSW/cccc.png Quote IP Address: 104.27.128.135 Domain Name: CARDANO-EVENT.COM Registry Domain ID: 2545876763_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-07-15T23:05:43Z Creation Date: 2020-07-13T21:13:24Z Code: https://geminibtc.net/ https://i.postimg.cc/cJshr40Z/grmn.png Quote IP Address: 190.115.30.224 Domain Name: GEMINIBTC.NET Registry Domain ID: 2541998136_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.PublicDomainRegistry.com Registrar URL: http://www.publicdomainregistry.com Updated Date: 2020-06-27T00:27:59Z Creation Date: 2020-06-27T00:27:33Z Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on July 21, 2020, 09:39:52 PM Fake ETH Airdrop:
https://i.imgur.com/S0CBHPI.png ETH address Code: 0xCE07e6D4aDCb3924011fc247C42eB51084207acA Quote Whois Record for VitalIk.top Domain Profile Registrant REDACTED FOR PRIVACY Registrant Org Tye Dye Eye Registrant Country us Registrar Eranet International Limited IANA ID: 1868 URL: http://www.eranet.com Whois Server: whois.eranet.com (p) Registrar Status clientTransferProhibited Dates 5 days old Created on 2020-07-16 Expires on 2021-07-16 Updated on 2020-07-16 https://whois.domaintools.com/vitalik.top Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on July 31, 2020, 11:13:19 PM And it keeps on coming guys. This Elon Musk giveaways won't stop, Lol.
Code: https://elonpromo.org/ https://i.imgur.com/q8RJZRB.png Quote Registrant Org Privacy Protection Registrant Country ru Registrar Registrar of Domain Names REG.RU LLC IANA ID: 1606 URL: http://www.reg.com Whois Server: whois.reg.com (p) Registrar Status clientTransferProhibited, serverTransferProhibited Dates 8 days old Created on 2020-07-23 Expires on 2021-07-23 Updated on 2020-07-23 Name Servers NS1.REG.RU (has 1,568,097 domains) NS2.REG.RU (has 1,568,097 domains) Tech Contact — IP Address 190.115.21.141 is hosted on a dedicated server IP Location Belize - Belize - Belize City - Ddos-guard Corp. ASN Belize AS262254 DDOS-GUARD CORP., BZ (registered Dec 05, 2012) Domain Status Registered And No Website Hosting History 1 change on 2 unique name servers over 0 year https://elonpromo.org/ Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 01, 2020, 05:40:54 AM And it keeps on coming guys. This Elon Musk giveaways won't stop, Lol. Code: https://elonpromo.org/ find same elon musk like your picture too, Fake Elon Musk still running give away right now; Code: https://muskx.co/ Quote IP Address: 45.87.80.145 Domain Name: muskx.co Registry Domain ID: D093EDEC5DF604FF790F5CC3C10F2E12C-NSR Registrar WHOIS Server: whois.registrar.eu Registrar URL: www.openprovider.com Updated Date: 2020-07-09T10:49:53Z Creation Date: 2020-07-04T10:49:47Z https://i.postimg.cc/59S9NgJJ/1.png Linked to twitter promo https://www.virustotal.com/gui/url/41aa22a7aded71b4d1192265bea003eff3945ef59e9d030c8a2c842d0d7bbae7/details https://i.postimg.cc/52cs7BHH/2.png Keep your mind and be careful Fake giveaway from fake famous people Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 06, 2020, 12:00:51 AM Scam fake Elon musk Official Giveaway 5000 BTC
Code: http://Giveaway.is https://i.postimg.cc/qvBnnTFT/gt.png Quote IP Address: 162.255.119.70 domain: giveaway.is nserver: dns1.registrar-servers.com nserver: dns2.registrar-servers.com dnssec: unsigned delegation created: August 2 2020 expires: August 2 2021 https://www.blockchain.com/btc/address/1D4ZoJ7MLhija5iaSjhnwiAdATNLdVfdVk Hope no body sending fund into scammer address Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 09, 2020, 12:56:38 AM Fake ethereum 2.0 project website (doubling ethereum by sending fund into scammer address)
Code: https://2ethereum.org/ https://i.postimg.cc/ZYfB6sTP/133.png Quote IP Address: 190.115.21.113 Domain Name: 2ethereum.org Top Level Domain: ORG (Organization) Registry Domain ID: D402200000014234500-LROR Registrar WHOIS Server: whois.reg.com Registrar URL: http://www.reg.com Updated Date: 2020-07-27T21:13:36Z Creation Date: 2020-07-27T20:18:40Z Registry Expiry Date: 2021-07-27T20:18:40Z Registrar Registration Expiration Date: Registrar: Registrar of Domain Names REG.RU LLC someone already got scammed https://etherscan.io/address/0x3ad072778446db654dee3ff5f80ac1e5ac12dd56#comments Be careful Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on August 11, 2020, 06:43:00 PM And it keeps on coming guys. This Elon Musk giveaways won't stop, Lol. Elon Musk's giveaway is coming again and like that it will continue to appear with new domains. Fake Giveaway Website; Code: https://tslahelp.me/ Quote Domain Name: TSLAHELP.ME Registry Domain ID: D425500000334572980-AGRS Registrar WHOIS Server: whois.registrar.eu Registrar URL: www.openprovider.com Updated Date: Creation Date: 2020-08-07T04:52:23Z Registry Expiry Date: 2021-08-07T04:52:23Z Registrar Registration Expiration Date: Registrar: Hosting Concepts B.V. d/b/a Openprovider Registrar Registrar IANA ID: 1647 Registrar Abuse Contact Email: Registrar Abuse Contact Phone: +31.104482297 https://i.gyazo.com/097b2fe851d9c3c1f242faa07408a9f6.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 12, 2020, 02:17:51 AM be aware fake or phishing myethereum wallet
Code: https://myetherwallet.com-to-the-access.com/index.php? https://i.postimg.cc/Y2fdNZjZ/11.png https://www.virustotal.com/gui/url/f6eef9a60ff436e51d729b5978d57c62bddaed38386c5781f883ec7b34304604/detection https://i.postimg.cc/Wbz0DHZM/yggy.png Quote Domain Name: myetherwallet.com-to-the-access.com Top Level Domain: COM (Commercial TLD) IP Address: 104.31.85.13 I found it by searching myetherwallet on google. be careful don't use google search. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 17, 2020, 03:59:28 AM "elon Musk" come back again
Code: https://spacex-btc.biz/ https://i.postimg.cc/3rySrmsk/eee.png Quote Domain Name: spacex-btc.biz IP Address: 104.28.13.46 Registry Domain ID: D2E1DCB3B1B0248D0B04EE759ED3AED23-NSR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-08-11T10:47:22Z Creation Date: 2020-08-06T10:47:17Z scammer address https://www.blockchain.com/btc/address/13Q4QoEK6uACXGDTGHmyLNoRNaBiAXgho4 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on August 21, 2020, 05:25:18 PM Elon Musk is back again and they create a community on telegram with the name "Bitrue Community" and they will automatically enroll you in the scamer group.
Beware the newbie who does not know about this. Website: https://autopoolcrypto.com/ http://archive.is/hcd78 https://i.gyazo.com/c274d470d1977b3465d7cb98ec932dcf.png A fake community on behalf of the Bitrue Community https://i.gyazo.com/b9359b4c4b4d216f65a7c520b2db9e11.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on August 26, 2020, 09:39:09 PM Another Ethereum fake giveaway:
Website: Code: https://vitalikbb.top/ ETH address: Code: 0xCE0aA8921eF80242F03aE1824E31ccF912bA1EB1 https://i.imgur.com/KHWHjnA.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on August 27, 2020, 08:28:18 AM Fake Binance is back in action on behalf of Airdrop SXP with currently Binance officially launching it so scamers take advantage of it with this kind of situation I hope a lot is avoided and I found it on the telegram channel with a fake telegram account.
Medium Website; https://bin-us.org Archived; https://archive.is/UcG29 https://i.ibb.co/rtLVtCr/118360939-326434365229925-4560552386578789490-n-horz.jpg Quote Domain Name: BIN-US.ORG Registry Domain ID: D402200000014487063-LROR Registrar WHOIS Server: whois.tucows.com Registrar URL: http://www.tucows.com Updated Date: 2020-08-26T13:03:59Z Creation Date: 2020-08-26T13:01:43Z Registry Expiry Date: 2021-08-26T13:01:43Z Registrar Registration Expiration Date: Registrar: Tucows Inc. Registrar IANA ID: 69 I don't know why I can't access it via PC, but using a cellphone can be accessed. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: cryptomaniac_xxx on August 27, 2020, 11:28:53 AM ^^ It can't be accessed because it has been blocked by Google already. Maybe someone has reported this site as a fake site resulting to Google giving us a "Deceptive Site" ahead message. But still a good catch.
Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Chikito on August 27, 2020, 11:51:13 AM I don't know why I can't access it via PC, but using a cellphone can be accessed. Like what cryptomaniac said a website has been reported Quote bin-us.org has been reported as a deceptive site. You can report a detection problem or ignore the risk and go to this unsafe site. Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org I think this for a clear browser only, when I try Tor, a website still live. https://i.ibb.co/qRBG09d/tor.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on August 27, 2020, 04:05:50 PM Guys fake Binance guys are back with a new domain name I think they will keep appearing incessantly I always find this picture on the channel on telegram ,,, oh my god when will they stop, ::)
Medium Website; https://supportbnb.com/ Archived; https://archive.is/GKRIj https://i.ibb.co/h1jdL2b/118052349-644252606219624-3647801255006654807-n-horz.jpg Quote Domain Name: SUPPORTBNB.COM Registry Domain ID: 2555885605_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://tucowsdomains.com Updated Date: 2020-08-27T09:24:07 Creation Date: 2020-08-27T09:22:19 Registrar Registration Expiration Date: 2021-08-27T09:22:19 Registrar: TUCOWS, INC. Registrar IANA ID: 69 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Registry Registrant ID: Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on September 03, 2020, 08:45:54 AM I again found a new domain about a fake giveaway from Binance whose site is similar to Medium, I will continue to post here if I find a new domain.
Medium Website: https://bin-crypto.com/ Archived: https://archive.is/wbmt7 Quote Domain Name: BIN-CRYPTO.COM Registry Domain ID: 2557250329_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://tucowsdomains.com Updated Date: 2020-09-02T16:56:38 Creation Date: 2020-09-02T14:11:09 Registrar Registration Expiration Date: 2021-09-02T14:11:09 Registrar: TUCOWS, INC. Registrar IANA ID: 69 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Registry Registrant ID: https://i.gyazo.com/081173c6d5f4991473ce4903c1cbfae3.png Title: Re: [Warning] Phishing Cryptocurrency Website Post by: OmegaStarScream on September 03, 2020, 03:37:18 PM I found two new phishing sites on /r/ExodusWallet:
#1: Code: Domain Name: exiodus.com #2: Code: Domain Name: exoduz.io Both sites are showing in Google ads. Be careful. Title: Re: [Warning] Phishing Cryptocurrency Website Post by: $crypto$ on September 05, 2020, 02:03:45 AM A new domain is back I will never be bored to keep exposing it here so everyone knows that in every new domain it remains the same in purpose.
Oh my God I always find this on telegram with lots of photo posts in crypto groups. Stay alert Medium Website; https://binancefound.com/ Archived; https://archive.is/9MY5M Quote Domain Name: BINANCEFOUND.COM Registry Domain ID: 2557660999_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.publicdomainregistry.com Registrar URL: www.publicdomainregistry.com Updated Date: 2020-09-04T12:36:36Z Creation Date: 2020-09-04T11:14:05Z Registrar Registration Expiration Date: 2021-09-04T11:14:05Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 Title: Re: [Warning] Phishing Cryptocurrency Website Post by: Baofeng on September 08, 2020, 11:20:13 PM Ethereum fake airdrop, this time no image of Vitalik but still the same modus.
Code: http://drop-eth.org/ https://i.imgur.com/9lQJMfg.png Quote Registrant Org Private Person Registrant Country ru Registrar Registrar of Domain Names REG.RU LLC IANA ID: 1606 URL: http://www.reg.com Whois Server: whois.reg.com (p) Registrar Status clientTransferProhibited, serverTransferProhibited Dates 43 days old Created on 2020-07-27 Expires on 2021-07-27 Updated on 2020-07-27 https://whois.domaintools.com/drop-eth.org Title: [Warning] Phishing Cryptocurrency Website [Bledner.io] Post by: Chikito on September 11, 2020, 12:00:20 AM Phishing Attempts
Code: https://bledner.io/ https://i.ibb.co/YWQ9ynx/bledner.png Quote Domain Name: bledner.io IP Address: 198.54.116.37 Registrar WHOIS Server: whois.namecheap.com Registrar URL: www.namecheap.com Updated Date: 2020-07-21T20:24:34Z Creation Date: 2020-07-21T20:22:34Z Registrant State/Province: Panama Registrant Country: PA bledner.io ≠ blender.io Original thread > https://bitcointalk.org/index.php?topic=5052876.0 Title: Re: [9/11/20] Phishing Cryptocurrency Website [bledner.io] Post by: Chikito on September 15, 2020, 12:01:20 AM Fake ripple airdrop
Code: https://ripplelab.in/ https://i.postimg.cc/sXhZ1qTb/phishing.png https://www.virustotal.com/gui/ip-address/31.170.161.89/relations https://www.virustotal.com/gui/ip-address/104.18.39.39/relations Quote Domain Name: X2RIPPLE.COM Registry Domain ID: 2559500620_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-09-13T15:52:30Z Creation Date: 2020-09-13T15:34:57Z Title: Re: [9/15/20] Phishing Cryptocurrency Website [ripplelab.in] Post by: Chikito on September 28, 2020, 10:29:57 AM Fake uniswap
Code: https://uniswapv.com/ https://i.postimg.cc/x8xhsNbF/1.png IP Address: 160.124.156.102 Quote Domain Name: UNISWAPV.COM Registry Domain ID: 2561189594_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.wildwestdomains.com Registrar URL: http://www.wildwestdomains.com Updated Date: 2020-09-22T02:43:35Z Creation Date: 2020-09-22T02:43:35Z https://www.virustotal.com/gui/ip-address/160.124.156.102/relations Look at relation IP had a lot of fake website https://i.postimg.cc/v83J8kSL/2.png Be careful! Title: Re: [9/28/20] Phishing Cryptocurrency Website [Uniswap.com] Post by: Chikito on October 05, 2020, 11:05:23 AM Fake Uniswap.ug
Code: https://uniswap.ug/ https://i.postimg.cc/3r03r6h3/1.jpg All relation fake crypto website https://www.virustotal.com/gui/ip-address/176.113.115.216/relations https://i.postimg.cc/8zNF6DkR/3.jpg Quote Domain Name: uniswap.ug IP Address: 176.113.115.216 Top Level Domain: UG (Uganda) Domain Name: uniswap.ug c/o registry.co.ug Registrar URL: https://registry.co.ug Address: 560 Neal Road North Katie, FL 07395 Registrar: UG Registrar Registrant Organization: Cooper-Lawrence Registrant State/Province: 696 Garrett Tunnel Rebeccaside, UT 05764 More similar Code: https://www.boostuni.com/ Fake bitcoin give away Code: https://socialbtc.org/ https://i.postimg.cc/s2ztz6cD/btccc.jpg Quote IP Address: 104.28.24.210 Domain Name: socialbtc.org Top Level Domain: ORG (Organization) Domain Name: SOCIALBTC.ORG Registry Domain ID: D402200000014818886-LROR Registrar WHOIS Server: whois.reg.com Registrar URL: http://www.reg.com Updated Date: 2020-10-04T09:42:30Z Creation Date: 2020-10-04T09:41:24Z Title: Re: [10/05/20] Phishing Cryptocurrency Website [Uniswap.ug and sosialbtc] Post by: Chikito on October 07, 2020, 09:28:14 AM Fake and Phishing
Code: https://coin-ex.ru/ https://i.postimg.cc/0NwjxXFY/fake.jpg Quote IP Address: 185.178.208.155 created: 2020-02-01T20:57:10Z paid-till: 2021-02-01T20:57:10Z free-date: 2021-03-04 also direct link into fake site; Code: https://besetchange.ru archived (https://archive.is/tn0XM) Title: Re: [10/10/20] Phishing Cryptocurrency Website [Fake Give Away UNI] Post by: Chikito on October 10, 2020, 12:37:16 PM Fake Free Give away UNI
Code: https://www.uni-fund.info/ https://i.postimg.cc/d1L6zCfH/p.jpg Quote IP Address: 91.189.114.29 Domain Name: UNIREWARD.ORG Registry Domain ID: D402200000014861830-LROR Registrar WHOIS Server: https://www.nic.ru/whois Registrar URL: https://www.nic.ru/whois Updated Date: 2020-10-09T08:42:38Z Creation Date: 2020-10-09T08:42:35Z Registry Expiry Date: 2021-10-09T08:42:35Z Fake Swap Fake governance proposal UNI, don't connect your wallet into this scam site. Code: https://unii.finance https://i.postimg.cc/KYHcGX9G/ko.jpg Quote IP Address: 44.239.19.102 Domain Name: unii.finance Registry Domain ID: 219d0ba149204e1aa693f80b96878f85-DONUTS Registrar WHOIS Server: whois.gandi.net Registrar URL: https://www.gandi.net Updated Date: 2020-09-23T19:49:46Z Creation Date: 2020-09-18T19:48:57Z Registry Expiry Date: 2021-09-18T19:48:57Z Be careful Title: Re: [10/11/20] Phishing Cryptocurrency Website [ binancezh.com and uniswapz.org] Post by: Chikito on October 11, 2020, 11:23:41 AM Phishing Binance website
Code: https://www.binancezh.com Code: https://accounts.binancezh.com/en/login https://i.postimg.cc/g0kxP4JV/binance.jpg https://www.virustotal.com/gui/ip-address/76.223.2.151/relations https://i.postimg.cc/ydDWDd0W/vrs.jpg Quote IP Address: 13.248.150.68 Domain Name: BINANCEZH.COM Registry Domain ID: 2432105214_DOMAIN_COM-VRSN Registrar WHOIS Server: grs-whois.hichina.com Registrar URL: http://www.net.cn Updated Date: 2020-05-01T01:40:02Z Creation Date: 2019-09-11T09:07:11Z Registry Expiry Date: 2022-09-11T09:07:11Z Registrar: Alibaba Cloud Computing (Beijing) Co., Ltd. Fake/Phishing Uniswap website Code: https://uniswapz.org/#/ https://i.postimg.cc/htwtHnkB/uniswapp.jpg IP relationship https://www.virustotal.com/gui/ip-address/199.188.206.67/relations https://i.postimg.cc/2jBMwDwW/tr2.jpg Let's look similar uniswap.org domain https://dnstwister.report/search?ed=756e69737761702e6f7267 Over identified 200+ domains similar to uniswap.org. Be careful. Don't input your mnemonic seed!. Title: Re: [10/12/20] Phishing Cryptocurrency Website [uniswcp.org and justswapv2.com] Post by: Chikito on October 12, 2020, 12:30:06 PM Again, phishing UNISWAP
