ShadowOfHarbringer (OP)
Legendary
Offline
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
|
|
November 17, 2013, 12:23:49 PM Last edit: November 17, 2013, 12:58:02 PM by ShadowOfHarbringer |
|
Look at the PM I just received : [ WARNING FOR NOOBS: DO NOT CLICK THAT LINK BELOW ! ] Be careful where you mine and exchange bitcoins for money. Most mining pools are a scam, bitcoin exchanges too(they will hold your money for months), look in the scammers section and see for yourself bticointakl.org/index.php?board=83.0This is a scammer, trying to harvest Bitcointalk forum's logins & passwords. We should act immediately - perhaps an automatic external linking protection (like youtube) or tagging algorithm adding extra description to every outgoing link (like slashdot) should be added to the forum. Algorithm such as this is easy to write and will save many noobs and people who misclick and don't read website URL's. Also: Somebody please ban this motherfucker (and others like him) before they do a lot of harm.
|
|
|
|
whitemage
|
|
November 17, 2013, 12:54:08 PM |
|
Look at the PM I just received : WARNING FOR NOOBS: DO NOT CLICK THAT LINK BELOW ! Be careful where you mine and exchange bitcoins for money. Most mining pools are a scam, bitcoin exchanges too(they will hold your money for months), look in the scammers section and see for yourself bticointakl.org/index.php?board=83.0This is a scammer, trying to harvest Bitcointalk forum's logins & passwords. We should act immediately - perhaps an automatic external linking protection (like youtube) or tagging algorithm adding extra description to every outgoing link (like slashdot) should be added to the forum. Algorithm such as this is easy to write and will save many noobs and people who misclick and don't read website URL's. Also: Somebody please ban this motherfucker (and others like him) before they do a lot of harm. Opps, that sucks.. I just realise the website isn't bitcointalk....
|
|
|
|
ShadowOfHarbringer (OP)
Legendary
Offline
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
|
|
November 17, 2013, 12:57:03 PM |
|
Opps, that sucks.. I just realise the website isn't bitcointalk....
Yep, it's that easy to get scammed. One misclick and your account is fucked (then scammer can use your verified & trusted account to send even more scammy PMs).
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
November 17, 2013, 07:18:41 PM |
|
Yep, it's that easy to get scammed.
One misclick and your account is fucked (then scammer can use your verified & trusted account to send even more scammy PMs).
I got the same PM. Left negative feedback. What's weird is he's smart enough to realise you can set the link's target to be different than the link text, but then uses the ugly bticointakl domain in the text. You could fix that to look like a real bitcointalk link and still have the link target go to the scam site.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
November 17, 2013, 07:35:21 PM |
|
Always check ten times before clicking a link
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
devthedev
Legendary
Offline
Activity: 1050
Merit: 1004
|
|
November 22, 2013, 06:48:20 PM |
|
Always check ten times before clicking a link
Eleven times is even better! You can never be too careful on the forum.
|
|
|
|
edd
Donator
Legendary
Offline
Activity: 1414
Merit: 1002
|
|
November 22, 2013, 06:53:51 PM |
|
Always check ten times before clicking a link
Eleven times is even better! That's why mine go up to eleven:
|
Still around.
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
November 22, 2013, 10:31:09 PM |
|
Always check ten times before clicking a link
Eleven times is even better! That's why mine go up to eleven: I am going to guess and say this is from Back in the Future
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
fishy
Sr. Member
Offline
Activity: 476
Merit: 250
What do you call a fish with no eyes? A Fsh!
|
|
November 22, 2013, 11:07:42 PM |
|
What happens when you click it? I'm scared...
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
November 22, 2013, 11:23:40 PM |
|
It takes you to a login screen that looks like this forum, so they can get your name and password.
|
|
|
|
Mondy
Member
Offline
Activity: 112
Merit: 10
|
|
November 23, 2013, 12:36:29 AM |
|
Yep, it's that easy to get scammed.
One misclick and your account is fucked (then scammer can use your verified & trusted account to send even more scammy PMs).
I got the same PM. Left negative feedback. What's weird is he's smart enough to realise you can set the link's target to be different than the link text, but then uses the ugly bticointakl domain in the text. You could fix that to look like a real bitcointalk link and still have the link target go to the scam site. Thank you! lets keep the forum safe
|
|
|
|
ShadowOfHarbringer (OP)
Legendary
Offline
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
|
|
November 23, 2013, 09:09:47 AM |
|
It takes you to a login screen that looks like this forum, so they can get your name and password.
Honourable member of Staff, we welcome you ! Any idea if we could have outgoing link verification on these forums ? (You know, it would really help to mitigate attacks like this one)
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
November 23, 2013, 11:12:38 AM |
|
Maybe put a warning next to links from forum users with activity<60 (or 90 or whatever)
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
whiskers75
|
|
November 23, 2013, 03:47:37 PM |
|
Maybe put a warning next to links from forum users with activity<60 (or 90 or whatever)
* whiskers75 looks at jackjack with his fancy BT++ script.
|
|
|
|
pekv2
|
|
November 24, 2013, 03:08:37 AM |
|
Be cautious of all links. I've got into a strong habit, of right clicking links and copy link location, open new tab, paste in urlbar, view the pasted link location in whole. Something I should add to my stay safe link in my sig. Edited: Added to stay safe thread.
|
|
|
|
deepceleron
Legendary
Offline
Activity: 1512
Merit: 1036
|
|
November 24, 2013, 04:20:14 AM |
|
The correct response is to destroy the account and every post and IP ban the entire /24 or /16 of a person posting phishing links on the very first instance. Then report the domain for the impersonation and get it taken over and handed to the forum. Then get law enforcement involved, a single login to the forum with a stolen account is a violation of the federal computer abuse act.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
November 24, 2013, 01:16:55 PM Last edit: November 24, 2013, 01:54:00 PM by jackjack |
|
The correct response is to destroy the account and every post and IP ban the entire /24 or /16 of a person posting phishing links on the very first instance. Then report the domain for the impersonation and get it taken over and handed to the forum. Then get law enforcement involved, a single login to the forum with a stolen account is a violation of the federal computer abuse act.
Then follow the policemen when they go get him in order to take care of his knees with a chainsaw Maybe put a warning next to links from forum users with activity<60 (or 90 or whatever)
* whiskers75 looks at jackjack with his fancy BT++ script. Hmm yeah that would be a good feature until theymos makes something officialIt's done, that makes something like this:Looks like theymos changed the url rules
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
|