Bitcoin Forum

I fell prey to a scam this morning. I received a fractional bitcoin transaction in my Blockchain account with a web link. That link took me to bitmessages dot org (this is a fraudulent site, proceed with caution). The site was branded with the same type of layout and look of Blockchain, and wanted to associate to my Blockchain wallet ID, but did not require any password information. After entering the wallet ID, the site said it was returning me to Blockchain.info.

From here it returns you to a site that looks exactly like Blockchain.info, however the domain name is actually blocdhain.info or something which looks similar unless you are paying attention, which I obviously was not. As you go along your merry way entering your wallet ID and password into this form, it harvests your information and then sends you to the real Blockchain.info site.

My wallet was drained within minutes. As soon as I got the email notification that a transaction had occurred, I knew I had F'd up.

Enabling the two factor authentication would have prevented this, and was something I had not gotten around to. I feel really stupid, this is the first time I've ever been scammed in 20 years of internet usage. However, it's my fault that I didn't pay closer attention to what was going on. I had googled information on bitmessage and became interested in the protocol and incorrectly assumed this would enable some form of encrypted messaging within the Blockchain.info web site when I opened the link. Expensive lesson.

All of this has been reported to the Blockchain help desk. They got back to me and said they are in the process of taking the fraudulent site down.

Please learn from my mistake if you have not enabled multiple layers of security on your bitcoin wallet at Blockchain.info.

Visited that site aswell. Blockchain.info lists the transactions as "New Bitmessage" which is irresponsible for such a large website.

Thanks for the warning.

I've been a sleep a while it must seem....but where does blockchain.info get tags from? The tx's themselves or ?

phishing wont happen if you use a proper client program that sits on your computer.

use bitcoin-core and you never have to worry about website hacking, third party thefts, social engineering exploits, scam sites, or greedy people.

please learn to use proper bitcoin software

The address tags are created by signing a message with the private key of the address that you want to tag. The public notes attached to TXs are from the TX themselves.

Thanks for the heads up.

i bet 1 satoshi that the OP uses bitmessages and blockchain.info. and this attack was not random, that the scammer knows that the OP uses both services and has probably had conversations with him beforehand.

this is why i hate forum polls asking:
"how much bitcoin do you have"
"what client do you use"

as these can easily lead to social engineering tricks to gather info to then exploit

You are probably correct. I don't think it was from the forum, but rather from the OP using the same email address for both services.

It is hard to say! Even you are using the bitcoin core, the risk is still existing that your wallet file might be stolen. No matter what type of wallet you are using, it is your responsible to prevent such attack. You need to learn the knowledge to avoid them.

Thanks for the warning and sorry you got scammed. I keep small amounts in web wallets but 2fa is enabled on all of them. My main stash is locked up in my home computer. 

Franky, I used Bitcoin core up until last week when i upgraded to latest version.  It completely jacked up my wallet.  Backed my wallet up and removed the program.  Reinstalled clean and waited for it to sync with he blockchain.  Copied my wallet back in and it said my wallet was corrupt and crashed.  Two more times I did this with the same result.  Rolled back to an older version.  Same thing, except this time I reset all the options in the debug console.  Shut it down and restarted.  Presto!  My coins magically appeared.  Transferred them out right away and deleted that useless pain in the ass bitcoin core program off my system.  Litecoin too.  I've had hell with it.  Every time I do a computer restart I'd have to re download the entire blockchain.  Every fucking time!  Not anymore.  I'll use the easier programs from now on with less overhead than a full node.

Those are an interesting litany of symptoms. Did you bother to enter a bug report at the bitcoin-qt tracker on GitHub?

bitcoin-core has it's own potential vulnerabilities just like any other wallet program/service has.

IMO the blockchain.info web wallet is probably the best as long as you use the proper security procedures. There is an argument to even not have any email associated with your account but instead set it up to  backup your encrypted wallet to your dropbox

'Proper security procedures' is impossible for a web wallet. If you're not running the code locally, it isn't secure, period.

and lol dropbox:

http://nakedsecurity.sophos.com/2011/06/21/dropbox-lets-anyone-log-in-as-anyone/
http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/
http://www.zdnet.com/dropbox-gets-hacked-again-7000001928/
https://blog.dropbox.com/2014/05/web-vulnerability-affecting-shared-links/

http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

The encryption/decryption of wallets and private keys, as well as the generation of the private keys are all done on the client side. This essentially makes it impossible for blockchain.info to be able to access your private keys, as well as an attacker who is able to hack blockchain.info's servers