Code: https://uniswcp.org https://i.postimg.cc/pddGzW38/uni1.jpg https://i.postimg.cc/vBg02PYZ/uni3.jpg Quote Domain Name: UNISWCP.ORG Registry Domain ID: D402200000014878925-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: Creation Date: 2020-10-11T13:56:19Z Registry Expiry Date: 2021-10-11T13:56:19Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc. Phishing JustSwap Code: https://justswapv2.com/ https://i.postimg.cc/8CDDS6JG/j1.jpg https://i.postimg.cc/435GNxV9/j2.jpg Quote Domain Name: JUSTSWAPV2.COM Registry Domain ID: 2562123388_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-10-06T20:30:16Z Creation Date: 2020-09-25T22:58:18Z Registry Expiry Date: 2021-09-25T22:58:18Z Registrar: NameCheap, Inc. Most everyday scammer try create the new phishing popular domain for scamming people, so be careful as always. Title: Re: [10/12/20] Phishing Cryptocurrency Website [uniswcp.org and justswapv2.com] Post by: Chikito on October 18, 2020, 10:45:55 PM Phishing give away
Code: https://uni-drop.com/ https://i.postimg.cc/R07SQ0gJ/111.jpg Quote IP Address: 172.67.148.245 Domain Name: UNI-DROP.COM Registry Domain ID: 2566549887_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-10-17T20:28:37Z Creation Date: 2020-10-17T20:26:57Z Registry Expiry Date: 2021-10-17T20:26:57Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Scammer address: https://etherscan.io/address/0xFEE8BeE7Bcf1dCDb452807380F096DD7baD838A8#tokentxns Title: Re: [10/18/20] Phishing Cryptocurrency Website [uni-drop.com] Post by: $crypto$ on October 19, 2020, 03:28:17 AM What happened: Ethereum Fake Giveaway
Code: https://ethereum.llc/ https://i.gyazo.com/7ea37bbe4b82318463dd47da76e538a3.png Quote Domain Name: ETHEREUM.LLC Registry Domain ID: D503300001187475244-LRMS Registrar WHOIS Server: whois.namecheap.com Registrar URL: www.namecheap.com Updated Date: 2020-10-14T00:08:37Z Creation Date: 2020-10-13T23:23:02Z Registry Expiry Date: 2021-10-13T23:23:02Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc Registrar IANA ID: 1068 Addres Scammer: https://etherscan.io/address/0x525A963eda51FB3A36730B3C3214946c6A137f55 Edit; In the wallet address there is already 1 Ether I do not know if this is the victim or their trick to install so many send but I noticed this is not sent except for himself. Title: Re: [10/18/20] Phishing Cryptocurrency Website [uni-drop.com] Post by: Chikito on October 26, 2020, 12:07:18 AM Phishing Uniswap
Code: https://app.uniswap.ws https://i.postimg.cc/L6vKc8rr/56.jpg Don't insert a mnemonic phrase there! Quote IP Address: 190.97.166.32 Reverse DNS: host-190-97-166-32.ccipanama.com Domain Name: app.uniswap.ws Top Level Domain: WS (Samoa) The relation IP https://www.virustotal.com/gui/ip-address/190.97.166.32/relations Title: [10/29/20] Phishing [Chipmixer Onion Link] Post by: Chikito on October 29, 2020, 12:35:23 PM Phishing and clone chipmixer dot onion
here the link. Code: http://chipmixqo7rmzyfm.onion/ All the links still alive. Title: Re: [10/29/20] Phishing [Chipmixer Onion Link] Post by: Baofeng on November 04, 2020, 09:14:55 PM They are back with Elon Musk face again:
Website: Code: https://musk-coins.com/ https://i.imgur.com/up8nrOb.png Archived: https://archive.is/5HUk2 Quote Registrar NameSilo, LLC IANA ID: 1479 URL: https://www.namesilo.com/,http://www.namesilo.com Whois Server: whois.namesilo.com (p) Registrar Status clientTransferProhibited Dates 19 days old Created on 2020-10-16 Expires on 2021-10-16 Updated on 2020-11-02 Name Servers DNS1.P03.NSONE.NET (has 2,191,036 domains) DNS2.P03.NSONE.NET (has 2,191,036 domains) DNS3.P03.NSONE.NET (has 2,191,036 domains) DNS4.P03.NSONE.NET (has 2,191,036 domains) Tech Contact Domain Administrator See PrivacyGuardian.org 1928 E. Highland Ave. Ste F104 PMB# 255, Phoenix, AZ, 85016, us (p) IP Address 167.172.215.127 - 12,568 other sites hosted on this server IP Location United States Of America - California - Santa Clara - Digitalocean Llc Title: Re: [11/04/20] Phishing [musk-coins] Post by: Chikito on November 05, 2020, 11:36:39 AM Phishing Uniswap
Code: https://uniswap.eth.link/ https://i.postimg.cc/3Jqdv1bv/ett.jpg The relation Ip address https://www.virustotal.com/gui/ip-address/35.241.8.114/relations https://i.postimg.cc/SKFRZs4Q/ethh.jpg Code: http://reality.eth.link/app/ https://i.postimg.cc/HsnrnR3m/eddf.jpg https://i.postimg.cc/K8g4rTds/eff.jpg Quote Domain Name: uniswap.eth.link IP Address: 35.241.8.114 Domain Name: eth.link Registry Domain ID: DO_520b95f2ed11344985fb3673d77ee786-UR Registrar WHOIS Server: whois.uniregistrar.com Registrar URL: uniregistrar.com Updated Date: 2020-09-09T19:33:09.937Z Creation Date: 2017-07-26T19:31:41.508Z Registry Expiry Date: 2021-07-26T19:31:41.508Z Already reported that IP here https://www.abuseipdb.com/ https://www.abuseipdb.com/check/35.241.8.114 Title: Re: [11/05/20] Phishing [Uniswap] Post by: Baofeng on November 08, 2020, 10:21:39 PM More of Elon Musk face here:
Code: https://money-tesla.com/ https://i.imgur.com/W2CTgoR.png Archived: https://archive.is/ZUdT6 Quote Registrant Domain Administrator Registrant Org See PrivacyGuardian.org Registrant Country us Registrar NameSilo, LLC IANA ID: 1479 URL: https://www.namesilo.com/,http://www.namesilo.com Whois Server: whois.namesilo.com (p) Registrar Status clientTransferProhibited Dates 5 days old Created on 2020-11-03 Expires on 2021-11-04 Updated on 2020-11-04 Name Servers DNS1.P08.NSONE.NET (has 2,195,035 domains) DNS2.P08.NSONE.NET (has 2,195,035 domains) DNS3.P08.NSONE.NET (has 2,195,035 domains) DNS4.P08.NSONE.NET (has 2,195,035 domains) Tech Contact Domain Administrator See PrivacyGuardian.org 1928 E. Highland Ave. Ste F104 PMB# 255, Phoenix, AZ, 85016, us (p) IP Address 165.227.0.164 - 24,478 other sites hosted on this server Title: Re: [11/08/20] Phishing [Elon Musk] Post by: Baofeng on November 10, 2020, 02:27:09 AM Criminals are still in the trail of Elon Musk face and name:
Code: https://elonmuskxpro.com/ https://i.imgur.com/Iv6XKAp.png Archived: https://archive.is/K9BJ8 Quote Registrant WhoisGuard Protected Registrant Org WhoisGuard, Inc. Registrant Country pa Registrar NAMECHEAP INC NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, clientTransferProhibited Dates 8 days old Created on 2020-11-01 Expires on 2021-11-01 Updated on 0000-12-31 Name Servers DNS1.REGISTRAR-SERVERS.COM (has 6,725,888 domains) DNS2.REGISTRAR-SERVERS.COM (has 6,725,888 domains) Tech Contact WhoisGuard Protected WhoisGuard, Inc. P.O. Box 0823-03411, Panama, Panama, pa (p) (f) IP Address 95.181.152.79 - 1 other site is hosted on this server Title: Re: [11/10/20] Phishing [elonmuskxpro] Post by: Chikito on November 12, 2020, 11:00:35 AM Fake UNI Airdrop
Code: http://uni-airdrop.org/ https://i.postimg.cc/j5jGvVp5/1.jpg the relation IP https://www.virustotal.com/gui/ip-address/199.188.206.67/relations Code: www.bit2x.uno Fake and phishing, doubled your Bitcoin. https://i.postimg.cc/9XyQ7ZYn/2.jpg Be aware!. Please help me to report. Title: Re: [11/12/20] Phishing [uni-airdrop.org and bit2x.uno] Post by: Baofeng on November 17, 2020, 10:01:11 PM Another one of the Elon Musk face.
Code: https://musk-giving.com/ https://i.imgur.com/uHaXse7.png Archived: https://archive.is/p8plD Quote Registrant Domain Administrator Registrant Org See PrivacyGuardian.org Registrant Country us Registrar NameSilo, LLC IANA ID: 1479 URL: https://www.namesilo.com/,http://www.namesilo.com Whois Server: whois.namesilo.com (p) Registrar Status clientTransferProhibited Dates 3 days old Created on 2020-11-14 Expires on 2021-11-14 Updated on 2020-11-14 Name Servers DNS1.P05.NSONE.NET (has 2,206,178 domains) DNS2.P05.NSONE.NET (has 2,206,178 domains) DNS3.P05.NSONE.NET (has 2,206,178 domains) DNS4.P05.NSONE.NET (has 2,206,178 domains) Tech Contact Domain Administrator See PrivacyGuardian.org 1928 E. Highland Ave. Ste F104 PMB# 255, Phoenix, AZ, 85016, us (p) IP Address 165.227.12.111 - 19,338 other sites hosted on this server Title: Re: [11/12/20] Phishing [uni-airdrop.org and bit2x.uno] Post by: Baofeng on December 07, 2020, 04:30:03 PM Here's one in Youtube:
Code: https://www.youtube.com/watch?v=w-5Ojc6YPl8 Website: Code: https://telegra.ph/Tesla-5000-BTC-Giveaway-Airdrop-12-01 https://i.imgur.com/c2oIMBg.png Archive: https://archive.is/SAHr6 Title: Re: [12/14/20] Phishing [coingecko.pro exchange] Post by: Chikito on December 15, 2020, 12:02:44 AM Fake coingecko.pro exchange
Code: https://coingecko.pro/ https://i.postimg.cc/R0czZW3Z/1.jpg https://i.postimg.cc/XJ46GnFc/2.jpg Quote IP Address: 104.27.144.172 Domain Name: COINGECKO.PRO Registry Domain ID: D503300001190052418-LRMS Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2020-11-21T16:44:17Z Creation Date: 2020-11-20T22:44:02Z Registry Expiry Date: 2021-11-20T22:44:02Z Registrar Registration Expiration Date: Registrar: Namesilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: afilias-abuse@namesilo.com Be careful guys, coingecko isn't exchange your Bitcoin. Title: Re: [12/14/20] Phishing [coingecko.pro exchange] Post by: Chikito on December 21, 2020, 05:35:25 AM Fake Binance Airdrop
Code: https://bindrop.co/ https://i.postimg.cc/brd2xJvL/binance.jpg Quote IP Address: 104.18.33.219 Domain Name: bindrop.co Registry Domain ID: DFC813AE066C44C3FAA917965A22AB098-NSR Registrar WHOIS Server: whois.publicdomainregistry.com Registrar URL: publicdomainregistry.com Updated Date: 2020-12-17T21:00:39Z Creation Date: 2020-12-17T20:07:06Z Registry Expiry Date: 2021-12-17T20:07:06Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 Registrar Abuse Contact Email: abuse@publicdomainregistry.com be aware, binance never airdrop bitcoin, don't send your btc to a phishing website. Title: Re: [12/21/20] Phishing [Binance Airdrop] Post by: Chikito on December 24, 2020, 11:39:37 AM Again, Fake/Phishing Uniswap
Code: http://www.uniswap-support.uniswap-company.com https://i.postimg.cc/Nfrc4tdx/uni.jpg Quote IP Address: 207.174.213.52 Domain Name: UNISWAP-SUPPORT.COM Registry Domain ID: 2580021293_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.registrar.eu Registrar URL: http://www.openprovider.com Updated Date: 2020-12-21T17:58:25Z Creation Date: 2020-12-21T17:53:22Z Registry Expiry Date: 2021-12-21T17:53:22Z Registrar: Hosting Concepts B.V. d/b/a Registrar.eu Registrar IANA ID: 1647 Registrar Abuse Contact Email: abuse@registrar.eu Ip Relationship https://www.virustotal.com/gui/ip-address/207.174.213.52/relations Quote Date resolved Domain 2020-12-22 uniswap-support.com 2020-12-22 cpcontacts.uniswap-support.com 2020-12-22 webmail.uniswap-support.com 2020-12-22 cpcalendars.uniswap-support.com 2020-12-22 www.uniswap-support.com 2020-12-22 uniswap-support.uniswap-company.com 2020-12-22 cpanel.uniswap-support.com 2020-12-22 mail.uniswap-support.com 2020-12-22 www.uniswap-support.uniswap-company.com 2020-12-22 autodiscover.uniswap-support.com 2020-12-22 webdisk.uniswap-support.com 2020-12-16 cpcontacts.uniswap-company.com 2020-12-16 webmail.uniswap-company.com 2020-12-16 webdisk.uniswap-company.com 2020-12-16 mail.uniswap-company.com 2020-12-16 autodiscover.uniswap-company.com 2020-12-16 www.uniswap-company.com 2020-12-16 cpcalendars.uniswap-company.com Be careful as usual. Title: Re: [12/24/20] Phishing [Uniswap Fake Airdrop] Post by: Chikito on December 26, 2020, 12:26:24 PM Fake Mycelium wallet on Android
https://play.google.com/store/apps/details?id=com.mycelium.pro https://i.postimg.cc/J0sRKH91/mycelium.jpg be aware, already 500+ installed, I hope they aren't lost Bitcoin. Title: Re: [12/26/20] Phishing [Mycelium wallet on Android] Post by: Baofeng on December 26, 2020, 10:18:29 PM Another one of the Elon Musk fake giveaway:
Website: Code: https://epaymentbtc.tumblr.com/ https://i.imgur.com/gYvwiGX.png Archived: https://archive.is/1BM88 Criminals uses tumblr now, if someone will help me report, it will be taken down very quickly. Title: Re: [12/27/20] Phishing [Fake Elon Musk giveaway] Post by: Chikito on December 29, 2020, 10:44:10 AM Phishing Paxful Exchange
Code: http://pioxul.com https://i.postimg.cc/JntT8vYF/pax.jpg Quote IP Address: 162.0.215.125 Domain Name: PIOXUL.COM Registry Domain ID: 2580599991_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2020-12-24T12:28:37Z Creation Date: 2020-12-24T12:28:27Z Registry Expiry Date: 2021-12-24T12:28:27Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Be aware, don't use google searching. the correct website is paxful.com. please reporting also into https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en and Namecheap domain. Title: Re: [12/29/20] Phishing [Paxful Exchange] Post by: Baofeng on January 01, 2021, 10:32:33 PM Another of Elon Musk Fake Giveaway:
Code: https://elon-crypto.fund/ https://i.imgur.com/Zefkw0y.png Archived: https://archive.is/YD5vs Quote Whois Record for Elon-Crypto.fund How does this work? Domain Profile Registrant REDACTED FOR PRIVACY Registrant Org WhoisGuard, Inc. Registrant Country pa Registrar NameCheap, Inc. IANA ID: 1068 URL: https://www.namecheap.com/ Whois Server: whois.namecheap.com (p) Registrar Status clientTransferProhibited Dates 33 days old Created on 2020-11-29 Expires on 2021-11-29 Updated on 2020-12-04 Name Servers AGUSTIN.NS.CLOUDFLARE.COM (has 17,893,112 domains) LAILA.NS.CLOUDFLARE.COM (has 17,893,112 domains) Tech Contact REDACTED FOR PRIVACY REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY (p) (f) IP Address 104.27.146.61 - 482 other sites hosted on this server Title: Re: [01/01/2021] Phishing [1inch.cc] Post by: Chikito on January 02, 2021, 10:03:14 AM Fake and Phishing 1inch.cc
Code: http://1inch.cc/ https://i.postimg.cc/QCcyJs3p/koli.jpg the related IP address: https://www.virustotal.com/gui/ip-address/103.253.140.164/relations here all fake using IP address: https://i.postimg.cc/DwS196SN/fake.jpg Quote IP Address: 103.253.140.164 Domain Name: 1INCH.CC Registry Domain ID: 153469856_DOMAIN_CC-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2020-12-29T00:47:50Z Creation Date: 2020-12-29T00:46:50Z Registry Expiry Date: 2021-12-29T00:46:50Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Be careful everyone!. Title: Re: [January 07-2021] Phishing [uinswop.org] Post by: Chikito on January 08, 2021, 12:00:28 AM Fake Uniswap (uinswop)
Code: https://app.uinswop.org/#/swap https://i.postimg.cc/QtBCCVZ1/fake.jpg Quote IP Address: 47.91.72.87 created: 2019-01-07T10:48:20Z last-modified: 2019-01-07T10:48:20Z etname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC Be careful, don't searching uniswap on google box. Title: Re: [January 08-2021] Phishing [Fake Uniswap] Post by: Baofeng on January 11, 2021, 11:50:01 PM Ah, the scammers are still having Elon face on their mouth, hehehe
Code: https://elon-free.fund/ https://i.imgur.com/xqAhd8k.png Archive: https://archive.is/V2Wko Quote Whois Record for Elon-Free.fund How does this work? Domain Profile IP Address 172.64.80.222 - 8 other sites hosted on this server IP Location United States Of America - California - San Francisco - Cloudflare Inc. ASN United States Of America AS13335 CLOUDFLARENET, US (registered Jul 14, 2010) IP History 1 change on 1 unique IP addresses over 0 years Hosting History 1 change on 2 unique name servers over 0 year Title: Re: [January 08-2021] Phishing [Fake Uniswap] Post by: Chikito on January 17, 2021, 01:55:17 AM Fake walletconnect.org Code: www.wallétconnect.org/ when you click Metamask wallet, will direct you to insert a private key and mnemonic phrase into a website where this will trap you to lose your balance. https://i.postimg.cc/P5m4F9sh/13.jpg Quote IP Address: 198.54.115.177 Domain Name: WALLELCONNECT.ORG Registry Domain ID: D402200000015707341-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-01-13T19:40:02Z Creation Date: 2021-01-13T19:39:48Z Registry Expiry Date: 2022-01-13T19:39:48Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc. Please help me to report this fake into https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en and also the namecheap company. Title: Re: [January 17-2021] Phishing [Fake walletconnect.org] Post by: Baofeng on January 18, 2021, 09:57:45 PM Added one of the list:
Code: https://givemusk.space/ Archived: https://archive.is/NJgIH https://i.imgur.com/khlpAQi.png Quote Whois Record for GiveMusk.space Registrant Country ua Registrar PDR Ltd. d/b/a PublicDomainRegistry.com IANA ID: 303 URL: https://publicdomainregistry.com Whois Server: whois.PublicDomainRegistry.com (p) Registrar Status addPeriod, clientTransferProhibited, serverTransferProhibited Dates 4 days old Created on 2021-01-14 Expires on 2022-01-14 Updated on 2021-01-14 Name Servers IGOR.NS.CLOUDFLARE.COM (has 17,823,023 domains) NOVA.NS.CLOUDFLARE.COM (has 17,823,023 domains) Tech Contact — IP Address 172.67.194.18 - 4 other sites hosted on this server Title: Re: [January 17-2021] Phishing [Fake walletconnect.org] Post by: $crypto$ on January 19, 2021, 03:52:11 AM List of Fake Giveaways added.
