Baofeng (OP)
Legendary
 Offline
Activity: 2604
Merit: 1664
|
 |
September 09, 2020, 11:37:56 PM |
|
There is a phishing Poloniex website: PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com  Visually pleasing and really looks like the original and real https://www.poloniex.com/. But if you are going to magnify the website name, these cyber criminals are using what we call Homograph or Cyrillic attack  . The website was created last month. I already reported this to namecheap: https://whois.domaintools.com/xn--polniex-v2c.comGeneral Information
Ticket ID #TBZ-974-82258
Type Issue
Priority High
Subject: Phishing site:https://polȯniex.com/
And also to Google's https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en |
| │ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███▀▀▀█████████████████
███▄▄▄█████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
███████████████████
███████████████
████████████████████████ | ███████████████████████████
███████████████████████████
███████████████████████████
█████████▀▀██▀██▀▀█████████
█████████████▄█████████████
████████▄█████████▄████████
█████████████▄█████████████
█████████████▄█▄███████████
██████████▀▀█████████████
██████████▀█▀██████████
▀███████████████████▀
▀███████████████▀
█████████████████████████ | | | O F F I C I A L P A R T N E R S
▬▬▬▬▬▬▬▬▬▬
ASTON VILLA FC
BURNLEY FC | | | BK8? | | | .
..PLAY NOW.. |
|
|
|
|
|
|
Yogee
|
|
September 10, 2020, 03:15:27 AM |
|
Done reporting the phishing site.
Can you fix the code with the phishing link at the beginning? The fake website isn't that long and can be on a single line. I almost reported poloniexdotcom instead of poloniexdotcom/xn--polniex-v2c.com
|
|
|
|
|
|
| R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀ | █████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀ |
| | | ██░░░░░░░░░░░░░░░░░░░░░░██
▀█▄░▄▄░░░░░░░░░░░░▄▄░▄█▀
▄▄███░░░░░░░░░░░░░░███▄▄
▀░▀▄▀▄░░░░░▄▄░░░░░▄▀▄▀░▀
▄▄▄▄▄▀▀▄▄▀▀▄▄▄▄▄
█░▄▄▄██████▄▄▄░█
█░▀▀████████▀▀░█
█░█▀▄▄▄▄▄▄▄▄██░█
█░█▀████████░█
█░█░██████░█
▀▄▀▄███▀▄▀
▄▀▄▀▄▄▄▄▀▄▀▄
██▀░░░░░░░░▀██ | | | | | | | .
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
████████████░███████▀▄▀
████████████░██▀▄▄▄▄▀
████████████░▀▄▀
████████████▄▀
███████████▀ | ▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄██████▀████░███▄▀██▄
███░█████████▀██░████░███
███░████░█▄████▀░████░███
███░████░███▄████████░███
▀██▄▀███░█████▄█████▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀ | | OFFICIAL PARTNERSHIP
FAZE CLAN
SSC NAPOLI | | |
|
|
|
|
pakhitheboss
|
|
September 10, 2020, 04:32:15 AM |
|
Hey! thanks for the heads up, I have done reporting this URL to Google. I got confused with the way these scammers have set up this URL. I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.
|
|
|
|
Upgrade00
Legendary
Offline
Activity: 2044
Merit: 2185
CoinPoker.com
|
|
September 10, 2020, 06:06:33 AM |
|
I am not sure whether such domain names can be easily purchased or can be created but this is really interesting way of scamming people.
The original domain name cannot be duplicated exactly as it is already created, but variations to the characters can be added to make it different but it would yet look very similar to the original website. This phishing website can then be spammed on various platforms or sent through email attacks and unsuspecting users can click on it. Scammers also copy the code of the original website to make the layout of the fake one look very similar, but they would include their tweaks to it which would help them retrieve sensitive information like login details, private keys etcetera. There has been many cases of such phishing website getting on results of search engines like Google, so always double check and triple check websites you visit. |
|
|
|
DdmrDdmr
Legendary
Offline
Activity: 2324
Merit: 10800
There are lies, damned lies and statistics. MTwain
|
|
September 10, 2020, 06:33:39 AM |
|
Normally, this type of phishing sites leave plenty of links working, pointing to the original site, but have a fake login page to grab your credentials. Here, all the links (at least all those I tried) redirect you to the login page. When you provide the credentials, it (presumably) traps them, and redirects you to the original Poloniex site, trying to make it look that there was a glitch, and that you needed to provide the credentials again to gain access. If you do, you’d enter your Poloniex account, and may not even have given it a second thought.
|
|
|
|
|
Charles-Tim
Legendary
Offline
Activity: 1554
Merit: 4914
Leading Crypto Sports Betting & Casino Platform
|
|
September 10, 2020, 06:39:32 AM |
|
This has become common some years ago, but what keeps me wondering are domain providers, they ought not to allow some domain names to be used after a similar legit company has taken it. There was one we discussed previously which is a phishing site that is mimicking/similar to atomic wallet. And this type here in question is the one that resemble polonix. Also are another that steal monero from victims recently. I think there should be something that can be done against this fake and scam phishing sites before they are using the site for malicious activities.
