Bitcoin Forum
January 29, 2022, 08:48:27 AM *
News: Vote on the 2021 community awards
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 »  All
  Print  
Author Topic: !Be careful when logging in!  (Read 832 times)
denis-z12
Full Member
***
Offline Offline

Activity: 294
Merit: 103



View Profile
February 19, 2018, 11:00:35 PM
Merited by pooya87 (1), EcuaMobi (1), coolcoinz (1), BTCLovingDude (1), HabBear (1), jamids (1)
 #1




Be very careful where you enter your login data! HTTPS means nothing anymore.
Do you notice the small dots(.) below the letters n
If you enter your password in a fake site like that your coins and money are gone. And always have 2 factor authentication activated.

Stay Safe
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1643446107
Hero Member
*
Offline Offline

Posts: 1643446107

View Profile Personal Message (Offline)

Ignore
1643446107
Reply with quote  #2

1643446107
Report to moderator
Oneandonlydl
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
February 20, 2018, 12:24:35 AM
 #2

That's crazy! Thanks for the info. How did you access this fake site so I know not to do that? It looks pretty real other than those 2 dots under the n.
Family2930
Jr. Member
*
Offline Offline

Activity: 224
Merit: 1


View Profile WWW
February 20, 2018, 12:43:06 AM
 #3

Thank you very much for the alert. But I think that is not fake website, i have never seen a fake website with Https:// (Secure) Written. Maybe that dot (.) on your computer/Laptop 's home screen. I am not sure though. Btw thanks again.

╔═██|   investaco.in   |██═════  Pre ICO : May 1st, 2018  ═╗
╚  JOIN THE NEW BREED WHO WILL INHERIT THE DIGITAL EARTH!  ╝
cryptozoomed
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile WWW
February 20, 2018, 01:18:58 AM
 #4

Great warning! A reminder to all of us to always triple check whenever we log in to an exchange!
bitperson
Full Member
***
Offline Offline

Activity: 210
Merit: 119


View Profile
February 20, 2018, 01:25:40 AM
 #5

This is a good example of script spoofing as described at https://en.wikipedia.org/wiki/IDN_homograph_attack. Internationalised domain names should never have been implemented in the first place. Users and administrators should disable it wherever it is encountered.

How to ask questions the smart way
When you’re happy with the answers in a thread you have started, please click ‘lock topic’ to prevent spam.
1AWrZWnN4ThpGB5z24WTzsoZRMqvLpDGYU
jseverson
Hero Member
*****
Offline Offline

Activity: 1834
Merit: 756


View Profile
February 20, 2018, 01:58:46 AM
 #6

That's crazy! Thanks for the info. How did you access this fake site so I know not to do that? It looks pretty real other than those 2 dots under the n.

Well there's no way you can accidentally type that out, so it's most likely from an ad or a deliberate phishing attempt. Some people may be too lazy in typing out the full address, so they search for the exchange in Google and go for the first result, which could be a sponsored ad. Deliberate phishing attempts come from emails or messages that look like they legitimately come from the site, asking you to click a seemingly legit link to drop your guard.

The best way to not get duped into these is to type the addresses out yourself, and maybe bookmark them if you're absolutely sure your computer is clean.

EcuaMobi
Legendary
*
Offline Offline

Activity: 1834
Merit: 1453


https://Ecua.Mobi


View Profile WWW
February 20, 2018, 01:59:46 AM
Merited by pooya87 (1), denis-z12 (1)
 #7

If using Firefox, I strongly advice everyone to enable the option to show IDN domains using the long codification.
Open the address "about:config", find "punycode" and enable it:


And, more importantly, always type addresses yourselves. Never open them using received links.

Thank you very much for the alert. But I think that is not fake website, i have never seen a fake website with Https:// (Secure) Written. Maybe that dot (.) on your computer/Laptop 's home screen. I am not sure though. Btw thanks again.
You must learn more about HTTPS! It just means the information between you and the website is encrypted and, most of the times (unless the certificate is self-signed or provided by a fake authority), that the site owns the domain (any domain) you're browsing. If you're browsing a fake site then it means the website owns that fake domain, not the real one.