Surprisingly I was added to the fake giveaway group and there were lots of people getting it. I'm sure it was a bot that the owner had planned. Keep careful guys because various scamers have now been done. Website: Code: https://uni2021.com/ Archived: https://archive.is/iC7jG Quote Domain Name: UNI2021.COM Registry Domain ID: 2581870611_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://tucowsdomains.com Updated Date: 2020-12-31T18:37:10 Creation Date: 2020-12-31T18:22:43 Registrar Registration Expiration Date: 2021-12-31T18:22:43 Registrar: TUCOWS, INC. Registrar IANA ID: 69 https://i.ibb.co/xDsMXSg/Screenshot-3.png Title: Re: [January 17-2021] Phishing [Fake walletconnect.org] Post by: Baofeng on January 23, 2021, 11:36:27 PM Gemini fake 5000 BTC Giveaway
Code: https://airdrop-gemini.blogspot.com/ https://i.imgur.com/w880Fhu.png Archived: https://archive.is/hQZwM They are using blogspot platform to create this fake giveaway, so be very careful. Title: Re: [January 17-2021] Phishing [Fake walletconnect.org] Post by: Chikito on January 24, 2021, 12:00:30 AM Fake Exodus wallet
Code: https://exodus-wallet.net https://i.postimg.cc/fbGSzcdT/fake.jpg Quote IP Address: 5.252.177.28 Domain Name: EXODUS-WALLET.NET Registry Domain ID: 2586397948_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.PublicDomainRegistry.com Registrar URL: http://www.publicdomainregistry.com Updated Date: 2021-01-22T16:29:33Z Creation Date: 2021-01-22T15:50:27Z Registry Expiry Date: 2022-01-22T15:50:27Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 be careful, I fund this on google searching. Don't search exodus on the search box, always put the exact URL into the box https://www.exodus.io/ Title: [January 26-2021] Phishing BestChange (bestchainge.club) Post by: Chikito on January 26, 2021, 12:00:46 AM Be Aware Phishing Bestchange (bestchainge.club)
Code: https://bestchainge.club/ https://i.postimg.cc/Sxw1R3zN/best.jpg Quote IP Address: 8.208.95.37 Domain Name: bestchainge.club Registry Domain ID: D02C5C92724764F4BB77C25B75041590D-NSR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-01-24T20:19:12Z Creation Date: 2021-01-24T20:17:58Z Registry Expiry Date: 2022-01-24T20:17:58Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Registrar Abuse Contact Phone: +1.6613102107 the IP relationship; https://www.virustotal.com/gui/ip-address/8.208.95.37/relations https://i.postimg.cc/d0fdmZYq/qq.jpg be careful, always double-check the website url before actions. Title: Re: [January 26-2021] Phishing BestChange (bestchainge.club) Post by: Chikito on January 31, 2021, 01:15:37 AM Scam/Phishing validatewebwallets.online
Code: https://validatewebwallets.online/ https://i.postimg.cc/jSxwrVvL/1.jpg The website is a collective scam wallet where the user must put the mnemonic seed https://i.postimg.cc/qM0g8fPj/2.jpg Quote IP Address: 198.54.115.144 Domain Name: VALIDATEWEBWALLETS.ONLINE Registry Domain ID: D219626518-CNIC Registrar WHOIS Server: whois.namecheap.com Registrar URL: https://namecheap.com Updated Date: 2021-01-29T18:56:17.0Z Creation Date: 2021-01-29T18:56:02.0Z Registry Expiry Date: 2022-01-29T23:59:59.0Z Registrar: Namecheap Registrar IANA ID: 1068 Don't get in a trap. Title: Re: [January 31-2021] Phishing validatewebwallets.online Post by: $crypto$ on February 02, 2021, 02:09:49 PM Fake Giveaway Elon Musk
Again, fake Twitter with the name Elon Musk is familiar to me to find something like this, it will still be if the domain is new then I need to publish it here so that many people know and understand that this is a real scam. Website: Code: https://twitterspacex.com/ Archive (https://archive.is/wip/sceMF) https://i.gyazo.com/f80ef7ea34740a1465737a5f2e5c46aa.png Title: Re: [January 31-2021] Phishing validatewebwallets.online Post by: Chikito on February 03, 2021, 01:45:40 AM Phishing 1lnch.com and eosuniswap.org
Code: http://eosuniswap.org/ https://i.postimg.cc/rp5tNyXX/1.jpg Quote IP Address: 80.78.22.45 Domain Name: EOSUNISWAP.ORG Registry Domain ID: D402200000015649763-LROR Registrar WHOIS Server: whois.tucows.com Registrar URL: http://www.tucows.com Updated Date: 2021-01-29T17:59:10Z Creation Date: 2021-01-07T13:52:43Z Registry Expiry Date: 2022-01-07T13:52:43Z Registrar Registration Expiration Date: Registrar: Tucows Inc. Registrar IANA ID: 69 Registrar Abuse Contact Email: domainabuse@tucows.com Code: https://1lnch.com https://i.postimg.cc/85DfK8NF/2.jpg Quote IP Address: 185.178.208.154 Domain Name: 1LNCH.COM Registry Domain ID: 2585842188_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-01-21T18:09:35Z Creation Date: 2021-01-19T19:54:12Z Registry Expiry Date: 2022-01-19T19:54:12Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Again, don't searching in the google searching box, both are appear in there. don't get in a trap by typing mnemonic seed into a phishing website. Title: Re: [January 31-2021] Phishing validatewebwallets.online Post by: Baofeng on February 03, 2021, 09:20:34 PM There favourite fake of Crypto scam, Elon Musk:
Code: https://elon-bonus.org/ https://i.imgur.com/AX8i5AJ.png Archive: https://archive.is/xYkzi Quote Registrar NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, serverTransferProhibited Dates 4 days old Created on 2021-01-30 Expires on 2022-01-30 Updated on 2021-01-30 Name Servers DNS1.NAMECHEAPHOSTING.COM (has 1,025,457 domains) DNS2.NAMECHEAPHOSTING.COM (has 1,025,457 domains) Tech Contact — IP Address 198.54.120.190 - 101 other sites hosted on this server Title: Re: [January 31-2021] Phishing validatewebwallets.online Post by: Chikito on February 07, 2021, 11:32:58 AM Phishing walletsconnect.org
Code: http://walletsconnect.org https://i.postimg.cc/gjdcHWyF/phising.jpg IP Address: 169.255.59.11 Quote Domain Name: WALLETSCONNECT.ORG Registry Domain ID: D402200000015870070-LROR Registrar WHOIS Server: whois.web4africa.net Registrar URL: https://www.web4africa.net Updated Date: 2021-01-31T01:29:14Z Creation Date: 2021-01-31T01:29:13Z Registry Expiry Date: 2022-01-31T01:29:13Z Registrar Registration Expiration Date: Registrar: Web4Africa Inc. Registrar IANA ID: 664 Registrar Abuse Contact Email: abuse@web4africa.ne A website needs your mnemonic seed. just write it carefully if you want to be lost at all Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Baofeng on February 11, 2021, 11:13:07 PM another of these fake UNI giveaways. Stay away, there's no more airdrop or UNI giveaways
Website: Code: https://uni2021.org/ https://i.imgur.com/aLUmgIB.png archived: https://archive.is/q0vxN Quote Registrar Tucows Inc. IANA ID: 69 URL: http://www.tucows.com Whois Server: whois.tucows.com (p) Registrar Status clientTransferProhibited, clientUpdateProhibited, serverTransferProhibited Dates 19 days old Created on 2021-01-23 Expires on 2022-01-23 Updated on 2021-01-23 Name Servers NS101.CLOUDNS.NET (has 206,922 domains) NS102.CLOUDNS.NET (has 206,922 domains) NS103.CLOUDNS.NET (has 206,922 domains) NS104.CLOUDNS.NET (has 206,922 domains) Tech Contact — IP Address 185.178.208.165 - 68 other sites hosted on this server Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Baofeng on February 14, 2021, 09:55:38 PM Interesting to see a .ir (Iran) ccTLD now. Seems that Elon Musk face is all over the world now specially with his company and the recent news of the $1.5 billion crypto investment.
Website: Code: https://dropmuskx.ir/ https://i.imgur.com/drpiuoJ.png Quote Dates Expires on 2022-01-25 Updated on 2021-01-27 Name Servers COREY.NS.CLOUDFLARE.COM (has 17,663,523 domains) LUCIANA.NS.CLOUDFLARE.COM (has 17,663,523 domains) Tech Contact — IP Address 104.21.73.63 - 423 other sites hosted on this server Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: CryptoYar on February 17, 2021, 03:27:22 AM This is another fake giveaway website. But this time the dogecoin has also been included for their dirty scam.
What happened:: Fake Giveaways. Website Link: Code: https://musk.help/btc Archive Link: https://archive.vn/0NMUT https://i.ibb.co/fkKHZ41/13f93377e67bab24b5177e7144d4e6dfe744175cec7464c5c53b74d5adf970b1-1.png Quote 1 days old https://whois.domaintools.com/musk.helpCreated on 2021-02-15 Expires on 2022-02-15 Updated on 2021-02-15 Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Baofeng on February 18, 2021, 10:05:30 PM Another one of the fake Elon Musk giveaway:
Code: https://elon-musk.life/ https://i.imgur.com/KQo7xoa.png Archived: https://archive.is/GQdVi Quote Dates 4 days old Created on 2021-02-14 Expires on 2022-02-14 Updated on 2021-02-14 Name Servers COCO.NS.CLOUDFLARE.COM (has 17,646,005 domains) FELIPE.NS.CLOUDFLARE.COM (has 17,646,005 domains) Tech Contact REDACTED FOR PRIVACY (DT) REDACTED FOR PRIVACY REDACTED FOR PRIVACY (DT), REDACTED FOR PRIVACY (DT), REDACTED FOR PRIVACY, REDACTED FOR PRIVACY (DT), REDACTED FOR PRIVACY (p) (f) IP Address 172.67.207.146 - 6 other sites hosted on this server Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Baofeng on February 20, 2021, 11:05:32 PM Zilliq coin fake giveaway:
Code: http://zilmerits.com/ https://i.imgur.com/LUQShL8.png Archive: https://archive.is/kTrKs Quote Registrar OwnRegistrar, Inc. IANA ID: 1250 URL: http://www.ownregistrar.com Whois Server: whois.ownregistrar.com (p) Registrar Status clientTransferProhibited, ok Dates 2 days old Created on 2021-02-18 Expires on 2022-02-18 Updated on 2021-02-18 Name Servers NSA.WHOGOHOST.COM (has 63,013 domains) NSB.WHOGOHOST.COM (has 63,013 domains) Tech Contact REDACTED FOR PRIVACY (DT) WhoisSecure 18 San Carlos Street, Los Angeles, California, 94110, us (p) IP Address 198.12.126.210 - 201 other sites hosted on this server Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Baofeng on February 24, 2021, 11:18:05 PM Scammers won' stop with the Tesla and Elon Musk fake giveaways:
Code: https://elontesla.me/ https://i.imgur.com/tnXXCke.png Archived: https://archive.is/rRjhu Quote Dates 2 days old Created on 2021-02-22 Expires on 2022-02-22 Updated on 2021-02-22 Name Servers ALBERT.NS.CLOUDFLARE.COM (has 17,670,101 domains) DESI.NS.CLOUDFLARE.COM (has 17,670,101 domains) Tech Contact — IP Address 104.21.82.154 - 428 other sites hosted on this server Title: Re: [February 07-2021] Phishing walletsconnect.org Post by: Chikito on February 27, 2021, 03:38:04 AM Fake Ads Bitcoin.org (bitciioin.org)
https://i.postimg.cc/13Lc3gsp/fake.jpg Quote NAMECHEAP INC Whois Serverwhois.namecheap.com Referral URLhttp://www.namecheap.com StatusaddPeriod https://icann.org/epp#addPeriod serverTransferProhibited https://icann.org/epp#serverTransferProhibited Important Dates Expires On ; 2022-02-05 Registered On ; 2021-02-05 scammer use fake ads bitcoin.org to get a new user to download the wallet from the phishing, be a careful noob. Title: Re: [February 27-2021] Fake Ads Bitcoin.org (bitciioin.org) Post by: Baofeng on February 27, 2021, 11:35:36 PM Fake Elon Musk 5,000 BTC & 100,000 ETH & 100,000,000 DOGE Airdrop
Website: Code: https://muskteam.ml/?i=1 https://i.imgur.com/AVPgI0d.png Archived: https://archive.is/D4g4U Whois not available when I post this. Title: Re: [February 27-2021] Fake Ads Bitcoin.org (bitciioin.org) Post by: CryptoYar on March 01, 2021, 04:46:58 AM Another BNB fake giveaway
Website: Code: https://bnbbinance.com/ Archived: https://web.archive.org/web/20210301042039/https://bnbbinance.com/ https://i.ibb.co/SBNDh83/Screenshot-20210301-090945.jpg Quote Domain name: bnbbinance.com who is data (https://whois.domaintools.com/bnbbinance.com)Registry Domain ID: 2593376216_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-02-23T09:30:45.00Z Registrar Registration Expiration Date: 2022-02-23T09:30:45.00Z Registrar: NAMECHEAP INC Title: Re: [February 27-2021] Fake Ads Bitcoin.org (bitciioin.org) Post by: Baofeng on March 03, 2021, 10:27:00 PM Another of this Elon Musk 5,000 BTC & 100,000 ETH & 100,000,000 DOGE Airdrop
Code: http://musk-ch.com/ https://i.imgur.com/AVPgI0d.png Archived: https://archive.is/gxFWc Quote Registrar Epik Holdings Inc Epik Inc. IANA ID: 617 URL: http://www.epik.com Whois Server: whois.epik.com (p) Registrar Status clientTransferProhibited Dates 4 days old Created on 2021-02-27 Expires on 2022-02-27 Updated on 2021-02-27 Name Servers NS1.20MB.NL (has 96 domains) NS2.20MB.NL (has 96 domains) Tech Contact Privacy Administrator Anonymize, Inc. 1100 Bellevue Way NE, Ste 8A-601, Bellevue, WA, 98004, us (p) IP Address 185.239.243.112 - 75 other sites hosted on this server Title: Re: [February 27-2021] Fake Ads Bitcoin.org (bitciioin.org) Post by: Baofeng on March 07, 2021, 11:12:54 PM More of Elon Musk fake giveaways:
Code: https://musk-e-giveaway.live/ Title: Re: [February 27-2021] Fake Ads Bitcoin.org (bitciioin.org) Post by: Chikito on March 11, 2021, 12:01:25 AM Fake aave give away
Code: https://aave.fund/ https://i.postimg.cc/DwH9HtP4/1.jpg the user must send aave first to fake doubled balance. scammer address still 0; https://etherscan.io/address/0x949D0054aD1f5aBc69EA8bFd0436132a11A4ab34 even the website proof has a lot of fake transaction. Quote IP Address: 186.2.161.142 Domain Name: aave.fund Registry Domain ID: ee84de63484045f181f1277a5fe7ffc0-DONUTS Registrar WHOIS Server: whois.tucows.com Registrar URL: http://www.tucows.com Updated Date: 2021-03-10T16:48:57Z Creation Date: 2021-03-10T16:48:55Z Registry Expiry Date: 2022-03-10T16:48:55Z Registrar: Tucows Domains Inc. Registrar IANA ID: 69 Registrar Abuse Contact Email: domainabuse@tucows.com Registrar Abuse Contact Phone: 416.535.0123x1283 That IP's address has Flagged as Malicious by many anti-virus providers: https://www.virustotal.com/gui/ip-address/186.2.161.142/detection just be careful. Title: Re: [Updated March 14, 2021] Fake Myetherwallet and Uniswap Post by: Chikito on March 14, 2021, 01:09:35 PM Fake Myetherwallet and Uniswap.
Code: https://www.myetherwallet.love Code: https://app.uniswap.sg https://i.postimg.cc/8kYVn4zh/mew.jpg https://i.postimg.cc/VLbcytJ2/uni.jpg Quote Domain Name: MYETHERWALLET.LOVE Registry Domain ID: D225757403-CNIC Registrar WHOIS Server: whois.west.cn Registrar URL: http://www.west.cn Updated Date: 2021-03-13T11:16:12.0Z Creation Date: 2021-03-13T11:05:48.0Z Registry Expiry Date: 2022-03-13T23:59:59.0Z Quote IP Address: 162.213.251.198 Domain Name: app.uniswap.sg IP Relationship > https://www.virustotal.com/gui/ip-address/162.213.251.198/relations https://i.postimg.cc/s2BV2LxD/13.jpg The IP's Connected a lot of phishing, be aware, the scammer will continue using the same server to create one. Title: Re: [Updated March 14, 2021] Fake Myetherwallet and Uniswap Post by: Baofeng on March 14, 2021, 09:14:32 PM Another Elon Musk fake giveaway:
Code: teslab.us https://i.imgur.com/Pl8BjeM.png archive: https://archive.is/6CZJP Quote Dates 2 days old Created on 2021-03-12 Expires on 2022-03-12 Updated on 2021-03-12 Name Servers NS1.DNSOWL.COM (has 1,553,479 domains) NS2.DNSOWL.COM (has 1,553,479 domains) NS3.DNSOWL.COM (has 1,553,479 domains) Tech Contact REDACTED FOR PRIVACY (DT) REDACTED FOR PRIVACY (DT), REDACTED FOR PRIVACY (DT), CA, REDACTED FOR PRIVACY (DT), us (p) IP Address 107.161.23.204 - 159 other sites hosted on this server Title: Re: [Updated March 14, 2021] Fake Myetherwallet and Uniswap Post by: $crypto$ on March 15, 2021, 05:19:16 PM I found a phishing site with the name Trezor again. I think it's not only that there will definitely be more wallet phishing sites that want to drain your wallet, so I think we need as much as possible to catch it.
