Be careful of Phishing Sites that fly Around

[Bonwin]

The activities of scammers is seriously on the rampage, looking for those who would fall victim of their scams.
Some days ago, i received a mail from this fake website https://td.kkcoin.com/pcActivity telling me that i have a free giveaway, while the real one i have been using is https://www.kkcoin.com. Also, on two different occasions, i received reminders from them.

This was the mail sent to me:



I decided to open both the fake website sent to me and the real one i have always been using. Then i saw some disparities on the sites. Below are the pictorial representations of those differences i noticed. Although some are not that obvious except you take a closer look at them.

On opening the REAL SITE i am accustomed with, this was what i got on the home and service page and there was nothing like promotion on it.



On opening the SCAM SITE, it was a different case entirely.



Then i decided to look into some features that were obvious on both sites, because i was sure there would be some differences.

SCAM SITE



REAL SITE



- On the FAKE site, it was very obvious that the "QR Code Download" was overlapping the slot for "Android App", while on the REAL site, it was at the base, almost adjacent.
- Observing the QR Code image for the FAKE site, it was not directly in front of the slot for Android App download, rather, it was on top of it. While that of the original site was directly in front.
There are also some other differences indicated on the images.
If you try to open the site, you would also observe others.

I was able to easily detect this because the exchange site has android app, which i use. Had it been i am fond of using the web version of it, who knows, i might have just login and get phished.
To be very sure of this, i made enquiry on their https://t.me/KKGLOBAL telegram channel and i was told it was scam

There are some exchange sites that do not use app and this is where you need to be more careful. Most times, when i find myself in a situation like this, there are some precautionary measures i ensure.
- I would search for the exchange on https://coinmarketcap.com, because from experience, i trust the sites they list.
- I would then bookmark it or save it somewhere for future use.

The reason i bookmark is that, scammers can be very deceptive. There are times that both the FAKE and REAL sites would look very much alike. To tell the difference might require critical look and consciousness. For instance, the letter C for scam site might appear as Ç or letter U, might appear as Ü.
So we all need to be very careful so as not to be phished.

Other future concerns might not necessarily not necessarily be on kkcoin exchange, but this will help to safeguard against other phishing sites of any exchange you might be using or might want to use.

I wish you all the best in your endeavours.

[khufuking]

Thanks for warning others, I have said it again and again don't ever open a link from your email to any exchange, wallet, bank account, ICO website, Airdrop, this forum, or even anything. You should have a verified bookmark list with all of your important websites and only access these websites from there. Whenever you receive an important email from any website just close your email and go directly to this website from your bookmarks, it's an easy thing to do and a good practice that will not require any extra effort from you.

[bL4nkcode]

I'm not familiar with that exchange. But I can't see any views that the other site is a phishing site/fake, its just literally a sub-domain(td.kkcoin.com) of the kkcoin.com domain. And all you can see that is different are the download button which is just a css deficit (I guess) which is affected by a slow connection. It can be just a web designer error. Phishing sites are websites that has almost the same content from the original but different in URL especially the domain name but in this case, the domain names are totally the same. But I might be mistaken here, though (bit sleepy).

The reason i bookmark is that, scammers can be very deceptive. There are times that both the FAKE and REAL sites would look very much alike. To tell the difference might require critical look and consciousness. For instance, the letter C for scam site might appear as Ç or letter U, might appear as Ü.
So we all need to be very careful so as not to be phished.

These characters are easy to detect not unless if you have a problem with your sight.

Anyway, if you reported that the site is a scam or phishing site, then so be it. That's why its really important the bookmark feature of any browsers you used to stay away from this incidents. But still, I doubt that the two mentioned URL are different from its domain name kkcoin.com.

In Addition, if you will click or just hover the anchor link Perpetual Contract from kkcoin.com you will redirect to the td.kkcoin.com sub-domain.

[Bonwin]

I'm not familiar with that exchange. But I can't see any views that the other site is a phishing site/fake, its just literally a sub-domain(td.kkcoin.com) of the kkcoin.com domain. And all you can see that is different are the download button which is just a css deficit (I guess) which is affected by a slow connection. It can be just a web designer error. Phishing sites are websites that has almost the same content from the original but different in URL especially the domain name but in this case, the domain names are totally the same. But I might be mistaken here, though (bit sleepy).

These characters are easy to detect not unless if you have a problem with your sight.

Anyway, if you reported that the site is a scam or phishing site, then so be it. That's why its really important the bookmark feature of any browsers you used to stay away from this incidents. But still, I doubt that the two mentioned URL are different from its domain name kkcoin.com.

In Addition, if you will click or just hover the anchor link Perpetual Contract from kkcoin.com you will redirect to the td.kkcoin.com sub-domain.

