Title: PSA: Make sure you NEVER use privnotes.com!! Post by: Room101 on June 17, 2020, 12:31:55 AM https://krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/
privnotes.com is a scam site that tricks people into thinking they are going to privnote.com ( a legit site, trusted site) Any bitcoin addresses posted in privnotes.com will be changed to a different address. Search for the wrong thing and privnotes.com will be the first result you see in google search! Be careful out there, it's similar to the online QR code generators, which do the exact same thing! In general never send to any address received in a private message anywhere, unless 100% certain you are talking to who you thought you were. Always worth checking the PGP signature as well, its a good habit, and it's not out of the realm of possibility a similar MITM attack could happen anywhere. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: bL4nkcode on June 17, 2020, 12:42:06 AM So far, I didn't see someone using privnote to send btc address here just shipping address, but idk if there is.
Search for the wrong thing and privnotes.com will be the first result you see in google search! Searching privnote or privenotes the real privnote appears first, but still the fake one appeared on second so becareful, bookmarking the site is good thing to do.A thread related to this posted here btw https://bitcointalk.org/index.php?topic=5255539.0 Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Room101 on June 17, 2020, 12:51:39 AM So far, I didn't see someone using privnote to send btc address here just shipping address, but idk if there is. Search for the wrong thing and privnotes.com will be the first result you see in google search! Searching privnote or privenotes the real privnote appears first, but still the fake one appeared on second so becareful, bookmarking the site is good thing to do.A thread related to this posted here btw https://bitcointalk.org/index.php?topic=5255539.0 thanks. Not sure on proper etiquette, if I should post things like this here. Lots of trading done here, and not sure how many people check the scam section, but will delete if people think things like this should only go in scam section. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: ChiBitCTy on June 17, 2020, 12:54:26 AM So far, I didn't see someone using privnote to send btc address here just shipping address, but idk if there is. Search for the wrong thing and privnotes.com will be the first result you see in google search! Searching privnote or privenotes the real privnote appears first, but still the fake one appeared on second so becareful, bookmarking the site is good thing to do.A thread related to this posted here btw https://bitcointalk.org/index.php?topic=5255539.0 thanks. Not sure on proper etiquette, if I should post things like this here. Lots of trading done here, and not sure how many people check the scam section, but will delete if people think things like this should only go in scam section. I sometimes post in both here and scams ( will just post a link in one of them )..I should have done that with this. Thanks for posting it, If it’s relative to both boards , should be in both. Just make sure you only post a link in one. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: chaser15 on June 17, 2020, 01:00:11 AM I was misled on the title as I thought privnote.com is a scam. That was a tricky part and those who aren't aware of privnote.com might be ended up being in phishing. Thanks for the heads-up. All users must always check the copied BTC address before sending it. A habit that is a must even without this phishing attempt. To newbies, Privnotes.com Privnotes.com Privnotes.com is a phishing site. Privnote.com is the legit one. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Room101 on June 17, 2020, 02:07:11 AM All users must always check the copied BTC address before sending it. A habit that is a must even without this phishing attempt. It's more tricky than that. In this version, you see the correct bitcoin address in your browser before you send it, and if you open the link in a browser with the same IP address, it will still show the correct address, but anyone who opens the link with a different IP address to the creator, sees the incorrect BTC address, so there would be no actual way of checking yourself Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Asuspawer09 on June 17, 2020, 06:22:39 AM I've been tricked by this privnotes.com I just realized it when viz pm me that I'm using the wrong privnote.
I clicked the wrong link when searching privnote in google and its save to my browser so I've use it a lot in some of my transactions, luckily I didn't use it in BTC transactions so no I didn't lost any money. https://i.imgur.com/SmNMEnG.png https://krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ Thanks for the reminder! Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: krogoth on June 17, 2020, 10:37:25 AM As a rule....whenever I send any amount of btc over a certain amount...I always send a test of 0.001btc.
Once the receiver confirms getting the BTC, I send the rest. Whether you use a priv note or not, this will prevent you from sending the btc to the wrong address. I also have person send me btc addy thru two different channels... example..email and slack privnote or text. Compare....test sample send and voila send the rest. No man in the middle (https://en.wikipedia.org/wiki/Man-in-the-middle_attack) attack worries either Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Kryptowerk on June 17, 2020, 10:54:54 AM Thanks for posting this, same happened to me, I recently "stumbled" upon privnotes and noticed, that something seemed off and then checked if I really had the correct site.