Also, people need to learn about this scam methods, it is not something hard at all to learn, from the look of the above phishing website, I can easily conclud they are actually scamming. The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
And about the domain creation date, this has been a very powerful tools to professionals to conclud that the site can belong to a scammer, but some scammers are still very patient to make use of old domain name websites that has been inactive for years but in rear cases.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
plvbob0070
Copper Member
Sr. Member
Offline
Activity: 658
Merit: 402
|
|
September 10, 2020, 07:14:42 AM |
|
Try to check the URL carefully, and you can clearly see that there’s a diacritic on the letters which you won’t find on their legitimate website. We should be aware that it can be considered as a red flag, and scammers used it to confuse the users. Fortunately, Poloniex has compiled lists of their websites, social media sites, and apps to help their users avoid such incidents. Reference: https://support.poloniex.com/hc/en-us/articles/360041708873-How-to-identify-legitimate-Poloniex-websites-social-media-profiles-and-communications |
|
|
|
|
Mpamaegbu
Legendary
Offline
Activity: 2702
Merit: 1219
Once a man, twice a child!
|
|
September 10, 2020, 07:42:07 AM |
|
The domain only resembles polonix but not polonix in any way. Ones we are noticing such similar but not the same domain name, it is easy to fathom out it is a scam.
Honestly, you made a valid point in your submission here. Sometimes I wonder why sites with same sounding names are allowed on similar domain as it is highly deceitful. It's the same way we have bitcointalk.org and bitcointalk.com. Even now, I am quite sure not many noticed the missing "e" in the bolded polonix above. A lot of people are too hasty to crosscheck sites they visit from the url which is the simplest service they can avail themselves. I think doing what tranthidungFor crypto newbies, they must visit coinmarketcap.com or coingecko.com or both to check info and get links of exchanges.
suggested here. That's how I have been tackling new sites too. |
|
|
|
|
Insanerman
|
|
September 10, 2020, 01:09:38 PM |
|
There is a phishing Poloniex website: PHISHING SITE https://polȯniex.com/
xn--polniex-v2c.com Shouldn't this be moved to Scam Accusations board? This kind of thread fits there more than in here. I know this is just a warning for the beginners, but Poloniex are for trading (which SA is a sub-board of Trading Disc), and most traders or even warnings such this are better be reside on the Scam Acc board. Better move this, it is the newbie/beginner's initiative to take a look on that board as well..
Enough said, as plvbob0070 had mentioned, Poloniex already had this feature to detect if a site with their name is legit or not. It was a problem back then as many had been phishing people with fake Poloniex websites after the platform had its popularity in trading industry. |
|
|
|
|
|
erikoy
|
|
September 10, 2020, 01:27:51 PM |
|
Another phishing site. Just how many actually are like these in the internet?
So sad that hackers or scammers had done their best too to scam other people being creative enough to make replicate the original site or a hacking program that could record important details of crypto wallet. It may be difficult to deal this fake sites but as long as everyone will keep an awareness to this then it can minimize the possible number of getting phished out of this phishing site. Just always do share and report this kind of activities.
|
|
|
|
|
AakZaki
Legendary
Offline
Activity: 2338
Merit: 1076
zknodes.org
|
|
September 11, 2020, 06:17:42 PM |
|
Phising sites like this trick a lot of people because they use almost the same domain name and only have different signs in a few letters.
The template used is the same and makes no difference. if we are tricked into entering a username and password then we are in a trap.
Usually phishing website links like this are spread via Email or on Telegram with a message stating that you won a Bitcoin prize which can be withdrawn immediately. Must be more careful with phishing websites like this.
|
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2240
Merit: 7200
|
|
September 12, 2020, 08:22:39 AM |
|
 It is easy for newbies to fall for this phishing scam. This is just one reason why Firefox browser is much better than chrome browser, because Firefox is showing exact punny codes https://xn--polniex-v2c.com/ |
|
|
|
|