Web Phishing Trezor Code: https://xn--trezr-xob.com/ Quote 6 days old Created on 2021-03-09 Expires on 2022-03-09 Updated on 0000-12-31 https://i.ibb.co/kVLrtQf/Screenshot-14.png Title: Re: [Updated March 15, 2021]Web Phishing Trezor Post by: Chikito on March 24, 2021, 12:01:29 AM Scam walletinterlink.com
Code: https://walletinterlink.com/ Code: https://walletinterlink.com/wallet/ the user must write 12/24 mnemonic seed to connect the hardware/software wallet. https://i.postimg.cc/nLYdkL6W/1.jpg https://i.postimg.cc/SsgDBvQ7/2.jpg https://i.postimg.cc/zBzxPrNG/3.jpg. Quote IP Address: 68.65.122.141 .Domain Name: WALLETINTERLINK.COM Registry Domain ID: 2599482937_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-03-21T17:10:07Z Creation Date: 2021-03-21T17:09:44Z Title: Re: [Updated March 24, 2021]Web Phishing walletinterlink Post by: Baofeng on April 02, 2021, 11:03:53 PM Time to update another Elon Musk fake giveway:
Code: https://teslatw.org/ https://i.imgur.com/KNKIfjc.png Archive: https://archive.is/d40mm Quote Registrar NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, serverTransferProhibited Dates 2 days old Created on 2021-03-31 Expires on 2022-03-31 Updated on 2021-03-31 Name Servers LARS.NS.CLOUDFLARE.COM (has 18,240,762 domains) MAGDALENA.NS.CLOUDFLARE.COM (has 18,240,762 domains) Tech Contact — IP Address 172.67.192.94 - 6 other sites hosted on this server Title: [Updated 05 April 2021]Fake Electrum Wallet Post by: Chikito on April 05, 2021, 11:33:21 AM Another Fake Electrum Wallet
Code: https://electrum-i.com/ https://i.postimg.cc/MG6DX8qr/eel.jpg That's IP's had a lot of relation of fake wallet; https://www.virustotal.com/gui/ip-address/47.91.72.40/relations Code: jaxx-w.com https://i.postimg.cc/9fLrXdN7/w.jpg Who is IP/domain; Quote Domain Name: electrum-i.com IP Address: 47.91.72.40 Domain Name: ELECTRUM-I.COM Registry Domain ID: 2602721319_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.webnic.cc Registrar URL: http://www.webnic.cc Updated Date: 2021-04-04T19:30:30Z Creation Date: 2021-04-04T09:33:05Z Registry Expiry Date: 2022-04-04T09:33:05Z Registrar: Web Commerce Communications Limited dba WebNic.cc Registrar IANA ID: 460 Be careful to double-check and verify the download. Title: Re: [Warning] Fake Electrum Wallet [IP- 47.91.72.40] Post by: Baofeng on April 08, 2021, 10:52:41 PM Another fake Elon Musk giveaway
Code: https://embitcoins.org/ https://i.imgur.com/JhbGGlm.png Archived: https://archive.is/Jy5Jq Quote Registrant Org Privacy service provided by Withheld for Privacy ehf Registrant Country is Registrar NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status serverTransferProhibited Dates 9 days old Created on 2021-03-30 Expires on 2022-03-30 Updated on 2021-03-30 Name Servers DNS1.NAMECHEAPHOSTING.COM (has 1,067,851 domains) DNS2.NAMECHEAPHOSTING.COM (has 1,067,851 domains) Tech Contact — IP Address 198.187.31.229 - 544 other sites hosted on this server Title: Re: [Warning] Fake Electrum Wallet [IP- 47.91.72.40] Post by: Super Bitard on April 09, 2021, 11:48:25 AM How do you have to be a fool to fall for this link? Not a bit like the official link
Title: Re: [Warning] Fake Electrum Wallet [IP- 47.91.72.40] Post by: $crypto$ on April 10, 2021, 04:49:49 PM FAKE Trezor Wallert
Code: https://wallet.xn--trer-dbb4416b.com/ https://i.gyazo.com/768a058454497be60eed30e0e414c0c8.png The more phishing like this, I think the things scammers can do on this site, the most important thing for many people is to make them aware of this, especially beginners. The Trezor and Nano Ledger hardware wallets are typically targeted by scammers with phishing sites. Title: Re: [Warning] Fake Electrum Wallet [IP- 47.91.72.40] Post by: Chikito on April 11, 2021, 06:23:04 AM How do you have to be a fool to fall for this link? Not a bit like the official link people with carelessness and who don't care to double-check the website will fall into this trap. people who engage in google searching would be the scammer target also. people who always perform the advice will be safe.Title: [Updated 20 April 2021] Phishing Myetherwallet Post by: Chikito on April 20, 2021, 04:41:51 AM Phishing Myetherwallet
Code: https://myeteherewalete.com/ https://i.postimg.cc/tCr5cgCb/meww.jpg the website will ask the user to input mnemonic phrase or Ethereum private key. website created on 17 April 2021. Quote Domain Name: MYETEHEREWALETE.COM Registry Domain ID: 2605814689_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2021-04-17T18:12:20Z Creation Date: 2021-04-17T18:12:19Z Registry Expiry Date: 2022-04-17T18:12:19Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Be careful to do not to get into the trap. Title: Re: [Updated 20 April 2021] Phishing Myetherwallet Post by: Baofeng on April 22, 2021, 11:34:23 PM Fake and phishing site of https://foundation.app/, an NFT marketplace
Code: https://foundatlon.app/ https://i.imgur.com/r57KQRu.png Quote Registrant REDACTED FOR PRIVACY Registrant Org Privacy service provided by Withheld for Privacy ehf Registrant Country is Registrar Namecheap Inc. IANA ID: 1068 URL: https://www.namecheap.com/ Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, clientTransferProhibited Dates 1 days old Created on 2021-04-21 Expires on 2022-04-21 Updated on 2021-04-21 Title: Re: [Updated 20 April 2021] Phishing Myetherwallet Post by: Chikito on April 27, 2021, 12:42:37 AM Phishing Exodus Wallet
Code: https://exocdus.com https://i.postimg.cc/BbnQsNRr/fake.jpg Quote IP Address: 185.178.208.156 Domain Name: EXOCDUS.COM Registry Domain ID: 2579208200_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.reg.com Registrar URL: http://www.reg.ru the website will ask you to write your secret backup code, don't trap it. Title: Re: [Updated 27 April 2021] Phishing Exodus Wallet Post by: CryptoYar on April 27, 2021, 09:20:25 AM What happened: Riskmoon coin Fake giveaway
Website Link: Code: http://riskmoongiveaway.com/ Archive Link: https://archive.vn/K5Lwm https://i.ibb.co/5Tk0Dtq/24eed9dd5af84a259f2cf4f1662ad411fcc5c33ed2bf01db3d70bc19b437a990.png Quote from: DroomieChikito's post IP Address: 185.244.36.172 Domain Name: RISKMOONGIVEAWAY.COM Registry Domain ID: 2607346419_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-04-24T10:34:36Z Creation Date: 2021-04-24T10:33:35Z Registry Expiry Date: 2022-04-24T10:33:35Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Title: Re: [Updated 27 April 2021] Phishing Exodus Wallet Post by: Chikito on April 28, 2021, 03:15:13 AM No domain information available you can check using IP/domain tools such as https://ipinfo.info/html/ip_checker.php Code: http://riskmoongiveaway.com Quote IP Address: 185.244.36.172 Domain Name: RISKMOONGIVEAWAY.COM Registry Domain ID: 2607346419_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-04-24T10:34:36Z Creation Date: 2021-04-24T10:33:35Z Registry Expiry Date: 2022-04-24T10:33:35Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com that domain was created just 3 days ago. look that scam purpose only. you have also checked the relationship IP using virustotal tools: https://www.virustotal.com/gui/ip-address/185.244.36.172/relations then you will find that IP only creates for scams purpose. Code: www.moonboysgiveaway.safemoonreward.net Title: Re: [Updated 27 April 2021] Phishing Exodus Wallet Post by: CryptoYar on April 28, 2021, 07:54:52 AM No domain information available you can check using IP/domain tools such as https://ipinfo.info/html/ip_checker.php Quote you have also checked the relationship IP using virustotal tools: https://www.virustotal.com/gui/ip-address/185.244.36.172/relations Nice I will try. Thank youTitle: Re: [Updated 27 April 2021] Phishing Exodus Wallet Post by: Chikito on May 02, 2021, 08:25:42 AM Fake Chipmixer.co.uk (chipmixkd2wgbqoy.onion)
Code: https://chipmixer.co.uk/ Code: chipmixkd2wgbqoy.onion https://i.postimg.cc/vZ0bxRqw/wee.jpg Domain Name: chipmixer.co.uk IP Address: 104.21.38.201 https://www.virustotal.com/gui/ip-address/104.21.38.201/relations https://i.postimg.cc/gJqMrpsv/azx.jpg No onion link available when putting that site into the TOR browser. the real chipmixer will provide an onion link as the picture below, https://i.postimg.cc/TwYbqXGj/1133.jpg Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: $crypto$ on May 02, 2021, 08:23:47 PM FAKE Giveaway QTUM
Website Code: https://www.qtum.claims/block.html Quote 11 days old https://whois.domaintools.com/qtum.claimsCreated on 2021-04-21 Expires on 2022-04-21 Updated on 2021-04-26 https://i.gyazo.com/1596ee222aead55ff767159ea095232a.png https://i.gyazo.com/33d6cca1c7ac5b14c9b34fbf8b9012d6.png There is a lot of rubbish giveaway like this, I think you have to be careful whoever offers it on the telegram line should avoid it. Real Website: https://qtum.org/en Title: Re: [Updated 27 April 2021] Phishing Exodus Wallet Post by: ChipMixer on May 02, 2021, 09:10:27 PM the real chipmixer will provide an onion link as the picture below, If website provides onion link (as pictured) - it still may not be real website.If unsure - check ChipMixer ANN thread: https://bitcointalk.org/index.php?topic=1935098 Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: CryptoYar on May 04, 2021, 11:09:53 AM What happened: Another Riskmoon Fake Giveaway
Website Link: Code: http://riskmoon-giveaway.net/ Archive Link: https://archive.vn/KBKfA https://i.ibb.co/F0TX07h/dc79d72e2ca87440aee0d8a5ac34baede988e6395963dddf4f77a6895f9f34d9.png Scammer wallet: https://bscscan.com/address/0x3222467cdC2Ef5799D992443869Ef6F547D0C7e3 Domain name info Quote Registrar Status clientTransferProhibited, ok https://whois.domaintools.com/riskmoon-giveaway.netDates 2 days old Created on 2021-05-02 Expires on 2022-05-02 Updated on 2021-05-02 Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: $crypto$ on May 05, 2021, 04:33:18 PM Fake Trustpad (TPAD) FLASH Token-Sale is LIVE
Website Fake: Code: https://trustpad-sale.com/ Quote 4 days old https://whois.domaintools.com/trustpad-sale.comCreated on 2021-05-01 Expires on 2022-05-01 Updated on 2021-05-01 https://i.gyazo.com/409a83e6676994724642a6dac280d2d9.png Trustpad will officially announce the white list in public sale and it will be announced in the medium. So what is listed above is clearly a scam they are continuing to take advantage of the project situation which is going on a public sale so do not send ETH or USDT / USDC / TUSD in the wallet below. Address Scammers Code: 0x66987428309B05391270FD101f96083086D0d725 TrustPad Official Group: https://t.me/TrustPad TrustPad FAKE: https://t.me/tpaadsale Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: CryptoYar on May 06, 2021, 04:49:55 AM Another fake giveaway by the same group of scammers.
Website: Code: http://riskmoon-giveaway.com/ scammers wallet: 0x3222467cdC2Ef5799D992443869Ef6F547D0C7e3 (https://bscscan.com/address/0x3222467cdC2Ef5799D992443869Ef6F547D0C7e3) ( previously used in riskmoon-giveaway.net) Domain: Registrar Status clientTransferProhibited Dates 1 days old Created on 2021-05-04 Expires on 2022-05-04 Updated on 2021-05-04 whois info source (https://whois.domaintools.com/riskmoon-giveaway.com/) Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: Chikito on May 06, 2021, 11:18:31 AM Another fake giveaway by the same group of scammers. It's the same relationship IP address as your post aboveWebsite: Code: http://riskmoon-giveaway.com/ That IP has been flagged. when I look at the relationship > https://www.virustotal.com/gui/ip-address/185.244.36.172/relations I find another giveaway such: holg-giveaway. Code: holg-giveway.com https://i.postimg.cc/s2cJV4f8/1.jpg Quote 4 days old https://whois.domaintools.com/trustpad-sale.comCreated on 2021-05-01 Expires on 2022-05-01 Updated on 2021-05-01 That IP also related (https://www.virustotal.com/gui/ip-address/172.67.168.226/relations) on this site, which providing high return investment (possible scam). Code: https://247smartnet.online/ https://i.postimg.cc/jj6K6jbS/werr.jpg the real chipmixer will provide an onion link as the picture below, If website provides onion link (as pictured) - it still may not be real website.If unsure - check ChipMixer ANN thread: https://bitcointalk.org/index.php?topic=1935098 Thanks to point that. I had already also reported the .onion link at the past (https://bitcointalk.org/index.php?topic=5197078.msg55477539#msg55477539). seems all those already baned. Title: Re: [Updated 02 Mei 2021] Phishing Chipmixer.co.uk (chipmixkd2wgbqoy.onion) Post by: $crypto$ on May 07, 2021, 05:36:50 PM Wilder World Fake Public Sale
Website: Code: 1. https://wilderworld.polkastarter.com.es/Sale.html# Quote % NOTE: The registry for this domain name does not publish ownership % records (whois records) in the standard format. This data % represents the most likely status of the domain based on % information provided by the Internet's domain name servers (DNS). domain: polkastarter.com.es status: taken nameserver: ns1.dns-parking.com nameserver: ns2.dns-parking.com % For more information, please visit http://www.nic.es/ https://i.gyazo.com/2d4d6f3d50a26fe37e32a45931bd9022.png Scammers Address: 0xA397076BA3464E6Fb5fde4cBF996fE5492680726 (https://etherscan.io/address/0xA397076BA3464E6Fb5fde4cBF996fE5492680726) https://i.gyazo.com/1b37d48bfc685a7896299f500876048b.png Scammers Address: 0xFD43FDb66e121fc6A587eD6FF9E3AbCC48c79564 (https://etherscan.io/address/0xFD43FDb66e121fc6A587eD6FF9E3AbCC48c79564) All Wilder World Public sales are bogus and their official ones start on May 11th Quote 🚨 Our Initial DEX Offering is just around the corner. May 11th is the day we launch Wilder World on Polkastarter! 🎉 Real Website: https://www.wilderworld.com/ Polkastarter Fake Website: Code: http://polkastarter.com.es/ Fake: https://i.gyazo.com/43378b1e8acc5255180fa727821277a7.png Real: https://i.gyazo.com/6ab85676d0a27f17eb9d04523e1c2e22.png Title: Re: [Updated 07 May 2021]Wilder World Fake Public Sale Post by: $crypto$ on May 08, 2021, 06:10:16 PM FAKE Giveaway 1 000 000 ETH
Website: Code: https://eth-ceo.org/ Quote 1 days old Created on 2021-05-07 Expires on 2022-05-07 Updated on 2021-05-07 https://i.gyazo.com/a6f17bebbb839ba1483465cc46e751d2.png https://i.gyazo.com/f8745e1b1ce7b20d64e5766a2dddbfd5.png Scammers wallet Code: 0x95f0badc4e2db83fa4327f057e1a06ad2e6c867c Be careful with this fake giveaway because it is promoted on popular channels that have a lot of followers so it's better to avoid it and leave telegrams that promote this fake. Fortunately, I saw that no one had deposited it in the wallet yet. Title: Re: [Updated 07 May 2021]Wilder World Fake Public Sale Post by: Baofeng on May 08, 2021, 11:51:16 PM The never ending Elon Musk fake bitcoin giveaways:
Code: http://snlmusk.com/ https://i.imgur.com/tmWtDjw.png Quote Dates 2 days old Created on 2021-05-06 Expires on 2022-05-06 Updated on 2021-05-06 Name Servers DELL.NS.CLOUDFLARE.COM (has 19,076,155 domains) ED.NS.CLOUDFLARE.COM (has 19,076,155 domains) Tech Contact REDACTED FOR PRIVACY (DT) REDACTED FOR PRIVACY (DT), REDACTED FOR PRIVACY (DT), California, REDACTED FOR PRIVACY (DT), us (p) IP Address 178.175.148.167 is hosted on a dedicated server Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: Chikito on May 09, 2021, 11:42:01 AM Phishing uniswap-meta Wallet
Code: http://uniswap-meta.org https://i.postimg.cc/dQh5HNV0/xae.jpg https://i.postimg.cc/qBWj9cNx/axw.jpg Quote IP Address: 45.141.159.64 Domain Name: UNISWAP-META.ORG Registry Domain ID: D402200000016532905-LROR Registrar WHOIS Server: whois.registrar.eu Registrar URL: http://www.openprovider.com Updated Date: 2021-04-28T13:47:55Z Creation Date: 2021-04-14T06:14:00Z Registry Expiry Date: 2022-04-14T06:14:00Z Registrar Registration Expiration Date: Registrar: Hosting Concepts B.V. d/b/a Registrar.eu the relationship IP > https://www.virustotal.com/gui/ip-address/45.141.159.64/relations The scammer still using the same server (IP address) to create another phishing. better to report that IP than domain. https://i.postimg.cc/RZZ6dyvs/qw.jpg I still to warning people to do not to write your detail (mnemonic seed) into phishing or another website. Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: $crypto$ on May 09, 2021, 03:49:04 PM FAKE Public Sale Polkarare and QoinIQ
Website: Code: https://prare-sale.com/ Quote Created on 2021-05-09 Expires on 2022-05-09 Updated on 2021-05-09 Quote 2 days old Created on 2021-05-07 Expires on 2022-05-07 Updated on 2021-05-07 Scammers wallet Code: 0xc1f258f090a080097041f0b6BC4DDd510339725F https://i.gyazo.com/efa02e527ecce39f60a09edbc7af60a0.png https://i.gyazo.com/1f957edc8e910b6033893a1ce56f154f.png QoinIQ IEO Start 17 may on Probit Polkarare IEO Start 10 May on Gate.io Now that more IDO will be cloned in their fake sales I see the scammers wallets look the same and are controlled by a group of people. Be careful. Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: $crypto$ on May 11, 2021, 05:10:03 PM FAKE Public Sale Solanium
Website: Code: https://solanium-sale.com/ Scammers wallet Code: 0xc1f258f090a080097041f0b6BC4DDd510339725F https://i.gyazo.com/7d352e3873100902b43487374238d880.png Solanium has not made a public sale yet and is currently on a whitelist so you should look closely that solanium has not announced a public sale yet. It must be differentiated and don't let the case come back because I see in the contents of the scamers wallet there are many assets in it and I am sure that it is the money they make with the fake sale. Fake Public Sale Wilder World Webiste: Code: https://polkastarter.ltd/WilderWorld https://i.gyazo.com/7e646bb7c809e31ed092f9fa288eb2eb.png Tokens (WILD) have been traded, you can see here https://www.coingecko.com/en/coins/wilder-world#markets Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: Baofeng on May 12, 2021, 07:38:10 PM Another of the Polka fake site
Code: https://polkastarter.art/ Archived: https://archive.is/cFS9p https://i.imgur.com/jSHMoCx.png Quote Dates 1 days old Created on 2021-05-11 Expires on 2022-05-11 Updated on 2021-05-11 Name Servers DNS1.NAMECHEAPHOSTING.COM (has 1,083,830 domains) DNS2.NAMECHEAPHOSTING.COM (has 1,083,830 domains) Tech Contact — IP Address 66.29.132.84 - 13 other sites hosted on this server Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: $crypto$ on May 14, 2021, 07:06:06 PM FAKE Giveaway Dogecoin
Website: Code: https://dogecoin.claims/ Quote 6 days old https://whois.domaintools.com/dogecoin.claimsCreated on 2021-05-08 Expires on 2022-05-08 Updated on 2021-05-13 https://i.gyazo.com/821ce2f20a7e2ea9191c2c1f254b8fd6.png Scammers wallet Code: DHQSTXYAezWzZUci5ibnhk2G6t8rY21XCv Before Ethereum and now Doge that appeared in a fake giveaway with the same appearance, there will definitely be more fake giveaway appearing. I will continue to monitor and report it here. Title: Re: [Updated 09 May 2021]Phishing uniswap-meta Wallet Post by: Chikito on May 17, 2021, 08:02:44 AM Phishing Walletconnection.org
Code: https://walletsconection.org/ https://i.postimg.cc/wvjj7zgw/12223.jpg Quote IP Address: 104.219.248.87 Domain Name: WALLETSCONECTION.ORG Registry Domain ID: D402200000016757164-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-05-08T17:46:48Z Creation Date: 2021-05-08T17:46:27Z Registry Expiry Date: 2022-05-08T17:46:27Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc. Be careful do not to write the mnemonic seed into a phishing site. The real website of walletconnect is https://walletconnect.org/ we don't need to write the mnemonic seed if use the real website Title: Re: [Updated 17 May 2021]Phishing Walletconnection.org Post by: Chikito on May 22, 2021, 12:05:55 PM Fake Give Away 1inch.gift
Code: https://www.1inch.gift/ https://i.postimg.cc/Hx1x4m4p/fake.jpg There is a fake doubling 1inch token. more phishing found with the IP; https://www.virustotal.com/gui/ip-address/185.178.208.137/relations https://i.postimg.cc/RVHD2zcr/qw.jpg Domain Information; Quote IP Address: 185.178.208.137 Domain Name: 1inch.gift Registry Domain ID: DO_5b65b02f31c7b22fb5b613cd33a130c5-UR Registrar WHOIS Server: whois.tucows.com Registrar URL: www.tucowsdomains.com Updated Date: 2021-05-21T17:01:09.944Z Creation Date: 2021-05-21T16:55:16.111Z Registry Expiry Date: 2022-05-21T16:55:16.111Z Registrar: Tucows Domains Inc. Registrar IANA ID: 69 Be careful don't get the trap. Title: Re: [Updated 22 May 2021]Fake Give Away 1inch.gift Post by: $crypto$ on May 28, 2021, 12:39:18 PM Fake Giveaway Dogecoin
Website: Code: https://dogecoingive.org/ Quote 38 days old https://whois.domaintools.com/dogecoingive.orgCreated on 2021-04-20 Expires on 2022-04-20 Updated on 2021-04-20 https://i.gyazo.com/a7ed33172f1475588e9068e6af655835.png https://i.gyazo.com/8985c8c417f3ded6972e7b9cc8c9e701.png More and more evil in the big multiplier when sending doges so be careful. All ways are scammers, but it's all impossible. Take care of your assets. Title: Re: [Updated 22 May 2021]Fake Give Away 1inch.gift Post by: Chikito on June 01, 2021, 11:26:06 AM I just found the link phishing chipmixer Clearnet and onion link on the review website
