Poloniex phishig mail

[salihno71_1]

Just a heads up. I just received a phishing mail which looks like it's from Poloniex requiring me to enable two factor authentication. The lamp lit over my head when i luckily tried the wrong password and i logged in. Site is at https://secure.poloniex.work (not whole url) and it's a bit different namely fonts on top.

Stay safe.

[shulio]

Phishing mails are always a thread. Even if you have 2FA enabled in your account they are able to sign in in a way. So please be carefull about the mails you receive.

[npredtorch]

Phishing mails are always a thread.

You mean "threat" , right  

Even if you have 2FA enabled in your account they are able to sign in in a way.

I disagree. Before signing in, most exchanges require users the 2FA. They still be needed your 2fa's secret key in order to import it in the app and to have access to the code.
Also, you should consider that the topic of the email is about activating 2fa which means?
They are targeting accounts who have deactivated 2fa.

Possible process:
Send phishing email -> Victim clicked on the link , tried to login -> Username/Email and password trasmitted to Phisher -> Phisher quickly logins and withdraw the funds before the victim realizes that it's a phishing site or before it turns on the 2fa on the right page.

So please be carefull about the mails you receive.

My main tip for link provided in emails is to check the target url which can be seen when hovering the linked text. Target url is shown on the bottom left part of the browser. (chrome)

[magneto]

Just a heads up. I just received a phishing mail which looks like it's from Poloniex requiring me to enable two factor authentication. The lamp lit over my head when i luckily tried the wrong password and i logged in. Site is at https://secure.poloniex.work (not whole url) and it's a bit different namely fonts on top.

Stay safe.

Phishing sites are going to be there, as long as legit websites are there as well.

I've never received poloniex phishing links, but certainly have received a bunch of other phishing sites.

Always check the email that you're receiving from the right sender, and that the email address that they have been sent from isn't a spoofed email address. Also check that the URL you are clicking on isn't directing you to a phishing site.

Enable 2fa just in case, phishers can't sign in unless they get access to your 2fa code. Thanks for the warning, OP.

[mobnepal]

I am getting password reset email for my accounts in different sites because I have used that same email to register in random sites. You should never use your personal email to register in whatever site you will come over, they are the one who will sell your email address to scammers through black market from which you will get such scam emails.

Also for your information poloniex will never send email to enable 2fa.