|
Title: [SCAM][PHISHING]Fake stellar.org website - another punycode phishing attack Post by: witcher_sense on July 30, 2020, 03:10:36 PM What happened: Fake/malicious website
ANN: not listed here yet Scammers Website: Code: https://sŧellar.com/ (https://xn--sellar-ilb.com/) http://web.archive.org/web/20200730150244/https://xn--sellar-ilb.com/ http://archive.is/cz3TS Quote Domain Name: XN--SELLAR-ILB.COM Registry Domain ID: 2544518807_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.webnic.cc Registrar URL: http://www.webnic.cc Updated Date: 2020-07-08T19:30:20Z Creation Date: 2020-07-08T01:43:47Z Registry Expiry Date: 2021-07-08T01:43:47Z https://i.gyazo.com/48520c84e43ac3656d5d0349b80afd54.png To avoid this attack in Firefox and Tor, do the following: Open a new tab Type about:config and hit enter Accept the warning if one appears Search for the string network.IDN_show_punycode Change the value to true This will make these domains display as "xn--xxxxx" rather than the site name they are trying to imitate. Chromium based browsers should warn you about punycode domains automatically, provided they are up to date. Another simple way to avoid falling victim to sites like this which pretend to be other sites, often web wallets and exchanges, is to use a good password manager such as KeePass. KeePass will automatically recognize that it is a fake site and won't input your user name or password. |