I must say, this is a smart scam, even though not less disgusting as any other attempts to steal and fraud. There is no way to exclude all risks but whenever relying on 3rd party services, tools or apps, anyone dealing with sensible information and value of any kind, should always double or triple check if everything is indeed what it seems. As long as there is a way to scam people, there will always be attempts do so. With great liberty comes great responsibility, this is especially true for Bitcoin funds. Stay safe everyone. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: angebitbit on June 17, 2020, 12:15:41 PM I've been tricked by this privnotes.com I just realized it when viz pm me that I'm using the wrong privnote. I clicked the wrong link when searching privnote in google and its save to my browser so I've use it a lot in some of my transactions, luckily I didn't use it in BTC transactions so no I didn't lost any money. https://i.imgur.com/SmNMEnG.png https://krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ Thanks for the reminder! I don't understand how we can't report this to Google, so they won't let them advertise above the real privnote.com. Thank you for this info @Room101 Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: NeuroticFish on June 17, 2020, 12:32:15 PM Right now the scam site comes in google results after the correct privnote, at least for me.
WOT also shows it as a problematic website. And I've also reported it to Google. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: BitcoinNewsMagazine on June 17, 2020, 02:30:13 PM privnotes.com no longer resolves for me, the site may have been taken down. Also be aware of privnotes.ru which was registered on 2020-02-08. Not showing up on Google search yet.
Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Hellot on June 17, 2020, 06:28:11 PM Not resolving for me any longer.
smoothie used to use privnote a lot to send funding addresses to customers. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: BitcoinNewsMagazine on June 17, 2020, 11:55:33 PM Many potential users are put off by PGP because it is perceived as too complicated and inconvenient. If you feel that way I suggest you try out gpg4usb (https://gpg4usb.org/index.html). The documentation on the site should be all you need. You don't have to run the program from a USB drive: you can save it as a folder on your computer or even inside a TrueCrypt (https://www.grc.com/misc/truecrypt/truecrypt.htm) container.
Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: andulolika on June 18, 2020, 03:17:36 AM Not resolving for me any longer. Privnote is good but it isn't perfect, your pc is probably the first flaw, pgp as BNM mentions below is a great fix unless your pc vulnerable..smoothie used to use privnote a lot to send funding addresses to customers. Many potential users are put off by PGP because it is perceived as too complicated and inconvenient. If you feel that way I suggest you try out gpg4usb (https://gpg4usb.org/index.html). The documentation on the site should be all you need. You don't have to run the program from a USB drive: you can save it as a folder on your computer or even inside a TrueCrypt (https://www.grc.com/misc/truecrypt/truecrypt.htm) container. i always found pgp a bit unconvenient but feels that link will be usefull thanks.Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: DaveF on June 19, 2020, 11:47:26 AM I posted this in another thread about another site, but as a rule, in addition to talking about it here, when a site like this pops up. We should be reporting this to all the AV people / Google / etc. so it pops up in their "don't use this page warning".
Google: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en (not quife phishing but could not find a better place) Malwarebytes: https://support.malwarebytes.com/hc/en-us/articles/360038522814-Submit-a-malicious-file-or-website-to-Malwarebytes Symantec safeweb: https://symsubmit.symantec.com/ Mozilla / stopbadware: https://www.stopbadware.org/report-badware ESET https://phishing.eset.com/report (thanks pooya87) and any others you might know. -Dave Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: alani123 on June 19, 2020, 11:54:51 AM This type of scam is pretty common with ads on google as shown above.
Sadly google does little to nothing to catch potential phishing attempts and instead lets them target the very name of the website they're phishing as a keyword. It's also ridiculous how they're made to appear similar to a legitimate search result. If you've got 2 minutes, feel free to report this phishing here if you've gotten the same results: https://support.google.com/google-ads/contact/vio_other_aw_policy Hopefully google will act soon. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: krogoth on June 19, 2020, 12:22:18 PM This type of scam is pretty common with ads on google as shown above. Sadly google does little to nothing to catch potential phishing attempts and instead lets them target the very name of the website they're phishing as a keyword. It's also ridiculous how they're made to appear similar to a legitimate search result. If you've got 2 minutes, feel free to report this phishing here if you've gotten the same results: https://support.google.com/google-ads/contact/vio_other_aw_policy Hopefully google will act soon. Thankyou....report sent! Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Room101 on June 19, 2020, 12:33:20 PM Did we do it? It no longer shows up even when I search for "privnotes".
Nice work everybody. Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: BitcoinNewsMagazine on June 19, 2020, 03:13:50 PM privnotes.com no longer shows up in Google search for me looks like the site was taken down. It still comes up on other search engines will take a while for them to sync with Google.
Title: Re: PSA: Make sure you NEVER use privnotes.com!! Post by: Hookzup1 on June 19, 2020, 03:45:26 PM Awesome thanks a lot i definitley would never have noticed
|