I already made my findings before posting it. I receive regular mail from the support of this exchange, but this particular mail came from a different e-mail entirely.
I will make an update of the confirmatory message from one of the admin on the telegram channel.

Then as regards the statement you made on whether it is a css deficit or a problem with connection. I have load the site many times and it remained the same.

[Mirae]

i am gonna be honest, that site looks pretty good
if someone with not enough experience in these things got this email they could fall for this a lot

[Mahanton]

This isnt new actually and these common phishing ways been known on years past but somehow i do appreciate on telling the public and this would be useful specially for newbies.

Commonly when you receive these kind of emails this do really signify when you are fan on doing sign ups either coz of free token or airdrops and this is why i do make use of dummy emails rather than using up my main email to get rid of these things.

[bL4nkcode]

I already made my findings before posting it. I receive regular mail from the support of this exchange, but this particular mail came from a different e-mail entirely.
I will make an update of the confirmatory message from one of the admin on the telegram channel.

Then as regards the statement you made on whether it is a css deficit or a problem with connection. I have load the site many times and it remained the same.

If you're really sure about this one in which I can't argue with that you should report and request the clone site to be blacklisted in metamask as phishing site here https://github.com/MetaMask/eth-phishing-detect/issues

[shield132]

td.kkcoin.com <-- TD is a subdomain which can only be created by website owner, seems they are trying to scam their customers in different way? I highly doubt, I think it's for testing or etc.
What is kkcoin.com ? I haven't heared about them, interesting to know if there are any scam accusation threads against them or how popular their ANN thread is here (if they have it).

[illusioNiZt]

yeah I had this same thought as Shield132, if the website is legit are you sure the sub-domain is not? well I guess the positioning could be a small bug?

[Bonwin]

If you're really sure about this one in which I can't argue with that you should report and request the clone site to be blacklisted in metamask as phishing site here https://github.com/MetaMask/eth-phishing-detect/issues

Before i go ahead to report, please i would need someone else to confirm from their telegram group https://t.me/KKGLOBAL.
I can't believe what i experienced. I asked the question on their telegram group earlier before making this post and an admin just told me its for promotions.
In a bid to confirm further, i asked today why they are using another domain, instead of not using the main site used for exchange, my post was deleted.
When i tried to ask further, i was immediately restricted.

[Bonwin]

td.kkcoin.com <-- TD is a subdomain which can only be created by website owner, seems they are trying to scam their customers in different way? I highly doubt, I think it's for testing or etc.
What is kkcoin.com ? I haven't heared about them, interesting to know if there are any scam accusation threads against them or how popular their ANN thread is here (if they have it).

You are right.
I tried to confirm this, but to my amazement, my questions were deleted, which led to an eventual restriction.

[1Referee]

i am gonna be honest, that site looks pretty good
if someone with not enough experience in these things got this email they could fall for this a lot

How can one in these times not have enough 'experience' with phising mails? It's not just related to crypto. It has been happening for over a decade where criminals are trying to empty people's bank accounts, and when you fall for it these days, you are just an idiot. It may sound hard, but what other way is there to make things clear? Soft talk doesn't help, we have over a decade of evidence to point that out.

People need to have their safe internet world bubble popped before they finally realize that they are a target in almost every corner of the internet, especially when it concerns people holding irreversible value assets such as crypto currencies.

Vitalik's title on Twitter; Vitalik Non-giver of Ether. It has zero effect with how scammers can copy the exact same title, lol. There were more high level crypto coiners that used to do the same, but they realized it had no effect at all and removed the title for that reason, now it's waiting for Vitalik to do the same.

[leowonderful]

i am gonna be honest, that site looks pretty good
if someone with not enough experience in these things got this email they could fall for this a lot

How can one in these times not have enough 'experience' with phising mails? It's not just related to crypto. It has been happening for over a decade where criminals are trying to empty people's bank accounts, and when you fall for it these days, you are just an idiot. It may sound hard, but what other way is there to make things clear? Soft talk doesn't help, we have over a decade of evidence to point that out.

People need to have their safe internet world bubble popped before they finally realize that they are a target in almost every corner of the internet, especially when it concerns people holding irreversible value assets such as crypto currencies.

Vitalik's title on Twitter; Vitalik Non-giver of Ether. It has zero effect with how scammers can copy the exact same title, lol. There were more high level crypto coiners that used to do the same, but they realized it had no effect at all and removed the title for that reason, now it's waiting for Vitalik to do the same.

I completely agree with your statement. We can do things to help alleviate problems related to scamming like putting out PSAs, but people need to start using their brains and actually figure out common signs of scams, especially when we’re dealing with cryptocurrencies, where you need to be your own bank and make decisions yourself. Crypto’s really not for everyone, but it can be for most people so as long as the user is conscious and is familiar with scams on the internet (common sense works 99.9% of the time).