Code: https://onion.best/chipmixer/ Code: http://chipmixqiuseiw76.onion/ https://i.postimg.cc/XN1KfGCD/qweer.jpg I'm pretty sure all the link inside the review is fake https://onion.best/reviews/bitcoin-mixers/ So, if you please report that blog to the authority. About Fake and Phishing chipmixer, I found A lot when searching it using DuckDuckGo and Ahmia machines. Code: https://chipmixerr.com/ https://archive.is/gJ6VP https://archive.is/sdn3s https://archive.is/CGNoH https://archive.is/DgmEo https://archive.is/555lk https://archive.is/gJ6VP https://archive.is/hX2Ys https://archive.is/Hq0Ha Those all still active and some of them aren't new and were reported a few years ago. Title: Re: [Updated 22 May 2021]Fake Give Away 1inch.gift Post by: ChipMixer on June 01, 2021, 10:21:05 PM I just found the link phishing chipmixer Clearnet and onion link on the review website There is no need to give fake review website clickable link.Code: https://onion.best/chipmixer/ I'm pretty sure all the link inside the review is fake Code: https://onion.best/reviews/bitcoin-mixers/ Title: Re: [Updated 22 May 2021]Fake Give Away 1inch.gift Post by: Chikito on June 01, 2021, 10:29:08 PM I just found the link phishing chipmixer Clearnet and onion link on the review website There is no need to give fake review website clickable link.Code: https://onion.best/chipmixer/ I'm pretty sure all the link inside the review is fake Code: https://onion.best/reviews/bitcoin-mixers/ *Link was edited Title: Re: [Updated 01 June 2021]Phishing Chipmixer on Review Website Post by: $crypto$ on June 07, 2021, 05:56:46 PM Trezor Phishing Site
Website: Code: https://xn--trezr-79a.io/ Quote Domain Name: XN--TREZR-79A.IO Registry Domain ID: D503300001198758855-LRMS Registrar WHOIS Server: whois.namecheap.com Registrar URL: www.namecheap.com Updated Date: 2021-06-06T19:30:25Z Creation Date: 2021-06-06T19:30:22Z Registry Expiry Date: 2022-06-06T19:30:22Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc Registrar IANA ID: 1068 https://i.gyazo.com/feb97db3b851f3dfba03ce4b1aa7aec9.png https://i.gyazo.com/e7a42b46e79f074695864c364fcf6d79.png The problem of doing a search on Google still cannot be prevented from having ads on the first page, so if you are still in the habit of typing on Google, it is necessary to pay attention to which site is the official one. It's better to visit the site by typing into the official site, I think this is easy to memorize. Title: Re: [Updated 01 June 2021]Phishing Chipmixer on Review Website Post by: $crypto$ on June 10, 2021, 12:34:59 PM Walletconnect Phishing Site:
Website: Code: https://wallets-sync.com/?v Quote Domain name: wallets-sync.com Registry Domain ID: 2614307331_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-05-23T16:20:51.00Z Registrar Registration Expiration Date: 2022-05-23T16:20:51.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 https://i.gyazo.com/9554bd4cd634ddd514ddea9ed592678c.png https://i.gyazo.com/0a7c2fa97488edf82d095349ae160e60.png The original website will not display several other altcoin logos but this is just an engineering for those who don't know to enter the seed of the phrase, therefore avoid this kind of thing and be careful again in seeing the original URL. I'm here showing the original Walletconnect site: https://walletconnect.org/ Title: Re: [Updated 01 June 2021]Phishing Chipmixer on Review Website Post by: $crypto$ on June 11, 2021, 03:27:54 PM Fake Giveaway Safemooncash
Website: Code: https://safemooncash-giveaway.org/ Quote Domain Name: SAFEMOONCASH-GIVEAWAY.ORG Registry Domain ID: D402200000017031766-LROR Registrar WHOIS Server: whois.reg.com Registrar URL: http://www.reg.com Updated Date: 2021-06-09T15:17:26Z Creation Date: 2021-06-09T15:12:22Z Registry Expiry Date: 2022-06-09T15:12:22Z Registrar Registration Expiration Date: Registrar: Registrar of Domain Names REG.RU LLC Registrar IANA ID: 1606 https://i.gyazo.com/b9f93994dc860ccaf91301e29b16071b.png https://i.gyazo.com/df89dbdf0d465baf3dd5e6b6f5483938.png Safemooncash has never held a giveaway like this, and those who do this are certainly scammers who want to trap you, if someone of you asks about this then we need to say this is a scam under the guise of a safemooncash giveaway and be careful, if there is a slight loophole it can harm others. Official site: https://safemooncash.org/ Title: Re: [Updated 01 June 2021]Phishing Chipmixer on Review Website Post by: Chikito on June 14, 2021, 04:56:07 AM Phishing pancakeswap.cheap
Code: https://docs.pancakeswap.cheap/ https://i.postimg.cc/cJGRkVPb/1.jpg Quote IP Address: 62.210.177.59 Domain Name: docs.pancakeswap.cheap Top Level Domain: CHEAP Malformed request. inetnum: 62.210.128.0 - 62.210.255.255 org: ORG-ONLI1-RIPE netname: IE-POOL-BUSINESS-HOSTING descr: IP Pool for Iliad-Entreprises Business Hosting Customers country: FR admin-c: IENT-RIPE tech-c: IENT-RIPE status: LIR-PARTITIONED PA mnt-by: MNT-TISCALIFR-B2B created: 2012-11-02T11:40:24Z last-modified: 2016-02-22T16:26:23Z This IP Relationship > https://www.virustotal.com/gui/ip-address/62.210.177.59/relations https://i.postimg.cc/QxR1V2Nd/2.jpg Usually the scammer IP's always connected to another phishing site, like the post above. Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on June 15, 2021, 07:54:53 PM Trezor Phishing Site: {Pay attention to the domain name again}
Website: Code: http://wwwtrezar.io/start/ Quote Domain Name: WWWTREZAR.IO Registry Domain ID: D503300001198700345-LRMS Registrar WHOIS Server: whois.eranet.com Registrar URL: http://www.eranet.com Updated Date: 2021-06-04T19:12:13Z Creation Date: 2021-06-04T19:02:01Z Registry Expiry Date: 2022-06-04T19:02:01Z Registrar Registration Expiration Date: Registrar: Eranet International Limited Registrar IANA ID: 1868 https://i.gyazo.com/dd7b0bc8dfeb239ec46e4b2b33a83677.png When we click on one of the images above, we will be directed to enter a 24-word phrase. https://i.gyazo.com/1b8c07506f2f40d5b85ea810fe3435a7.png Well I hope you never follow the instructions from this phishing site if you don't want to lose your money. Scams are constantly trying to trick you with new scripts you may not even be aware of. Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on June 16, 2021, 04:43:36 PM Exodus Phishing Site
Website: Code: https://exocdus.ws Quote Domain Name: EXOCDUS.WS Domain ID: 6D243EFB0DCBE2B0E050010AAC0133D7 WHOIS Server: whois.rrpproxy.net Registrar URL: http://rrpproxy.com Updated Date: 2021-06-02T11:59:36Z Creation Date: 2021-06-02T11:59:36Z Registrar Registration Expiration Date: 2022-06-02T11:59:36Z Registrar: Key-Systems GmbH Registrar IANA ID: 1345 https://i.gyazo.com/81b0aae272905535aba38c9c3b2771fd.png Pay attention again to the domain carefully because now phishing sites are rife everywhere including inserting in social media and also google searches, therefore there is no need to type carelessly on google, just go with the original site and the correct URL, it is far safe. Official site: https://www.exodus.com/ Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: Chikito on June 17, 2021, 12:50:36 AM Trezor Phishing Site: {Pay attention to the domain name again} Exodus Phishing Site Seems fake or phishing wallet will not decrease every day, the scammer uses the same trick and IP every creates a new domain. because I also find phishing atomic wallet again. Code: https://atomicwallet.dev/ https://archive.is/CfL7d https://i.postimg.cc/qRc4Qbhk/1.jpg Quote Domain Name: atomicwallet.dev IP Address: 169.239.128.161 Registry Domain ID: 45E0B8631-DEV Registrar WHOIS Server: whois.nic.google Registrar URL: None Updated Date: 2021-04-06T22:19:46Z Creation Date: 2021-04-01T22:19:46Z Registry Expiry Date: 2022-04-01T22:19:46Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 just download and scanning wallet.exe using virus total; https://www.virustotal.com/gui/file/20731b55bc3657f5fc65d94deb02182b63ec3ef4da8ac0a53eb7c553cd239d91/detection Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on June 17, 2021, 11:43:59 AM Trezor Phishing Site: {Pay attention to the domain name again} Exodus Phishing Site Seems fake or phishing wallet will not decrease every day, the scammer uses the same trick and IP every creates a new domain. because I also find phishing atomic wallet again. The exodus phishing wallet is back with a new domain after I found it yesterday but it's still the same trick. Website: exodus.cx Archived: https://web.archive.org/web/20210617114319/https://exodus.cx/ Quote Domain Name: exodus.cx Registry Domain ID: 1881037-CoCCA Registry WHOIS Server:: whois.coccaregistry.org Updated Date: 2021-06-02T08:32:48.542Z Creation Date: 2021-05-26T09:48:11.184Z Registry Expiry Date: 2022-05-26T09:48:11.374Z Registrar Registration Expiration Date: 2022-05-26T09:48:11.374Z Registrar: CentralNic Ltd Reseller: Paymall s.r.o. Reseller Street Address: Opletalova 921/6, New Town Reseller Other Address Info: Prague 1, 11000 Reseller Country: CZ (Registrar is GB ) Reseller Phone: +420.601523999 Reseller Fax: +420.775097485 Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: CryptoYar on June 17, 2021, 12:04:54 PM 10,000,000 MATIC Fake Giveaway
Website link: Code: https://matic.gifts/info Twitter: Code: https://twitter.com/MATIC_BONUS https://i.ibb.co/R0yHJyq/3e6b7caf0a50de476fd5f61303ce93be94d40e45f2c1013914fc0c92d905dcf4.png Scammer's wallet: https://polygonscan.com/address/0x97C0F0DD48Db9dd487D26108568a05F542cB230C Quote Dates 3 days old Whois (https://whois.domaintools.com/matic.gifts)Created on 2021-06-14 Expires on 2022-06-14 Updated on 2021-06-14 Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: CryptoYar on June 19, 2021, 07:37:48 AM 50,000 ETH and 5000 BTC Fake Giveaway
Website link: Code: https://etherlive.org/ethgives Scammer's wallets: Code:
https://i.ibb.co/Hp2ZjZf/e98a28555ceb4b6b3632ab06539b1cdacb47a28ed8f0a41c237eebca0e547e92.png Quote Dates 3 days old Created on 2021-06-16 Expires on 2022-06-16 Updated on 2021-06-16 Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on June 19, 2021, 01:44:22 PM Fake Uniswap
Website: Code: https://xn--app-unswap-6sb.cc/ info whois https://whois.domaintools.com/xn--app-unswap-6sb.cc https://i.gyazo.com/581b86f0043443a2ef7297cae3305f4a.png Uniswap Pancakswap 1inch Etc. There will be more phishing sites they will continue to spread with the name of the famous and largest DEX exchange of course this will continue to be done by fraudsters to get more money. I will continue to report in this thread and archive it. Official site: https://app.uniswap.org/#/swap?lng=en-US Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: Chikito on June 22, 2021, 04:59:02 AM Fake Investment with High return.
Code: https://crypto-peak.net https://i.postimg.cc/sX13zXmX/f1.jpg And possible with fake-proof licenses also. https://i.postimg.cc/TYNF89Sr/90.jpg Whois Lookup Quote NetRange: 68.65.120.0 - 68.65.123.255 CIDR: 68.65.120.0/22 NetName: NCNET-7 NetHandle: NET-68-65-120-0-1 Parent: NET68 (NET-68-0-0-0-0) NetType: Direct Allocation OriginAS: AS16626, AS11855, AS174, AS4323, AS3356, AS22612, AS20454, AS32421 Organization: Namecheap, Inc. (NAMEC-4) RegDate: 2015-03-06 Updated: 2015-03-06 Comment: http://namecheap.com Comment: for any abuse please use: abuse@namecheap.com Ref: https://rdap.arin.net/registry/ip/68.65.120.0 OrgName: Namecheap, Inc. OrgId: NAMEC-4 Address: 11400 W. Olympic Blvd. Suite 200 City: Los Angeles StateProv: CA PostalCode: 90064 Country: US RegDate: 2011-01-28 IP RElationship with another phishing https://www.virustotal.com/gui/ip-address/68.65.122.141/relations Code: www.coinobase.com https://i.postimg.cc/ZYM1BmPG/koil.jpg Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on June 22, 2021, 03:57:15 PM MetaMask Phishing Site
Website: Code: https://metakmax.com/ Quote Domain name: metakmax.com Registry Domain ID: 2621214123_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-06-21T17:34:14.00Z Registrar Registration Expiration Date: 2022-06-21T17:34:14.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 https://i.gyazo.com/736549ac63457f68cdc5efdcfc1a0573.png Pay more attention to the domain, phishing will never go away once I do, increase your awareness to do any search on true google if you are more likely to be a trap for you. Official site: https://metamask.io/ Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: Chikito on June 29, 2021, 01:20:37 AM Website: exodus.cx Archived: https://web.archive.org/web/20210617114319/https://exodus.cx/ Exodus Wallet still the favorite of phisher to traping user, I found one, Code: https://exodus.ac https://i.postimg.cc/2SQsMtJX/2.jpg Quote Domain Name: EXODUS.AC Registry Domain ID: D503300001198542592-LRMS Registrar WHOIS Server: whois.rrpproxy.net Registrar URL: http://www.key-systems.net Updated Date: 2021-05-29T19:25:34Z Creation Date: 2021-05-29T19:25:29Z Registry Expiry Date: 2022-05-29T19:25:29Z IP relationship > https://www.virustotal.com/gui/ip-address/185.178.208.182/relations https://i.postimg.cc/xdqW8d8B/3.jpg (https://postimages.org/) Title: Re: [Updated 14 June 2021]Phishing pancakeswap.cheap Post by: $crypto$ on July 02, 2021, 12:04:41 PM DEAD
Website: Code: https://exocdus.co/ Quote Domain Name: exocdus.co Registry Domain ID: DF30A1D443461467F8407478A87604E7A-NSR Registrar WHOIS Server: Registrar URL: https://key-systems.net Updated Date: 2021-05-31T10:15:26Z Creation Date: 2021-05-26T10:15:20Z Registry Expiry Date: 2022-05-26T10:15:20Z Registrar: Key-Systems GmbH Registrar IANA ID: 269 https://i.gyazo.com/5c5af16f6d88f5329a1acbfbdd439cb1.png The appearance of phishing sites is almost the same as those found above. Phishing still continues to rely on the same script and only the domains are constantly changed like this, there is no tired of the fraudsters continuing to take their actions by displaying on google ad pages when doing a search. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: Chikito on July 05, 2021, 03:36:24 AM Fake and Phishing pancakeswap tools
Code: http://hiccup.pancakeswap.tools https://archive.is/WNyeN https://i.postimg.cc/13dwJYj7/qq.jpg Quote IP Address: 62.210.177.59 Geolocation: FR (France), N/A, N/A, N/A N/A - Google Maps Reverse DNS: s12.cdn-hd.com Domain Check Domain Name: hiccup.pancakeswap.tools Top Level Domain: TOOLS (Manufacturing Industry) The relation IP address with scammer; https://www.virustotal.com/gui/ip-address/62.210.177.59/relations https://i.postimg.cc/sx22F3BY/xx.jpg Be careful nobs, always check the URL correctly, and don't give any seed/private key. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 08, 2021, 01:32:45 PM Trust Wallet Fake Wallet
Website: Code: https://xn--tustwallet-85b.com/ Quote Domain name: xn--tustwallet-85b.com Registry Domain ID: 2625228437_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-07-08T12:19:57.00Z Registrar Registration Expiration Date: 2022-07-08T12:19:57.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 https://i.gyazo.com/ca5180e667e637b18d3ad53b18c9c65c.png Never enter a private key/phrase on this phishing site, it's clear that there are many traps now, avoid it and look at it more carefully. Don't be in a hurry and truswallet never asks for a key phrase/key on its website. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 08, 2021, 02:52:06 PM Coinomi phishing site
Website: Code: https://tatsks.com/ Quote 315 days old Created on 2020-08-27 Expires on 2021-08-27 Updated on 2020-08-27 https://i.gyazo.com/a2da9db30eeb2cb9cc4648f49f3854ba.png The trick is the same as above Coinomi also never asks for a phrase on its website and this is clearly a phishing site that asks for your phrase and I think in terms of domains, they are very different, only the script is the same, so pay attention again more carefully. Scammers like him have spread many phishing sites with different or the same scripts, so don't just randomly enter suspicious phrases. Official site: https://www.coinomi.com/en/ Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: Chikito on July 11, 2021, 12:06:32 PM Trust Wallet Fake Wallet Coinomi phishing site We found too many phishing wallet, trust wallet, coinomi and, Phishing Metamask Wallet Code: https://meta-mask.co https://i.postimg.cc/Z5NH8pQc/meta.jpg The scammer uses the same trick as above by inserting the mnemonic seed to get all user coins. as we know metamask wallet only asks mnemonic seed if the user first registering the wallet. this means if already registered the user only needs a password. An important point is always double-checked the URL and bookmarked it into the browser. Domain Information; Quote IP Address: 67.207.81.229 Domain Name: meta-mask.co Registry Domain ID: DD0B3077F0D0F4E3B82D5AD385883EC41-NSR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-05-22T14:42:01Z Creation Date: 2021-05-17T14:41:56Z Registry Expiry Date: 2022-05-17T14:41:56Z Registrar: NameCheap, Inc. again, Phishing exodus wallet Code: https://exoduswebv.com/ https://i.postimg.cc/RVBpgPcY/exodus.jpg (https://postimages.org/) never giving up your mnemonic seed into the phishing site. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 12, 2021, 11:56:28 AM Trust Wallet Fake Wallet Trust Wallet Fake Wallet Website: Code: https://trustwalleta.com/ Quote Created on 2021-07-12 Expires on 2022-07-12 Updated on 0000-12-31 https://i.gyazo.com/dc0a9b0a314eb0fb695b4596b24d555e.png The script remains the same as before, just changing the domain, pay attention again and never enter a phrase/seed on any site. Keep your assets. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: CryptoYar on July 12, 2021, 05:23:00 PM Bitcoincash phishing website
Website: Code: https://www.bitcolncash.org/wallets/#mobile-wallets Domain info: Quote 242 days old https://i.ibb.co/rkBdTFs/d95c04b278832158b9f343c32e697659863f49f73f27f6f4b54dd2a929d7de2f.pngCreated on 2020-11-12 Expires on 2021-11-12 Updated on 2021-03-11 Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 13, 2021, 02:04:13 PM Metamask Phishing Wallet
Website: Code: https://extension-metamask.com.maxoutsms.com/ https://archive.is/lDHVy https://web.archive.org/web/20210713135755/https://extension-metamask.com.maxoutsms.com/ Quote Domain Name: maxoutsms.com Registry Domain ID: 2480891938_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2020-10-23T10:44:11Z Creation Date: 2020-01-16T12:02:44Z Registrar Registration Expiration Date: 2022-01-16T12:02:44Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 https://i.gyazo.com/e6b091ed1b1dbaa9a404a88020ecd1c3.png https://i.gyazo.com/cc38c92a651011da7a69c25cc5a0f1d4.png Metamask is another target for phishing and now with this new domain the trick is almost the same just a little change in appearance but we should be able to examine it in more detail. What @DroomieChikito said we should check the URL and bookmark it to the browser to make it much safer and no need to type again. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 15, 2021, 01:34:11 PM Dangerous sites never click them all phishing
Website: Code: https://x2elon.space/ https://archive.is/wip/dDEgP https://archive.is/wip/FmiHz https://archive.is/wip/TdCUW Info Domain https://whois.domaintools.com/x2elon.space https://whois.domaintools.com/m-poloniex.us https://whois.domaintools.com/bittrex-global-on.com https://i.gyazo.com/642d7ccf006c01b326e7edd3b2a1c074.png https://i.gyazo.com/3f52477022ac68b7f1b68226fc96465d.png https://i.gyazo.com/919b56d4ba4346926a7196d5e178d80b.png Elon Musk Giveaway - is fake and no one gives double rewards after sending BTC, beware. Poloniex is a phishing site pay attention to the URL. Bittrex is the same as Poloniex a phishing site and pays attention to the URL again. Better to bookmark the original site to your browser. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 17, 2021, 02:28:33 PM Code: https://atomicwallet.dev/ Trust Wallet and Atomic Phishing Website: Code: https://trust-wallet-app.xyz/ Info Domain Quote Created on 2021-07-17 Expires on 2022-07-17 Updated on 2021-07-17 Quote 73 days old Created on 2021-05-05 Expires on 2022-05-05 Updated on 2021-07-04 https://i.gyazo.com/2cf9c7683f6152aaa91e1ba51872800e.png https://i.gyazo.com/1646d81c092c85c11008618b77a7aab0.png Trust Wallet - This trick is still using the same no change at all however they have updated the domain today, and I think they have plenty of backup domains to create a phishing site. Atomic - Still the same before but the domain must be considered again, the fraudsters always scamers in the spelling of the domain letters. Keep your assets. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: Chikito on July 19, 2021, 03:44:30 AM Trust Wallet - This trick is still using the same no change at all however they have updated the domain today, and I think they have plenty of backup domains to create a phishing site. A scammer just bought 1 server/VPS and create many domains (free) at the same time. this has been happening ever since this thread was created. which can be proven by the IP relationship with every site he created.Just be careful when the website comes from those IPs, they could be trying to another way. Code: https://trust-wallet-app.xyz/ https://www.virustotal.com/gui/ip-address/104.21.78.15/relations Found this Code: ethereum-code.me Code: https://atomicwailet.io/ https://www.virustotal.com/gui/ip-address/185.178.208.182/relations Found this Code: www.itrustwallet.org Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: CryptoYar on July 19, 2021, 05:19:13 AM blockchain wallet phishing website promoted through google ads.