It's trivial and free to get HTTPS for any domain you own, real or fake.
Read this: https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/

Thirdspace
Hero Member
*****
Offline Offline

Activity: 1232
Merit: 731


Mixing reinvented for your privacy | chipmixer.com


View Profile
February 20, 2018, 02:28:08 AM
 #8

Be very careful where you enter your login data! HTTPS means nothing anymore.
Do you notice the small dots(.) below the letters n
That's crazy! Thanks for the info. How did you access this fake site so I know not to do that? It looks pretty real other than those 2 dots under the n.
most likely he used google search or clicked link from shady website
that's why it's a good idea to create bookmarks for your most visited/used sites and only open from bookmarks

If you enter your password in a fake site like that your coins and money are gone. And always have 2 factor authentication activated.
yes it's a good idea to activate 2FA, at least it will somewhat prevent them to steal your coins
and most exchanges already put security measure on withdrawal process requiring confirmation link sent to your email

Cita1
Newbie
*
Offline Offline

Activity: 153
Merit: 0


View Profile
February 20, 2018, 03:49:11 AM
 #9

Thanks for reminding us here. Very helpful post. Merit deserving?
krisssssy01
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
February 20, 2018, 03:54:05 AM
 #10

https://i.imgur.com/Qf3nKiI.jpg


Be very careful where you enter your login data! HTTPS means nothing anymore.
Do you notice the small dots(.) below the letters n
If you enter your password in a fake site like that your coins and money are gone. And always have 2 factor authentication activated.

Stay Safe


thanks for the info sir..simple tips but it matters a lot...godbless☺
O$IRIS
Newbie
*
Offline Offline

Activity: 136
Merit: 0


View Profile
February 20, 2018, 04:42:25 AM
 #11

Could any one please clarify what those '...' under Ns mean? How does that represent a risk?
fraufreiheit
Jr. Member
*
Offline Offline

Activity: 252
Merit: 6

The Premier Digital Asset Management Ecosystem


View Profile
February 20, 2018, 04:50:36 AM
Merited by Gimpeline (1)
 #12

Could any one please clarify what those '...' under Ns mean? How does that represent a risk?

This site is fake, pretending to be a real exchange. When you go to it, you don't pay attention to these dots and think that it is an actual binance platform. Then you enter your e-mail and password and they go to hackers who now can do anything with your account on an exchange.

Just google "phishing" for more examples, if it is still not clear.

||   ICONIQ HOLDING   ||
The Premier Digital Asset Management Ecosystem, Powered by the ICNQ Token
pooya87
Legendary
*
Online Online

Activity: 2618
Merit: 5729


Blue:2017 Red:2021


View Profile
February 20, 2018, 05:23:35 AM
 #13

And always have 2 factor authentication activated.

2FA is very important.
additionally what i do is that i always bookmark these important websites and i open them through my bookmarks instead of clicking any links.
also a quick way to notice a fake site for me has always been based on their "zoom"! usually browsers remember the zoom level that you used on the websites. for example (if you haven't already) zoom in while seeing this topic then visit one of bitcointalk mirror/fake websites such as this one:
fake link: https://bitcointalk.org/index.php?topic=2981675.0
now you can clearly see it is a different website you are visiting based on its zoom alone.

cryptocurrencybazaar
Newbie
*
Offline Offline

Activity: 24
Merit: 1


View Profile WWW
February 20, 2018, 05:26:35 AM
 #14

Woah! This is something new. Thanks for the heads up and spreading awareness.

Using 2FA is kind of must if you are holding coins on any exchanges. It can secure your funds otherwise anyone can fall prey to such novel scams.

bitmover
Legendary
*
Offline Offline

Activity: 1470
Merit: 3142



View Profile WWW
February 20, 2018, 05:45:55 AM
 #15

Tip to avoid getting scamed:

Use a password manager, or just save passwords in your browser.

This way you never type your password again. If you are requested for it, that's not the website you are looking for.

mits001
Newbie
*
Offline Offline

Activity: 30
Merit: 0


View Profile WWW
February 20, 2018, 05:57:21 AM
 #16

Tip to avoid getting scamed:

Use a password manager, or just save passwords in your browser.

