Bitcoin Forum

I've had 2 so far today


Dear Users,

This mail was sent because you need install New Update for your browsers (Mozilla Firefox ,Internet Explorer,Chrome,...) for News updates on [Suspicious link removed] set Java Software for your Browsers click the following link:
https://www.bitcointalk.org ( update ) taken out

Regards,
The Bitcoin Forum Team.

Nope, but Im sure its a phishing attempt.

I dont receive it, as I remember correctly that this forum will never send an email regarding the upgrade of your browser , beware of malware, it could be an attempt to steal your account, best thing to do is to hide your email address from your profile

Yeah I thought it was suspect, Luckily I didn't click on anything but it looked legit as it had the address noreply@bitcointalk.org

FYI, unless the (alleged) sender's domain has got SPF records and your mail server implements it, anyone can just change his 'From:' address to whatever he wants just by going to 'Settings...' in the mail client.

Actually bitcointalk.org *does* have an SPF record protecting it with a strict (-all) policy: according to standards, the phishing message should have been rejected, but your mail server probably doesn't enforce the requested policy. Funny thing is that a domain such as 'whitehouse.gov' uses a relaxed policy (~all), so phishing e-mails from 'whitehouse.gov' would end up in your spam folder at best ;)

Damn them all to hell!!  ;D oh well no harm done on this occasion, I'll probably get my dinner invitation to the whitehouse a bit later on  :P

Just as a side note, both Firefox and Chrome update themselves, as well as Internet Explorer, via Windows Update.

SPF is a mixed blessing - as soon as you (legitimately) forward mails without completely rewriting the sender address, you get lost or rejected mails when you SPF handling is strict.
There's a workaround (SRS) which works mostly but makes some things unwieldy.
The other thing is that SPT does not protect the From: header (see http://www.openspf.org/FAQ/Envelope_from_scope), so this kind of phishing would still be possible.

Onkel Paul

I am fairly certain that the fact that the forum automatically removed one of the links in your post I think it is fairly safe to say that the email is not from the forum and that clicking on the link in the body of the email will result to being directed to some malicious site, be it somewhere where you will be directed to download malware (most likely) or some phishing site.

I would recommend against clicking on any links you get in emails supposedly from the forum.

This is a obvious phishing attempt by some hacker. I would not do anything that the email instructs. Delete it, then delete your trash. You will end up getting everything you have stolen if you don't.

Is and must be a hacking attempt in an event for you to click the link and get to somewhere else.
You should never click any links in such mails claiming for such things, and one more thing, didn't you think that what has the forum to do with the upgrade of your browser?

Well thank you all for you input, I obviously knew it was suspish so would never click it, but perhaps posting it here will raise it to the attention of any unsuspecting person who might get one and click it. and now know better.


I'm sure everyone here is pretty up on security but It was somewhat convincing and could be very harmful.

It's because your email is visible to all members. You can probably hide it so that nobody could send you a phishing mail again.

Best thing to do when you get them emails. Report the headas an details of it to admins here so they can trace where come from and put a stop to it to take action on it.

Other than that simply delete and don't respond to it just remove do not click any the links within it as no doubt will end up leading to some fake look alike site requesting to put your login info and bam account gone.