website: Code: https://login.blockcchalh.com/#/login https://i.ibb.co/2NxDVnb/Screenshot-20210719-100731.jpg Interestingly if we try to access this website through PC, it looks something like this https://i.ibb.co/HCcfmL4/3ff57492472f0e9f323cb1a51294c8b51e58d49906824e10f54757a9d73f794b.png It seems that scammers only targeting mobiles users. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 22, 2021, 05:19:50 PM Exodus Phishing Wallet
Website: Code: https://exoduxs.com/ Quote 1 days old Created on 2021-07-21 Expires on 2022-07-21 Updated on 2021-07-21 https://i.gyazo.com/e74632f75f17efdc66f8adaacb911baa.png A scammer just bought 1 server/VPS and create many domains (free) at the same time. this has been happening ever since this thread was created. which can be proven by the IP relationship with every site he created. Possibly this is also the same thing with scamers who have created free domains from free servers/VPS and it seems this might be an easier trick to get more domains.Just be careful when the website comes from those IPs, they could be trying to another way. Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: CryptoYar on July 23, 2021, 06:38:04 AM WalletConnect phishing website.
Website link: Code: https://www.livewallet-connect.site/ Archive: https://archive.vn/ZDZIE Domain info. Quote 4 days old Created on 2021-07-18 Expires on 2022-07-18 Updated on 2021-07-18 https://i.ibb.co/vHJgy4h/059e9b016c9f93442e968227ce1cb44f33cd5d1058c3eff01e4ee41572880079.png Domain names on the same IP address: Code: www.livewallet-connect.site Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: Chikito on July 23, 2021, 11:17:22 AM Possibly this is also the same thing with scamers who have created free domains from free servers/VPS and it seems this might be an easier trick to get more domains. sure, there are many vouches for free VPS and domain that possibility the scammer create the phishing site only one day.@mole0815 can post (https://bitcointalk.org/index.php?topic=1935098.msg57519697#msg57519697) it here. Again, Phishing Chipmixer Code: https://chipmixẹr.com Code: https://xn--chipmixr-z30d.com https://i.postimg.cc/RFMGvrb3/2.jpg Where I found it?, google searching. https://i.postimg.cc/bNM6kBdM/1.jpg Quote Domain Name: chipmixẹr.com IP Address: 162.213.251.90 Domain Name: XN--CHIPMIXR-Z30D.COM Registry Domain ID: 2518953138_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-04-01T08:02:34Z Creation Date: 2020-04-26T15:22:12Z Registry Expiry Date: 2022-04-26T15:22:12Z The IP's relationship. https://www.virustotal.com/gui/ip-address/162.213.251.90/relations Code: https://exellentinvest.com/ Title: Re: [Updated]Phishing Exodus.ac Wallet Post by: $crypto$ on July 23, 2021, 12:52:44 PM @mole0815 can post (https://bitcointalk.org/index.php?topic=1935098.msg57519697#msg57519697) it here. I also found a fake review about Chipmixer and even that is the same as what you just said, it seems this review has been around since 9-09-2020 was published.Again, Phishing Chipmixer Where I found it?, google searching. The scammers actually insert their phishing sites in their original writings, if they don't look carefully, of course this will be a trap too. https://bitcoin2.biz/mixer/7-chipmixer-review.html Fake review Onion URL: https://chipmixerwzxtzbw.online/ Fake https://i.gyazo.com/abcaf8b627a5b081cf20bd2d960e1c10.png The URL writing looks real but when clicked or copied the URL will be different. Kraken Phishing Site Website: Code: https://kraken-yb.com/sing-in/sign-in/us-home/ Quote Kraken-zp.com 1 days old Created on 2021-07-22 Expires on 2022-07-22 Updated on 0000-12-31 Quote Kraken-Yb.com 5 days old Created on 2021-07-18 Expires on 2022-07-18 Updated on 0000-12-31 https://i.gyazo.com/f7106d12489b431216317490a23bc2bf.png The display at login is the same there is no difference but we have to check the URL clearly and it is very different. So they created the same 2 phishing sites. When I wanted to open the Kraken site and do a search, it turned out that there was a phishing site that was tucked into the first page of Google search. [moderator's note: consecutive posts merged] Title: Re: [Updated] Phishing chipmixẹr.com [23/7/2021] Post by: CryptoYar on July 26, 2021, 01:50:12 PM Another bitcoin & ethereum fake giveaway
website Link: Code: https://eventbyether.org Quote 1 days old Created on 2021-07-25 Expires on 2022-07-25 Updated on 2021-07-25 https://i.ibb.co/qgRS3H8/a77a3d94f0269e0742f885c9b36160c5d8f4e0a155907d286bf32a06530447f5.png Wallet addresses: Code: Btc: 17fSZdSZMPXE4qcVENAYECk8WqwJC77yR5 Title: Re: [Updated] Phishing chipmixẹr.com [23/7/2021] Post by: $crypto$ on July 26, 2021, 08:06:42 PM Shibaswap Phishing Site
Website: Code: https://www.shibaswap.pw/ Quote Domain Name: SHIBASWAP.PW Registry Domain ID: D239117758-CNIC Registrar WHOIS Server: whois.joker.com Registrar URL: http://joker.com Updated Date: 2021-06-23T21:43:41.0Z Creation Date: 2021-06-14T21:22:33.0Z Registry Expiry Date: 2022-06-14T23:59:59.0Z Registrar: CSL Computer Service Langenbach GmbH Registrar IANA ID: 113 https://i.gyazo.com/daa72a4d9a800a74e43eeba15f9c5296.png https://i.gyazo.com/ceb1a98f3b789309021236df9a27ce6e.png https://www.facebook.com/permalink.php?story_fbid=111089124597542&id=102901985416256 Phishing has appeared on my Facebook homepage and now they have more and more fake pages and the now I've been trying to report it, the more people report it the sooner it will be killed Keep checking back especially for newbies who just see this on your Facebook. SWAP official website: https://shibaswap.com/ Title: Re: [Updated] Phishing chipmixẹr.com [23/7/2021] Post by: $crypto$ on July 30, 2021, 05:17:59 PM wallectconnect.com Phishing
Website: Code: https://wallectconnect.com/ Quote Domain name: wallectconnect.com Registry Domain ID: 2603139687_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-04-06T08:34:13.00Z Registrar Registration Expiration Date: 2022-04-06T08:34:13.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 https://i.gyazo.com/d9f4a0868e64c5386d4270580e5a1e3a.png Official site: https://walletconnect.org/ Always avoid phishing sites and pay attention to the URL if it's better then you have to save it in bookmarks Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: Chikito on August 03, 2021, 12:01:57 AM Phishing Uniswap
Code: http://app.uniswap.org.airdrop-holders-liquidity.com scammer trying to trap the user with false connects with metamask to get the mnemonic seed. https://i.postimg.cc/28FFSfFT/1.jpg (https://postimages.org/) Quote IP Address: 192.99.170.97 domain Name: app.uniswap.org.airdrop-holders-liquidity.com https://www.virustotal.com/gui/ip-address/192.99.170.97/relations Also, be aware of fake google ads bitcoin core https://i.postimg.cc/Z5vbLJ7x/2.jpg (https://postimages.org/) Code: https://www.biltucoin.org/ Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on August 03, 2021, 04:08:48 PM Pancakeswap Phishing Site
Website: Code: https://pancakeios.com/ Quote from: https://whois.domaintools.com/pancakeios.com 1 days old Created on 2021-08-02 Expires on 2022-08-02 Updated on 0000-12-31 https://i.gyazo.com/b2804786092b18ef91dc25a8b46c5665.png This phishing site ad is being promoted on the sponsor's Facebook page and I think there will be more to it than that. So we never click from unknown pages and try to pay attention to the URL when visiting it. Title: Re: [Updated] Phishing Metamask Wallet Post by: Chikito on August 09, 2021, 01:20:22 AM Phishing Metamask Wallet
Code: connectmetamaks.com https://i.postimg.cc/tCHRtmgD/aq.jpg Quote IP Address: 198.54.126.105 omain Name: connectmetamaks.com Top Level Domain: COM (Commercial TLD) Domain Name: CONNECTMETAMAKS.COM Registry Domain ID: 2631666767_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-08-05T10:41:54Z Creation Date: 2021-08-05T10:41:29Z Registry Expiry Date: 2022-08-05T10:41:29Z Be careful that IP address and domain has correlated with another scam and phishing, you can check it here > https://www.virustotal.com/gui/ip-address/198.54.126.105/relations https://i.postimg.cc/L53cVDy0/1.jpg that habit can't be erased, once he scammer will be forever, he just changes the domain with the same trick. just be careful, they are around us. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on August 09, 2021, 05:48:39 PM Pancakeswap Phishing Site
Website: Code: https://pancakeaps.finance/ Quote Domain Name: pancakeaps.finance Registry Domain ID: e61813cd5d2c4d949111211b9a7d81f5-DONUTS Registrar WHOIS Server: whois.namecheap.com Registrar URL: https://www.namecheap.com/ Updated Date: 2021-08-09T09:25:50Z Creation Date: 2021-08-09T09:23:54Z Registry Expiry Date: 2022-08-09T09:23:54Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 https://i.gyazo.com/c1edfdfc3a9ae6d2bcca46bc94ec69e7.png I see almost every day phishing is always there, and this afternoon I found the Pancakeswap phishing site with a different name now and the one that was not accessible anymore, so it's true these scamers have changed the name a lot to fool beginners who don't even know the script no difference at all. It's much better to bookmark the original URL than having to type it if you can't tell the difference. But I'm sure there must be people trapped outside the forum. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on August 16, 2021, 01:33:58 PM Binance Giveaway Fake
Website: Code: https://bince-x2x3bonus.com/ Quote Domain Name: bince-x2x3bonus.com Registry Domain ID: 2633563772_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.registrar.eu Registrar URL: http://www.registrar.eu Updated Date: 2021-08-13T12:52:57Z Creation Date: 2021-08-13T10:52:45Z Registrar Registration Expiration Date: 2022-08-13T10:52:45Z Registrar: Hosting Concepts B.V. d/b/a Registrar.eu Registrar IANA ID: 1647 https://i.gyazo.com/45556c50bf90fc8699197d4ebb912cf3.png Fake giveaways have appeared again and they have added a lot of members on the telegram channel, so for beginners who just know please be careful never to send any funds offered by them on telegram. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: CryptoYar on August 18, 2021, 04:22:11 PM Fake BTC and Eth Giveaway
Website: Code: https://elon-musk2021.com/ Domain info: Quote 1 days old Created on 2021-08-17 Expires on 2022-08-17 Updated on 2021-08-17 Scammers promoting this website on YouTube along with a video clip of the bitcoinword conference. Video link: https://youtu.be/KYdm5mzd2Mk Scammers wallets: Code: Btc: 0xE09Ac45DE32feD3489e8891d22dD6EA9FdEFCA64 Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on August 19, 2021, 04:30:48 PM Walletconnet Phishing Site:
Website: Code: https://waletconnector.com/ Quote Domain Name: waletconnector.com Registry Domain ID: 2603389585_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.registrar.eu Registrar URL: http://www.registrar.eu Updated Date: 2021-04-07T07:44:12Z Creation Date: 2021-04-07T05:42:13Z Registrar Registration Expiration Date: 2022-04-07T05:42:13Z Registrar: Hosting Concepts B.V. d/b/a Registrar.eu Registrar IANA ID: 1647 https://i.gyazo.com/ad600c452b0c0b034d062cf8fbaec107.png There is no difference the script remains the same and it seems like scamers continue to use this script but they only change in terms of the spelling of the domain, and this is the most important thing to pay attention to. stay alert. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on August 27, 2021, 01:37:58 PM Two TrustWallet phishing sites
Website: Code: https://titrustwallat.com/ https://archive.ph/LdcJi https://archive.ph/wip/5afJ6 Quote Created on 2021-08-27 Expires on 2022-08-27 Updated on 2021-08-27 Quote 92 days old Created on 2021-05-27 Expires on 2022-05-27 Updated on 2021-06-15 https://i.gyazo.com/5ce461345ff78ee698c4f5e7e0f727c6.png https://i.gyazo.com/679c645d70d43e2f51084ae11fbfee59.png Phishing sites always ask for your phrase to be entered into the site so, beginners should be careful and look at the URL again and distinguish it from the original, because a group of scamers now have a lot of advertising on Facebook that almost resembles the original page. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: Ultegra134 on August 31, 2021, 05:56:10 PM I don't get how I fell for such a scam, when there's even a thread about it right here. (I was just informed by another user about this thread). I don't get why I didn't look it up earlier before conducting such a stupid move. Anyway, do not trust anyone on Discord, and keep in mind that project officials/admins will NEVER DM you.