[omonuyak]

The activities of scammers is seriously on the rampage, looking for those who would fall victim of their scams.
Some days ago, i received a mail from this fake website https://td.kkcoin.com/pcActivity telling me that i have a free giveaway, while the real one i have been using is https://www.kkcoin.com. Also, on two different occasions, i received reminders from them.

This was the mail sent to me:



I decided to open both the fake website sent to me and the real one i have always been using. Then i saw some disparities on the sites. Below are the pictorial representations of those differences i noticed. Although some are not that obvious except you take a closer look at them.

On opening the REAL SITE i am accustomed with, this was what i got on the home and service page and there was nothing like promotion on it.



On opening the SCAM SITE, it was a different case entirely.



Then i decided to look into some features that were obvious on both sites, because i was sure there would be some differences.

SCAM SITE



REAL SITE



- On the FAKE site, it was very obvious that the "QR Code Download" was overlapping the slot for "Android App", while on the REAL site, it was at the base, almost adjacent.
- Observing the QR Code image for the FAKE site, it was not directly in front of the slot for Android App download, rather, it was on top of it. While that of the original site was directly in front.
There are also some other differences indicated on the images.
If you try to open the site, you would also observe others.

I was able to easily detect this because the exchange site has android app, which i use. Had it been i am fond of using the web version of it, who knows, i might have just login and get phished.
To be very sure of this, i made enquiry on their https://t.me/KKGLOBAL telegram channel and i was told it was scam

There are some exchange sites that do not use app and this is where you need to be more careful. Most times, when i find myself in a situation like this, there are some precautionary measures i ensure.
- I would search for the exchange on https://coinmarketcap.com, because from experience, i trust the sites they list.
- I would then bookmark it or save it somewhere for future use.

The reason i bookmark is that, scammers can be very deceptive. There are times that both the FAKE and REAL sites would look very much alike. To tell the difference might require critical look and consciousness. For instance, the letter C for scam site might appear as Ç or letter U, might appear as Ü.
So we all need to be very careful so as not to be phished.

Other future concerns might not necessarily not necessarily be on kkcoin exchange, but this will help to safeguard against other phishing sites of any exchange you might be using or might want to use.

I wish you all the best in your endeavours.

Thank you mate for sharing this information with us and for some of us that has not been a victim of this we should try to becare on how we jump into some sites for investments opportunities.  Last time I visit a site and during I was as to paid 0.01btc for 0.3btc and when visit their telegram group I find out that many people were giving positive feedback about this site but it is 10% scam.

[magneto]

I think that all this post proves is that kkcoin itself should be considered to be extremely shady.

I see no signs of td.kkcoin being a phishing site per se. Perhaps it's supposed to be a kucoin ripoff but at the end of the day, it's still under the domain of kkcoin. And based on the pretty outrageous promotions that they are doing, I wouldn't be surprised if the entire exchange was to be a scam altogether.

That doesn't mean that anyone should be less cautious of phishing sites, as they are still extremely common as a problem. But this site itself looks to be real shady.

[julerz12]

Same thing happened to me just yesterday.
I received an email stating that I have an unclaimed bounty from a recently ended bounty campaign.
Being curious, I viewed the email and this is what I got:


The email contains a few fancy words telling me that I have participated on their "Facebook campaing" (Campaign  ) and I have an unclaimed XDMC Token
I don't recall joining this bounty campaign tho.  



The email also contains  a link to their supposed "claiming form" which is asking me to go to a MEW (MyEtherwallet) Phishing site.
The correct MEW Address is this: https://www.myetherwallet.com

So to all who has their emails open on public, be careful.

[bL4nkcode]

I tried to confirm this, but to my amazement, my questions were deleted, which led to an eventual restriction.

That's why I told you that the URL you're talking is a sub-domain the the kkcoin site. Anyway before looking any website's contents you should look carefully the URL it self, try to copy and paste in some text-editor if you find something different like å, í, è and etc.

[snip]

I received too many emails like this using the email of my site, and obviously it will just go to trash folder eventually. These happens because the open data from any spreadsheet of some bounty campaigns including emails and used or even sold to any ICO or upcoming ICO projects for their bounty.
Only idi*t people will only be fooled by this scam attempts. But still be careful everyone.

[jvdp]

I got a email from the fake ID with the title of Bitcointalk and with the user name Yahoo62278. I know this manager long time and I have participated in this campaigns but some shit people created fake id with his name.
And trying to scam us. Hope it will not be happen at all for sure. Moreover newbies should analyse the things well before go with the free giveaways and offers you see.

[h0lybyte]

Thanks for detailed post.
Anyone having less awareness about online activities may fell in confusion and can get hacked through these phishing links.
Sometimes they target emails to steal data by making us fool but we should always be careful and check the url before proceeding to click