Bitcoin Forum

Just got this in an email overnight.






-----------------------------------------


Dear User

Thank you For shopping form bitmaintech.com

we have received Miner order

we have send you link invoice to see shipping adress and  product
 
To show invoice , go to:

it had a url that went to vanguardsingle.com.au/xxxxxxxxxx/invoice.pdf..........jar



Regards,


Administration of  bitmaintech.com

be careful please.

Seems like scammers are trying everything they can to phish for bitcoins these days. Simply follow the golden rule:
Don't click on links from people you don't know.

I have been getting these for the past week or so all claiming to be from different vendors.


 

i just got something similar from sales@bitmaintech.com but all mine said was payment confirmation and then a invoice_424.jar file.

jar files are java executable, don´t download it (there is only a very small amount of software that is actually a jar, and you would rememer ordering such a software).

This has happened with several spoofed email adresses of hardware manufacturers, so it is more likely the actual email list was leaked on another platform
(or that all email adresses from these manufacturers are stored in an unsafe way)

The mining business is transforming :) now the emergent tech is to mine wallets directly .. LOL

LOL fake emails never get old :D

cant even spell address properly,what scrubs

What a pity ,that they can't find a decent job. Instead go around the web stealing people money that doesn't belong to them.

Received an email today from them. Unsure how they got my mail address.

Subject:
[Bitmaintech.com]  Invoice Payment (#4142)

Message:
Invoice Payment Confirmation

Kind regards ,
Bitmain Tech

14836 E Valley Blvd
La Puente, CA 91746
Email: support@bitmaintech.com
Phone: (888) 933-2313

Attachment:
invoice_4142.jar

Using Gmail, it didn't reach my spam, right in my main inbox.

Viper (Scrypt) Miner - Alpha Technology email came in with a JAR file as well.

Someone pushing it hard.

The question noone seems to be asking is....how did they get those emails in the first place? It seems there may be a common thread there. Was BCT hacked and we are not aware of it? Or were one of the vendors hacked and the emails gotten that way? There clearly was a security breach or else the scammers would not know to specifically target people who have bought mining hardware.

About a month a go I was getting these spam emails with a jar attached from knc, cointerra and cloudhashing. Never registered with two of them so I'm guessing my emailaddress was leaked from somewhere else.

Also, btctalk was ofcourse hacked a while back so not surprising my emailaddress is out there.


Also, this spam/phishing with jar files is nothing new:

https://bitcointalk.org/index.php?topic=694747.0
https://bitcointalk.org/index.php?topic=774167.0
https://bitcointalk.org/index.php?topic=652085.0

I had one in this format

I just got an email with a shipping notice from Bitcoinrigs.org, even though I've never ordered anything from them.
The reply to address appears to be from Stamps.com, through I didn't actually load any of the content to look at it.

I wonder if they're related?

Maybe it's BFL or AMT both desperate for cash seeing how they could not get away with scamming new customers and need other sources of revenue :P

ty xzempt for advert us, maybe some ppl will think that this is stupid and only stupid ppl got scammed, but beleive me, there is lot of ppl that got scammed bacause of that scam emails.


and this is a real problem, there is always ppl trying to fu*k you, as i always recommend, common sense is the best wall you can have agains those things.

.Jar , yes must careful when download this kind of file.
And now i see some scammer try to spread this via skype , they act nicely ,talk something good and at last he will send some file for us to download.
Maybe he will say that file is bot , free btc etc.

For new uses, simple ways to protect your coins:
1) Don't access the web/internet on the machine that hosts your wallet
2) If you have the time, move/convert your wallet (the file with your private keys) into a paper wallet.  Paper might be ancient but I have yet to see a trojan/malware that is able to read paper (except somebody hacking your webcam)
3) If using a digital wallet file, encrypt it with a password/passphrase that is unique (not used anywhere else) and is difficult enough to not be bruteforced
4) Learn to use cold wallets and put the majority of your coins in that wallet

Learn to use the tools that the community has created.  There are several alternatives to the base Bitcoin-QT that can offer increased security options.  If you have a significant value of coins it may be prudent to invest a little time learning how to use something like a cold walllet with Armory or one of the other alternative clients:
https://bitcointalk.org/index.php?board=37.0 (https://bitcointalk.org/index.php?board=37.0)

Armory has a walkthough of how to make a offline/cold wallet here:
https://bitcoinarmory.com/about/using-our-wallet/ (https://bitcoinarmory.com/about/using-our-wallet/)