This was a lesson for me, I almost lost all the money I was talking about in my Bitcointalk appreciation thread (https://bitcointalk.org/index.php?topic=5356169). It would suck big time if now I made a thread "How I lost all my money". The website I'm referring to is the following: Code: Website: https://multibridge-dapps.com/ I put my private key there, because it wouldn't automatically "authorize". What a dumbass I am. Fortunately, my gut instinct kicked in and the very next second I did that stupid move, I moved all my funds to another wallet. Be safe, do not trust anyone and never input any confidential information EVER! Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: Chikito on September 01, 2021, 11:46:10 AM I put my private key there, because it wouldn't automatically "authorize". What a dumbass I am. Fortunately, my gut instinct kicked in and the very next second I did that stupid move, I moved all my funds to another wallet. Be safe, do not trust anyone and never input any confidential information EVER! You have to edit that link to unclickable to avoid another user access it Code: https://multibridge-dapps.com/ that could be a lesson for you and everyone to recheck and always learning in the next time. the website was created 14 days ago which purposes for the scam. Quote IP: 198.187.31.167 Domain Name: MULTIBRIDGE-DAPPS.COM Registry Domain ID: 2633753046_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-08-14T17:47:29Z Creation Date: 2021-08-14T17:33:13Z the scammer usually uses the same server and IP address to create another one. See the related IP: https://www.virustotal.com/gui/ip-address/198.187.31.167/relations Code: https://www.safemoonmaxsfax.com/ ...etc the scammer creates another way when failed on the first step, just to look at what they create, token, exchange, cloud mining and etc. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: Ultegra134 on September 01, 2021, 03:16:43 PM I put my private key there, because it wouldn't automatically "authorize". What a dumbass I am. Fortunately, my gut instinct kicked in and the very next second I did that stupid move, I moved all my funds to another wallet. Be safe, do not trust anyone and never input any confidential information EVER! You have to edit that link to unclickable to avoid another user access it Code: https://multibridge-dapps.com/ that could be a lesson for you and everyone to recheck and always learning in the next time. the website was created 14 days ago which purposes for the scam. Quote IP: 198.187.31.167 Domain Name: MULTIBRIDGE-DAPPS.COM Registry Domain ID: 2633753046_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-08-14T17:47:29Z Creation Date: 2021-08-14T17:33:13Z the scammer usually uses the same server and IP address to create another one. See the related IP: https://www.virustotal.com/gui/ip-address/198.187.31.167/relations Code: https://www.safemoonmaxsfax.com/ ...etc the scammer creates another way when failed on the first step, just to look at what they create, token, exchange, cloud mining and etc. I was one of the lucky ones, that at least immediately realized what a stupid thing I've done. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on September 04, 2021, 02:51:26 PM Exodus Site Phishing
Website: Code: https://crypto-bonus.top/ Quote Domain Name: crypto-bonus.top Registry Domain ID: D20210904G10001G_68339676-top Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com Updated Date: 2021-09-03T18:47:03Z Creation Date: 2021-09-03T18:43:40Z Registry Expiry Date: 2022-09-03T18:43:40Z Registrar: NameSilo,LLC Registrar IANA ID: 1479 https://i.gyazo.com/2df2ce8f3a053477d4c8a978076d5c49.png FAKE: https://www.facebook.com/permalink.php?story_fbid=108800091537768&id=108797548204689 There have been many fake sites with ads on Facebook, so if you don't know, especially beginners, don't click on anything because the promotion always offers a bonus that is supposed to include a phrase/seed. The point is to avoid this. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: $crypto$ on September 04, 2021, 05:45:53 PM Metamask Site Phishing
Website: Code: https://www.kyc-metamask.io/ Quote Domain Name: KYC-METAMASK.IO Registry Domain ID: D503300001201715023-LRMS Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2021-08-30T06:33:28Z Creation Date: 2021-08-30T06:21:11Z Registry Expiry Date: 2022-08-30T06:21:11Z Registrar Registration Expiration Date: Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 https://i.gyazo.com/56301a54834347ecc5dfed663a4e33a0.png FAKE: https://www.facebook.com/permalink.php?story_fbid=111449014596773&id=108198504921824 Like my post a few hours ago, when I surf on Facebook I always find fake pages like this that are always worrying about other people who don't know anything, so don't ever click on a page on Facebook if you don't know anything. Title: Re: [Updated] Phishing wallectconnect [30/7/2021] Post by: Chikito on September 09, 2021, 11:32:36 AM Quote Domain Name: KYC-METAMASK.IO Registry Domain ID: D503300001201715023-LRMS Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2021-08-30T06:33:28Z Creation Date: 2021-08-30T06:21:11Z Registry Expiry Date: 2022-08-30T06:21:11Z Registrar Registration Expiration Date: Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 and, SSH bruteforce attack, also https://i.postimg.cc/SsHVS3GX/123.jpg let's report it to godday > abuse@godaddy.com Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 13, 2021, 12:02:57 AM Phishing axie infinity website
Code: https://axieinfinity.monster/ https://i.postimg.cc/PxhFhZZd/seed.jpg Quote IP Address: 172.67.194.217 Domain Name: AXIEINFINITY.MONSTER Registry Domain ID: D247748994-CNIC Registrar WHOIS Server: whois.namecheap.com Registrar URL: https://namecheap.com Updated Date: 2021-08-29T13:13:53.0Z Creation Date: 2021-08-29T12:16:57.0Z Registry Expiry Date: 2022-08-29T23:59:59.0Z Registrar: Namecheap the IP relationship: https://www.virustotal.com/gui/ip-address/172.67.194.217/relations the domain has created a month ago, that possible person who don't know the real game site can possible get the trap and write the detailed seed into phishing, they put the trap with a fool the broken metamask. Be carefull. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on September 13, 2021, 06:16:04 PM Pancakeswap Phishing Site
Website Code: https://pancake-swap.co/ Quote Domain Name: pancake-swap.co Registry Domain ID: D2431850C211A4DD187AE420AF4DB121C-GDREG Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-09-03T18:48:23Z Creation Date: 2021-08-29T18:48:22Z Registry Expiry Date: 2022-08-29T18:48:22Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 FAKE: https://www.facebook.com/103144675449101/posts/103151822115053/ Don't ever click in this fake Facebook page, they are trying to create more phishing sites and spread on facebook and of course they should check the URL. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on September 14, 2021, 06:50:56 PM Phishing axie infinity website Code: https://axieinfinity.monster/ Phishing Axie Infinity Site Website: Code: https://marketplaceaxiesinfinity.com/ Quote Domain Name: MARKETPLACEAXIESINFINITY.COM Registry Domain ID: 2638995766_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.publicdomainregistry.com Registrar URL: www.publicdomainregistry.com Updated Date: 2021-09-06T00:55:27Z Creation Date: 2021-09-05T23:37:59Z Registrar Registration Expiration Date: 2022-09-05T23:37:59Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 https://i.gyazo.com/f41b39e297109af1d3dda0f7d82f9a1e.png FAKE: https://www.facebook.com/100961772285091/posts/129622502752351/ Maybe this phishing site is still related to what you found, I'm not surprised anymore when I continue to be on Facebook I always find things like this, I think everyone needs to be careful. Even I now see so many streams from facebook about Axie Infinity game, please pay attention about this phishing site. Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 15, 2021, 01:45:06 AM Maybe this phishing site is still related to what you found, I'm not surprised anymore when I continue to be on Facebook I always find things like this, I think everyone needs to be careful. maybe yes, but with a different server and IPs. Facebook and Twitter or Any social media are beautiful places for scammers to get into the trap because in those places too many people don't know how to distinguish real and fake. Even I now see so many streams from facebook about Axie Infinity game, please pay attention about this phishing site. like this one, I found it on Twitter Code: http://axieinfinity.tel Same as above, that link directing to put the mnemonic seed. Quote IP Address: 104.21.90.27 Domain Name: axieinfinity.tel Registry Domain ID: DE17E66F501AA4B2181E6A4632F423070-GDREG Registrar WHOIS Server: whois.opensrs.net Registrar URL: www.opensrs.com Updated Date: 2021-09-10T22:00:10Z Creation Date: 2021-09-10T21:52:07Z Registry Expiry Date: 2022-09-10T21:52:07Z Registrar: Tucows Domains Inc. the relationship: https://www.virustotal.com/gui/ip-address/104.21.90.27/relations Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on September 17, 2021, 08:26:46 PM Chipminxer Phishing
Website: Code: https://chipminxer.com/ Quote from: https://whois.domaintools.com/chipminxer.com 37 days old Created on 2021-08-11 Expires on 2022-08-11 Updated on 2021-08-12 REAL https://i.gyazo.com/05c74350e6bea8039d4d262d5e601ec5.png FAKE https://i.gyazo.com/10fc5b5be963431857472095ce641f2f.png Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 18, 2021, 11:12:20 AM Chipminxer Phishing Website: Code: https://chipminxer.com/ I'm not surprised when comes from that popular site. when I checked, phishing sites using that name are increasing every day. A year ago, when I checked using a domain similar tool only about 100's, but now increased to be 250 with a similar Chipmixer name. https://dnstwister.report/search?ed=636869706d697865722e636f6d Some of the domains are still alive with the same interface as real a Chipmixer. Code: https://chipmlxer.com/ that impossible to stoping the scammer create a new one. but the owner can get an alert (by sign up), so when the scammer creates a similar domain, the owner can report quickly too; https://safebrowsing.google.com/safebrowsing/report_general/ Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on September 20, 2021, 06:14:32 PM Solana Fake Giveaway
Website: Code: https://get-sol.net/sol/ Quote Domain Name: GET-SOL.NET Registry Domain ID: 2636323475_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.regtime.net Registrar URL: http://www.webnames.ru Updated Date: 2021-08-25T15:55:08Z Creation Date: 2021-08-25T00:00:00Z Registrar Registration Expiration Date: 2022-08-25T04:00:00Z Registrar: REGTIME LTD. Registrar IANA ID: 1362 https://i.gyazo.com/12c6f7ccfa4f77edb03b84ef309efd38.png This trick is still the same as other fake giveaways, but this time it is Solana who is indeed a trending topic, whichever is the increase, the scamers have created this scheme, I emphasize for beginners you have to be careful with this unreasonable offer. Keep your money much safer. Title: Re: [List] Phishing Cryptocurrency Site Post by: Baofeng on September 22, 2021, 11:05:49 PM Fake Sushi Swap:
Code: https://sushi-app.com/ Archived: https://archive.is/bNuBS https://i.imgur.com/JaCRMvM.png Doman Info: Quote Dates Created on 2021-09-22 Expires on 2022-09-21 Updated on 2021-09-21 Name Servers PNS41.CLOUDNS.NET (has 202,270 domains) PNS42.CLOUDNS.NET (has 202,270 domains) PNS43.CLOUDNS.NET (has 202,270 domains) PNS44.CLOUDNS.NET (has 202,270 domains) Tech Contact REDACTED FOR PRIVACY REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY (p) (f) IP Address 185.117.2.82 - -1 other site is hosted on this server Just recently updated by the scammers, the real website is: https://sushi.com/. So be careful on sites that you visited, as you might fall for this kind of tricks from scammers. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on September 26, 2021, 03:01:05 PM Solana Fake Giveaway
Website: Code: https://solana-donate.com/ Quote Domain Name: solana-donate.com Registry Domain ID: 2635803775_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2021-08-24T07:00:00Z Creation Date: 2021-08-23T07:00:00Z Registrar Registration Expiration Date: 2022-08-23T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 https://i.gyazo.com/c9b9cfb8cc9680081a5b2ed439449cad.png Remember! this is just a fake giveaway and it has appeared before so beginners should stay alert don't be too greedy to want to take profit because this is a trap launched by scamers so beginners should know this thread because I will continue to update phishing/giveaway publish here. Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 27, 2021, 12:46:01 PM Phishing Exodus wallet still active until now, I don't know why the exodus team very slowly to take action, seems they don't have care about his customer.
Code: https://exoduus.xyz https://i.postimg.cc/7hpfq4Bz/qwx.jpg (https://postimages.org/) Quote IP Address: 156.67.73.98 Domain Name: EXODUUS.XYZ Registry Domain ID: D251530919-CNIC Registrar WHOIS Server: whois.hostinger.com Registrar URL: https://www.hostinger.com/ Updated Date: 2021-09-22T20:21:50.0Z Creation Date: 2021-09-22T20:21:49.0Z the relationship https://www.virustotal.com/gui/ip-address/156.67.73.98/relations Code: www.mooncake.website Title: Re: [List] Phishing Cryptocurrency Site Post by: Kittygalore on September 27, 2021, 01:23:04 PM Phishing Exodus wallet still active until now, I don't know why the exodus team very slowly to take action, seems they don't have care about his customer. Probably because they're benefiting from not taking action towards their issues, I mean if I was in that position, I'll try and make it as slow as possible if I know that I'm benefiting highly from that issue.Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 28, 2021, 02:57:20 AM Phishing Exodus wallet still active until now, I don't know why the exodus team very slowly to take action, seems they don't have care about his customer. Probably because they're benefiting from not taking action towards their issues, I mean if I was in that position, I'll try and make it as slow as possible if I know that I'm benefiting highly from that issue.playing with fire, when they can not handle it, will burn them themselves and company. that way is very different from others, another developer wallet always warn to do not traped the phishing site every time. I'm not interested to use the wallet when they never oversight and or take any action, that is very dangerous, the original could be also easy to infiltrate, who is knows?. Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on September 29, 2021, 11:35:30 AM Fake-Phishing minttswap
Code: http://minttswap.com/ this is the fake way to manage all your wallets from a single app (phishing trap) https://i.postimg.cc/3rz17mRd/ht.jpg Quote IP Address: 143.198.57.27 Domain Name: MINTTSWAP.COM Registry Domain ID: 2644270917_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2021-09-28T19:03:15Z Creation Date: 2021-09-28T19:00:36Z Registry Expiry Date: 2022-09-28T19:00:36Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.DIGITALOCEAN.COM Name Server: NS2.DIGITALOCEAN.COM The relationship with another phishing: https://www.virustotal.com/gui/ip-address/143.198.57.27/relations Code: pancakeswaap.net Title: Re: [List] Phishing Cryptocurrency Site Post by: Baofeng on October 01, 2021, 03:44:49 PM Fake Opensea market website:
Code: https://opènsea.net/wallet/page.html Archive: https://archive.is/3HYSD It is very similar to the original site, thus making it very dangerous for inexperienced users. Don't connect your wallet to this site as you will obviously gets hack and lose your precious coins. https://i.imgur.com/2Y142RK.png Quote Registrant Withheld for Privacy Purposes Registrant Org Privacy service provided by Withheld for Privacy ehf Registrant Country is Registrar NAMECHEAP INC NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status addPeriod, clientTransferProhibited Dates 29 days old Created on 2021-09-02 Expires on 2022-09-02 Updated on 0000-12-31 Name Servers DNS1.REGISTRAR-SERVERS.COM (has 7,669,646 domains) DNS2.REGISTRAR-SERVERS.COM (has 7,669,646 domains) Tech Contact Withheld for Privacy Purposes Privacy service provided by Withheld for Privacy ehf Kalkofnsvegur 2, Reykjavik, Capital Region, 101, is (p) IP Address 206.188.196.8 is hosted on a dedicated server IP Location United States - Wyoming - Sheridan - Bl Networks ASN United States AS399629 BLNWX, US (registered Apr 30, 2021) Domain Status Never Registered Before IP History 1 change on 1 unique IP addresses over 0 years Hosting History 1 change on 2 unique name servers over 0 year Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on October 02, 2021, 01:31:22 AM Fake and Phishing validatewallet.tech
Code: http://www.validatewallet.tech https://i.postimg.cc/k4xvfwhw/21.jpg Quote IP Address: 169.255.59.10 Domain Name: VALIDATEWALLET.TECH Registry Domain ID: D252536369-CNIC Registrar WHOIS Server: whois.web4africa.net Registrar URL: https://web4africa.com Updated Date: 2021-09-30T04:14:30.0Z Creation Date: 2021-09-30T04:14:29.0Z Registry Expiry Date: 2022-09-30T23:59:59.0Z Registrar: Web4Africa Ltd. Registrar IANA ID: 664 The IP relationship: https://www.virustotal.com/gui/ip-address/169.255.59.10/relations Code: www.walletvalidators.com ...... more ....Fake.. Scammer trying to create fake sync wallet to dapps. After connected, the scammer asking a seed and private key and stolen all token inside the wallet. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 04, 2021, 06:54:21 PM Ranger Protocol fake sale
Website: Code: https://polkastarter.sa.com/rangersprotocol That Rangers Protocol will start IDO on Polkastarter on 7 October. This is the announcement.: https://twitter.com/rangersprotocol/status/1445032666655600645 As an official IDO: https://www.polkastarter.com/projects/rangers-protocol Fake Polkastarter Website: Code: https://polkastarter.direct/ Quote 12 days old Created on 2021-09-22 Expires on 2022-09-22 Updated on 2021-09-27 In terms of appearance, it is slightly different and the official one uses a black background, while the phishing one uses a white background. You have to distinguish between easy things. The official website: https://www.polkastarter.com/ Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 06, 2021, 12:14:19 PM Ethereum Fake Giveaway
Website: Code: https://mediumn.us/eth/index.html Quote Domain Name: mediumn.us Registry Domain ID: D2B0D73284CE84239AF407BD0DE018F8C-GDREG Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-10-05T08:47:56Z Creation Date: 2021-09-30T08:47:56Z Registry Expiry Date: 2022-09-30T08:47:56Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: https://i.gyazo.com/5ea82fe8a620f326f0d9b64a4c7705fc.png Scammers spread on Facebook to be careful and never follow this offer wherever you find it clearly this Giveaway is a fake. I'll be posting here often if I find anything else about scamers on facebook. Be careful. FAKE: https://www.facebook.com/103440387917736/posts/386254322969673/ Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 06, 2021, 04:24:11 PM Huobi Team Fake Giveaway
Website: Code: https://medium.huobi-giveaway.net/ Quote Domain Name: huobi-giveaway.net Registry Domain ID: 2643880090_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.registrar.eu Registrar URL: http://www.registrar.eu Updated Date: 2021-09-27T22:47:21Z Creation Date: 2021-09-27T12:34:00Z Registrar Registration Expiration Date: 2022-09-27T12:34:00Z Registrar: Hosting Concepts B.V. d/b/a Registrar.eu Registrar IANA ID: 1647 https://i.gyazo.com/1a8c27e08db91b4f96bf2c12c3c98388.png Back again, something like this is on Telegram, so if you already know it's better to go out and block it because this will definitely be added automatically by bots, so stay alert for classic tricks like this. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 07, 2021, 08:56:02 AM Shiba INU Phishing Site
Website: Code: http://shiba-inu.site/ [/quote] Domain Name: SHIBA-INU.SITE Registry Domain ID: D250518249-CNIC Registrar WHOIS Server: whois.webnic.cc Registrar URL: http://www.webnic.cc Updated Date: 2021-10-02T01:43:38.0Z Creation Date: 2021-09-15T12:06:23.0Z Registry Expiry Date: 2022-09-15T23:59:59.0Z Registrar: Web Commerce Communications Ltd Registrar IANA ID: 460 [/quote] https://i.gyazo.com/6c007c53e61695694a9b0e72fa17b40c.png Because Shiba INU's pumping has increased significantly so more scamers will take advantage of this situation, so be careful because more sites will be spread about Shiba INU because they want to take your money when entering Seed/phrases. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 08, 2021, 08:24:24 PM Chipmixer.com.mx Phishing
Website: Code: https://chipmixer.com.mx/ Quote 16 days old Created on 2021-09-22 Expires on 2022-09-22 Updated on 2021-09-29 https://archive.ph/wip/FiZrE REAL https://i.gyazo.com/3aaa0c267222b62a846d5a729905c377.png FAKE https://i.gyazo.com/04251a61a7aaa81f2e8d801c5ca45aa1.png Maybe it's just a slight difference but it's all phishing that I found. Keep guarding your assets. Hope you guys are not trapped from so many phishing sites. :) Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 09, 2021, 03:14:45 PM Solana Giveaway Fake
Website: Code: https://solana-giveaway.net/ Quote 2 days old Created on 2021-10-07 Expires on 2022-10-07 Updated on 2021-10-07 https://i.gyazo.com/8c21a5e291eba125c46a88660912178a.png The classic trick is still being used by scammers and maybe those who have been in crypto for a long time know that this is a fake return, so this should definitely be avoided. Scammers will always spread on telegram. Title: Re: [List] Phishing Cryptocurrency Site Post by: Baofeng on October 10, 2021, 10:20:46 AM Fake Optimism.io website, very dangerous as once you connect your wallet, everything will be gone.