This way you never type your password again. If you are requested for it, that's not the website you are looking for.
Though it's a nice concept but saving passwords in browser is not safe either. Someone having access to your system can easily find the password or hackers can steal it too.
Better to use 2FA for added security.
pooya87
Legendary
*
Online Online

Activity: 2618
Merit: 5729


Blue:2017 Red:2021


View Profile
February 20, 2018, 06:05:52 AM
 #17

Tip to avoid getting scamed:

Use a password manager, or just save passwords in your browser.

This way you never type your password again. If you are requested for it, that's not the website you are looking for.
Though it's a nice concept but saving passwords in browser is not safe either. Someone having access to your system can easily find the password or hackers can steal it too.
Better to use 2FA for added security.


that is true.
it is best not to save passwords in your browser however it is not that simple to access stored passwords in browsers like Google Chrome and Firefox. they can also be password protected.
for example if you have a password for your system log in when you visit chrome://settings/passwords in your Chrome browser it will require you to input that password before it shows you sensitive information.

in Firefox you have to set a Master Password yourself from about:preferences#privacy

denis-z12
Full Member
***
Offline Offline

Activity: 294
Merit: 103



View Profile
February 20, 2018, 09:46:33 AM
 #18

Here are some links with special characters that can be used to trick users in giving them their login details by creating an exact copy of the website with just a little . or , somewhere that we might not even notice if we are in a hurry.

https://tools.oratory.com/altcodes.html
http://www.doc.ic.ac.uk/~svb/chars.html
https://en.wikipedia.org/wiki/List_of_Unicode_characters

Notice all the possibilities with the letter A Now think of your paypal account for example if you are using paypal.
Imagine someone sends you a link or you find a link - https:/www.paypȧl.com, you might think its dirt on your screen, dead pixel or something.
I changed only one letter, look - https:/www.paypȧl.com

Like some users said, dont click on links suggested on google or something you received via email, social media. Typing the address yourself is a good tip. Bookmark, also a good tip.
Unfortunately saving the password in your browser is a bad idea. Password Stealers are designed to find this data as it is stored in different locations on your PC. Password managers are also being targeted so any software offering to keep your passwords for you can be subject to an attack.
TheBeardedBaby
Legendary
*
Offline Offline

Activity: 1540
Merit: 2618


Ho-Ho-HODL :)


View Profile
February 20, 2018, 10:05:41 AM
Merited by denis-z12 (1)
 #19

What I'm afraid of is that the domain name can be also written in Cyrillic.
If you mix both Latin and Cyrillic you get something like this :

www.google.com
and
www.google.com  (save to click, leading to non-existing page)

Do you see any difference??

No! You see no difference but the second is written with two Cyrillic o's

There you have no need to change the n to different name, it can really be

www.binance.com

and
two different variations
www.binance.com   one Cyrillic "a" (save to click, leading to non-existing page)
www.binance.com   one Cyrillic "e"  (save to click, leading to non-existing page)

I haven't tried it myself but I could't find any restrictions in mixing different alphabets.

Note. Almost all vocals can be switched in between and many other letters.

.BEST.CHANGE..███████████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
███████████████
..BUY/ SELL CRYPTO..
denis-z12
Full Member
***
Offline Offline

Activity: 294
Merit: 103



View Profile
February 20, 2018, 11:01:23 AM
 #20

What I'm afraid of is that the domain name can be also written in Cyrillic.
If you mix both Latin and Cyrillic you get something like this :

www.google.com
and
www.google.com  (save to click, leading to non-existing page)

Do you see any difference??

No! You see no difference but the second is written with two Cyrillic o's

There you have no need to change the n to different name, it can really be

www.binance.com

and
two different variations
www.binance.com   one Cyrillic "a" (save to click, leading to non-existing page)
www.binance.com   one Cyrillic "e"  (save to click, leading to non-existing page)

I haven't tried it myself but I could't find any restrictions in mixing different alphabets.

Note. Almost all vocals can be switched in between and many other letters.


Thats a new threat level that I havent though of yet. Is that possible? Can you really combine different alphabets in the address bar?
I have never seen a Cyrillic address or any other alphabet except latin letters.
Maybe some other users can give us some more info
Pages: [1] 2 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!