So please be careful specially for newbies out there as you can easily fall for this trick. Website: Code: https://optimusm.io/ Real Website: https://www.optimism.io/ https://i.imgur.com/sHywgE8.png Archive: https://archive.is/uG1gN Quote Registrant Org See PrivacyGuardian.org Registrant Country us Registrar Namesilo, LLC IANA ID: 1479 URL: http://www.namesilo.com Whois Server: whois.namesilo.com (p) Registrar Status clientTransferProhibited Dates 82 days old Created on 2021-07-20 Expires on 2022-07-20 Updated on 2021-09-18 Name Servers AUTUMN.NS.CLOUDFLARE.COM (has 22,400,811 domains) FRED.NS.CLOUDFLARE.COM (has 22,400,811 domains) Tech Contact — IP Address 104.21.92.2 - 367 other sites hosted on this server Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on October 11, 2021, 12:18:14 PM Phishing Web Ronin Wallet
Code: https://roninweb.org https://i.postimg.cc/bJbZ3921/jk.jpg (https://postimages.org/) Quote Domain Name: roninweb.org IP Address: 67.207.81.229 Registry Domain ID: D402200000017396058-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-09-23T03:51:09Z Creation Date: 2021-07-24T10:18:11Z Registry Expiry Date: 2022-07-24T10:18:11Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc. Registrar IANA ID: 1068 there is no ronin wallet for the web, that site is a possible scam. and Ronin is currently not available on Google Play and iOS App Store also. The original web is https://roninwallet.io/ (the wallet currently available for extension only - chrome and firefox) Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 11, 2021, 06:08:36 PM Pancakelswap Phishing Site
Website: Code: https://pancakelswap.finance/ Quote Domain Name: pancakelswap.finance Registry Domain ID: b2f15718b3dd489fa1253a5ccc6df578-DONUTS Registrar WHOIS Server: whois.porkbun.com Registrar URL: http://porkbun.com Updated Date: 2021-07-19T15:30:48Z Creation Date: 2021-07-14T15:30:30Z Registry Expiry Date: 2022-07-14T15:30:30Z Registrar: Porkbun LLC Registrar IANA ID: 1861 https://i.gyazo.com/c08699073f9c35f5404b7477504c8c10.png The Pancakeswap phishing site is getting more and more common, so pay attention to the original URL and never search on Google because there are always fake ad pages inserted at the top. I will keep reminding you. Original site. https://pancakeswap.finance/ Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 14, 2021, 08:15:01 PM Shiba airdrop Fake Giveaway
Website: Code: https://shiba-airdrops.org/ Quote Domain Name: SHIBA-AIRDROPS.ORG Registry Domain ID: D402200000018020143-LROR Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-10-08T17:22:09Z Creation Date: 2021-10-08T16:12:05Z Registry Expiry Date: 2022-10-08T16:12:05Z Registrar Registration Expiration Date: Registrar: NameCheap, Inc. Registrar IANA ID: 1068 https://i.gyazo.com/537f0b46cf52274ab27ce5457c884da7.png Don't be too greedy for profit then we have to take enough and it should be clear from real trading/investing. So, avoid this kind of giveaway, they continue to do the same way to trap you, so avoid it and pay attention again. Title: Re: [List] Phishing Cryptocurrency Site Post by: Kavelj22 on October 15, 2021, 08:11:40 AM I don't know if it's allowed to report fake mobile apps here. I accidentally came across this thread after found no dedicated topic to report mobile apps.
Fake App: Code: https://play.google.com/store/apps/details?id=pancakeswap.development.team&showAllReviews=true Details: Three Fake PancakeSwap Apps Flood Google Play Store With 12K+ Downloads (https://cryptonews.net/en/1983625/) Three fake pancakeswap apps exist on android play store (https://www.reddit.com/r/pancakeswap/comments/pwnas5/three_fake_pancakeswap_apps_exist_on_android_play/) PancakeSwap has no app available for mobiles. It's only running on web version. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 16, 2021, 05:56:16 AM Chipmixeres Fake Site
Website: Code: https://chipmixeres.com/ Quote 11 days old Created on 2021-10-04 Expires on 2022-10-04 Updated on 2021-10-04 https://i.ibb.co/5nP14Dn/Screenshot-2021-10-16-12-51-30-50.jpg For the umpteenth time, new domains will continue to be created so that it will continue to resemble the script, but there are always differences when examined further. Phishing sites will not disappear forever, the important thing is that we realize and be more careful. Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on October 16, 2021, 07:31:02 AM I don't know if it's allowed to report fake mobile apps here. I accidentally came across this thread after found no dedicated topic to report mobile apps. It's allowed, but better you put archive links and pictures like the post above because fake mobile apps will remove it fast after reporting it to google. Fake Metamask Code: https://xn--metamsk-lwa.org https://web.archive.org/web/20211015224941/https://xn--metamsk-lwa.org/ https://i.postimg.cc/8C8SfC0B/qw.jpg (https://postimages.org/) Quote Domain Name: XN--METAMSK-LWA.ORG Registry Domain ID: D402200000018058544-LROR Registrar WHOIS Server: whois.reg.com Registrar URL: http://www.reg.com Updated Date: 2021-10-13T11:50:17Z Creation Date: 2021-10-13T11:50:15Z Registry Expiry Date: 2022-10-13T11:50:15Z Registrar Registration Expiration Date: Registrar: Registrar of Domain Names REG.RU LLC I found it on google adds, still many fake/phishing aplication on google adds, just be careful and don't forget to install AdBlock. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 17, 2021, 11:48:02 PM Shiba Swap Phishing Site
Website: Code: https://www.shibaswap.agency/ Quote Domain Name: shibaswap.agency Registry Domain ID: 70a3137bfa4e41c687475d3d3ca09290-DONUTS Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2021-09-01T10:46:24Z Creation Date: 2021-08-27T10:46:23Z Registry Expiry Date: 2022-08-27T10:46:23Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 https://i.gyazo.com/7c5b17c45837589875d3f0c55dbbd527.png FAKE: https://www.facebook.com/104794375263554/posts/123281350081523/ Please help report a Facebook page like this is real they keep targeting beginners with the lure of $1000 to claim even though this is bullshit. Title: Re: [List] Phishing Cryptocurrency Site Post by: Chikito on October 21, 2021, 01:00:34 AM Fake and Phishing Metamask
Code: https://metaj-maskl.online/ https://i.postimg.cc/XJyztgkW/qqq.jpg Quote IP Address: 104.21.77.122 Domain Name: METAJ-MASKL.ONLINE Registry Domain ID: D255554409-CNIC Registrar WHOIS Server: whois.hostinger.com Registrar URL: https://www.hostinger.com/ Updated Date: 2021-10-20T21:04:31.0Z Creation Date: 2021-10-20T19:38:40.0Z The Ip's Relationship: https://www.virustotal.com/gui/ip-address/104.21.77.122/relations Where did I find this site? Google searching So be careful to do not use search engine machines, I don't know why My Adblock didn't work for this time, https://i.postimg.cc/8czrjZXQ/aswe.jpg Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 23, 2021, 03:58:17 PM Pancuckeswop Phishing Site
Website Code: https://pancuckeswop.com/ Quote 4 days old Created on 2021-10-19 Expires on 2022-10-19 Updated on 0000-12-31 https://i.ibb.co/gD4Yy8G/Screenshot-2021-10-23-22-49-49-10.jpg The domain name is too flashy so that it will be easy to know, ordinary people will understand that this is a fake dex site, but yes, not all beginners know it, of course there are more stupid ones, so this needs to be looked at again about URLs if you want to swap Dex, because now almost every dex there must be an imitation for phishing. Be careful. Title: Re: [List] Phishing Cryptocurrency Site Post by: Baofeng on October 23, 2021, 10:12:05 PM Fake sudoswap website:
Website: Code: https://sudoswap.app/ Archived: https://archive.md/pcuLg Real website: https://sudoswap.xyz/#/ https://i.imgur.com/mkhd9GZ.png Domain info: Quote Registrant REDACTED FOR PRIVACY Registrant Org Private Person Registrant Country ru Registrar Key-Systems LLC IANA ID: 1345 URL: http://www.key-systems.net Whois Server: whois.nic.google (p) Registrar Status clientTransferProhibited Dates 8 days old Created on 2021-10-15 Expires on 2022-10-15 Updated on 2021-10-20 Name Servers NS1.HOSTING.REG.RU (has 1,609,205 domains) NS2.HOSTING.REG.RU (has 1,609,205 domains) Tech Contact REDACTED FOR PRIVACY REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY IP Address 31.31.198.240 - 1,439 other sites hosted on this server IP Location Russian Federation - Moskva - Moskva - Domain Names Registrar Reg.ru Ltd Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 27, 2021, 12:52:41 PM Sol Giveaway Fake
Website: Code: https://x2solevent.com/sol/ Quote 2 days old Created on 2021-10-25 Expires on 2022-10-25 Updated on 2021-10-25 https://i.gyazo.com/1a587fe69093baea93d7e4d63de509f5.png The scammers keep spreading this via Telegram and somehow I'm always getting put in this trap, for me this is indeed a fake giveaway but what about newbies who don't know? I'm afraid they will get stuck and send the soles there so they don't get any returns, so stay careful and don't be greedy. Remain cautious Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 28, 2021, 04:28:54 AM Pancakeswap Phishing Site
Website: Code: https://pancakeswap.v1beta.finance/ Quote 3 days old Created on 2021-10-24 Expires on 2022-10-24 Updated on 2021-10-24 https://i.ibb.co/pvHhhcL/Screenshot-2021-10-28-11-19-03-74.jpg FAKE: https://www.facebook.com/104671428685585/posts/104674648685263/ Still keep seeing like this on Facebook page and I remind you never to click anything from FB if you want to use the original Pancakeswap and better type the correct URL to avoid this kind of thing. Be careful. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 30, 2021, 03:02:20 AM Shiba Fake Giveaway
Website: Code: https://shiba-bonuses.com/ Quote Domain name: shiba-bonuses.com Registry Domain ID: 2651093510_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-10-29T12:06:59.00Z Registrar Registration Expiration Date: 2022-10-29T12:06:59.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 https://i.ibb.co/0tNKhDX/Screenshot-2021-10-30-09-55-31-12.jpg There will be more scams under the guise of any kind including giveaways or other rewards by depositing first, so with Shiba tokens being pumped, don't do anything with high returns because basically they are beginners who don't know. Make sure you don't get entangled in things like this and be careful. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 31, 2021, 08:00:03 AM Swap-coins Phishing Site
Website: Code: https://swap-coins.com/ Quote 4 days old Created on 2021-10-27 Expires on 2022-10-27 Updated on 2021-10-27 https://i.gyazo.com/5493a4cdff26578c6a20e32349a50f89.png FAKE: https://www.facebook.com/100074569651604/posts/100545275774461/ edit: I'm adding a note here that the link from Facebook is still active so I hope more people will report it so the page can be deactivated as soon as possible, because now I see more tricks like this. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on October 31, 2021, 04:51:02 PM Phantocm Phishing Site
Website: Code: https://phantocm.app/ Quote Domain Name: phantocm.app Registry Domain ID: 47F05DB01-APP Registrar WHOIS Server: whois.porkbun.com Registrar URL: https://porkbun.com/ Updated Date: 2021-10-31T11:05:15Z Creation Date: 2021-10-31T11:05:14Z Registry Expiry Date: 2022-10-31T11:05:14Z Registrar: Porkbun LLC Registrar IANA ID: 1861 https://i.gyazo.com/82213ab682004a0b5aa63ca06c4d4d0f.png https://i.gyazo.com/3d183e6454853544dfe891c7f9e6f858.png Phishing ads appear again in google search even though my browser is already using the AdBloker extension, they still appear when doing a search, so they are quite good at putting fake pages on google. I hope this needs to be taken seriously and carefully. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on November 04, 2021, 06:42:35 PM Pancakeswap Finance Connected
Website: Code: https://pancaakeswap.finance-connected.com/ Quote Domain Name: finance-connected.com https://i.gyazo.com/2a82be6dd8b3350483dff21b3990d69f.pngRegistry Domain ID: D202110171404806-COM Registrar WHOIS Server: whois.nicenic.net Registrar URL: http://www.nicenic.net Updated Date: 2021-10-16T18:09:02Z Creation Date: 2021-10-16T18:09:02Z Registrar Registration Expiration Date: 2022-10-16T18:07:51Z Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED Registrar IANA ID: 3765 https://i.gyazo.com/d88e178d68efea6fee9959e800957653.png There is no end to phishing from Pancakeswap, maybe DEX users are increasing so that this is a target for fraudsters in making phishing so this is always spread where there is a crowd in social so keep an eye on the URL because that is the most important thing. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on November 05, 2021, 06:09:02 PM Shiba Fake Giveaway The old site is no longer active and they replaced it with a new domain but the script is the same.Website: Code: https://shiba-bonuses.com/ Website: Code: https://shiba-rewards.com/shiba/ Quote Domain Name: shiba-rewards.com Registry Domain ID: 497285 Registrar WHOIS Server: whois.ownregistrar.com Registrar URL: http://www.ownregistrar.com Updated Date: 2021-11-01T18:30:00+00:00 2021-11-01 Creation Date: 2021-11-01T18:30:00+00:00 2021-11-01 Registrar Registration Expiration Date: 2022-11-01T18:30:00+00:00 2022-11-01 Registrar: OwnRegistrar, Inc. Sponsoring Registrar IANA ID: 1250 https://i.gyazo.com/a4d163667014f458d38ae7637018c75c.png Shiba is still a surefire trick maybe for scammers by making double bonuses so that many are deceived but I think this should be more aware of double bonuses, I say this is all just a trick. Avoid Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on November 09, 2021, 03:51:02 PM Shiba Fake Giveaway Website:Website: Code: https://shiba-bonuses.com/ Code: https://shiba-rewards.com/shiba/ Code: https://shiba-activities.com/ Quote Domain name: shiba-activities.com Registry Domain ID: 2652498333_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 0001-01-01T00:00:00.00Z Creation Date: 2021-11-04T09:13:54.00Z Registrar Registration Expiration Date: 2022-11-04T09:13:54.00Z Registrar: NAMECHEAP INC Registrar IANA ID: 1068 Telegram Fake: https://t.me/shibaofficialoop It's a fake telegram promoting Shiba tokens with high profits, if you are in this group report it and leave, that's better and they will keep searching with lots of people to input. By reporting the possibility of the telegram can be deleted. Shibaswap Phishing Site Website: Code: https://shibaswap.is/ Quote from: https://whois.domaintools.com/shibaswap.is Creation Date: 2021-11-05T00:00:00 2021-11-05 Registrar Registration Expiration Date: 2022-11-05T00:00:00 https://i.gyazo.com/8a75d4c3af818279dc871bc6dee0c8fc.png FAKE: https://www.facebook.com/379009102278152/posts/1973196616192718/ It's very dangerous if you click on "restore data" on network metamask because this is a trap and there is no way to try anything to recover your metamask data. And pay more attention to the original Shibswap. Original: https://app-shibaswap.io/? [moderator's note: consecutive posts merged] Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on December 13, 2021, 03:24:47 PM Pancake.wales Phishing Site
Website: Code: https://pancake.wales/ Quote from: https://whois.domaintools.com/pancake.wales 4 days old Created on 2021-12-09 Expires on 2022-12-09 Updated on 2021-12-09 https://i.gyazo.com/ee1c1422d03a492cb9bfe81439ffa93d.png FAKE: https://www.facebook.com/permalink.php?story_fbid=133210885794854&id=100592572390019 Phishing sites will never go away, this is definitely a must to raise awareness of being trapped on phishing sites. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on December 16, 2021, 03:11:19 PM $TWT Fake Giveaway
Website: Code: https://community.trustvvallets.org/m/?2022-happy-new-year-giveaway https://i.ibb.co/n7P9HP2/Screenshot-2021-12-16-22-05-26-10-a23b203fd3aafc6dcb84e438dda678b6.jpg https://i.ibb.co/5nZmdSY/Screenshot-2021-12-16-22-01-15-09-40deb401b9ffe8e1df2f1cc5ba480b12.jpg FAKE: https://www.facebook.com/110820368055696/posts/128393832965016/ Well this is a fake giveaway that is widely spread on social media, maybe it's not just Facebook, scamers spread it, I don't think this is a year-end giveaway but a phishing that asks your Phrasa/Seed to be more careful because every fake offer is always promising. Stay unaffected. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on December 18, 2021, 11:54:26 AM Trust Wallet Giveaway Fake
Website: Code: https://trustwallet.claims/ Quote from: https://whois.domaintools.com/trustwallet.claims 53 days old Created on 2021-10-26 Expires on 2022-10-26 Updated on 2021-11-29 https://i.gyazo.com/586134f46c812989331956e32da32e7a.png FAKE: https://www.facebook.com/107205375162786/posts/107372245146099/ Don't directly connect to Metamask in fear that your wallet will be infiltrated, therefore the fraudsters always have the same way and never get tired, so I remind you that trust wallet does not hold any giveaway. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on January 29, 2022, 06:29:30 PM Terra Fake Giveaway
Website: Code: https://terra-event.live/ Quote 2 days old Created on 2022-01-27 Expires on 2023-01-27 Updated on 2022-01-27 https://i.gyazo.com/418874b4a2ce370112d587efa59187fa.png Anyone who enters this fake Terra telegram channel please leave and never be tempted by fake giveaways. Official site: https://www.terra.money/ Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on February 04, 2022, 02:08:25 PM THE SANDBOX Fake Giveaway
Website: Code: https://wwv-sandbox-game.github.io/en/?fbclid=IwAR0_1pFTI5QbsykIpXLOAcLjHeaeVBNOQJzJ8z-qAgMeg_5K3EoG7W_OIn4 https://i.gyazo.com/bc98773dcaae762e2e6e942c17937b4b.png https://i.gyazo.com/32f5846fde7964ce4f279ec8a643969f.png https://i.gyazo.com/f6091732ce5b43fed779859e5e867ea4.png Never enter your Phrases/Seeds in this fake Giveaway https://i.gyazo.com/e3ed7bd1359230dd10a4615f785af236.png FAKE: https://www.facebook.com/105469948721047/posts/105478518720190/ They promote in the Facebook page and avoid any kind of offer that is not clear because this is a trap to ask for your phrase. Be careful. Title: Re: [List] Phishing Cryptocurrency Site Post by: $crypto$ on February 08, 2022, 12:28:24 PM Shiba INU airdrop is a fake that inserts a virus wallet if you download it.
Website: Code: https://shibasupport.com/ Quote 6 days old Created on 2022-02-02 Expires on 2023-02-02 Updated on 2022-02-02 https://i.gyazo.com/15da1e7908d0a6d5ef9e4180a52b4ea8.png This is a fake airdrop that offers you via email (I got the email notification) so be careful not to click or download the recommended application and it's clear there has been infiltrated by a Malware Trojan virus that I saw checked on virustotal. Shiba INU never offers any airdrops, so be careful and pay attention again that this is a scam attempt via vrius if you download it. https://i.gyazo.com/724182240b4bda90abe4ed26890ebb0e.png Title: Re: [List] Phishing Cryptocurrency Site Post by: pakpahan on February 09, 2022, 10:54:53 AM <....> thank you for posting this scam giveaway site here, I also got an email about this scam project, the scammers are already using meme coins to trick other people |
