WARNING * mtgox SPAM SCAM fake Documents downloads - bitstamp btcguild btc-e

[awesomeami]

http://www.reddit.com/r/Bitcoin/comments/1zaqvy/bitstamp_email_list_used_to_spread_mtgox_malware/

I have a domain that I use to create unique emails for signing up at all kinds of services. It's all explained at bustspammers.com. Today I received this email:

---------------------------- Original Message ----------------------------
Subject: [MtGox] Dear Clients ..
From:    "MtGox" <accounting@mtgox.co>
Date:    Sat, March 1, 2014 12:29 pm
To:      "[redacted]" <[redacted]@bustspammers.com>
--------------------------------------------------------------------------

Dear MtGox Customers,
Please sign the papers attached, we can complete the process of closing the account
and send you what the balance to another Wallet Address.
Sincerely ,
Tomas Karpeles
1 / March 2014

Download Documents

This is the plain-text version. In the original HTML email, the "Download Documents" link led to a page on deseobc.com distributing malware (a .pif executable, they attempted to make it look like a .pdf). This means one of three things:

    Bitstamp is actively pushing malware onto their own clients.
    Someone stole Bitstamp's email list.
    Bitstamp sold their email list to scammers.

Knowing that many Bitstamp users likely were also Mt.Gox users and might be easy targets, provides an obvious motivation for a scam. I asked Bitstamp for comment, will update this post if I hear anything back.

Bitstamp's email list was confirmed stolen ~2 weeks ago, when a boatload of emails claiming to be from support@btcguild.com (but not sent from any of the BTC Guild mail servers) went out talking about a 3.201 bitcoin transfer. After replying to the people shouting at me for being a scammer, I was eventually able to narrow the source of the leak to Bitstamp at the very least, and likely a few other sources on top of it.

I informed Bitstamp that they had at least a breach on their email list, if not the rest of their system. At first they denied it, but in a follow up they eventually admitted to it.

They then sent out a little security update email mentioning 2FA/password security.

I can confirm 3 same email "from" mtgox"

Dear MtGox Customers,

Please sign the papers attached, we can complete the process of closing the account and send you what the balance to another Wallet Address.

Sincerely,
Mark Karpeles
February 26th 2014

    Download Documents

first 2 emails didn't have URL in "Download Documents"

and 3rd one was:

Dear MtGox Customers,

Please sign the papers attached, we can complete the process of closing the account and send you what the balance to another Wallet Address.

Sincerely ,
Tomas Karpeles
1 / March 2014

    Download Documents

This (3rd one) is linking to http://dese--DO-NOT-CLICK--obc.com/style/imports/goxdocuments/?PaperMtgox.pdf

Sry for didn't post sooner - was thinking its known already - but now i didnt find any thread (and sry again if there already are some - pls posts links as reply) about it ...


And I also received 3 from btcguild.
1st:

3.201 bitcoin failed transfer

support@btcguild.com support@btcguild.com via smtp.com
   
Feb 17 (13 days ago)
      
i try to call you many time.
Please correct your Butcoin Address soon,

Attachment: http://--DO-NOT-CLICK--ge.tt/api/1/files/4X1oTKK1/0/blob?download

2nd+3rd within 1 hour:

You Lost 3.201 bitcoin
support@btcguild.com support@btcguild.com via smtp.com
   
Feb 19 (11 days ago)
      
Report BlockChain Wallet : http://--DO-NOT-CLICK--elis--DO-NOT-CLICK--agil.com/docs/download.php?bitcoin.xls

https://www.btcguild.com/

A recent phishing scam has been pretending to be from support@btcguild.com. This email did not come from us, and is trying to spread a virus.

WARNING * mtgox SPAM SCAM fake Documents downloads - bitstamp btcguild btc-e

[1713564890]

1713564890

[1713564890]

1713564890

[Bit_Happy]

So sick of scams...

[Trance]

Interesting, It sucks to see that many companies employees are trusted and end up selling out and it just gets written off as bad debt due to the " selective scamming "

Think about it...

If you scam 15% of ALL USERS for ALL they have

Statistically maybe 5-10% WILL complain elsewhere and try and make the fraudulent activity known to others

The remaining 85%+ will end up thinking the bad reputation is competition just bashing down a companies name in order to defame the company and its authenticity~

This is and has always been a large problem with Bitcoin and other cryptocurrencies, from pools that say they will give you your balance after a week (which inevitably take it all and send you through a vicious cycle of automated responses for weeks until you do your own research and find others having similar issues) we need a feedback system or website for known crypto "selective scams"

Bring these frauds to justice!!

Mt.Gox will pay for what they did, don't worry! Everything is on the blockchain and the government did this to disrupt positive media output of BTC due to the fact that the Chinese Yuan is taking over the USD!

(Sorry for rambling)

[dnaleor]

An acquaintance accidently clicked on the link. What is the risk of his PC being infected? Does anybody know what he should do?

[seriouscoin]

An acquaintance accidently clicked on the link. What is the risk of his PC being infected? Does anybody know what he should do?

Gee you have to ask?

Its like you do an escort on craigslist bareback and then ask..... what is the risk of having STD?

Hint for virgins like you, if an escort doesnt care doing it bareback, shes already infected!
 

[Lauda]

Yes another, annoying scam, sigh.
Thanks for the warning.

[dnaleor]

An acquaintance accidently clicked on the link. What is the risk of his PC being infected? Does anybody know what he should do?

Gee you have to ask?

Its like you do an escort on craigslist bareback and then ask..... what is the risk of having STD?

Hint for virgins like you, if an escort doesnt care doing it bareback, shes already infected!
 

that is what I thought. Will tell him he should never touch his BTC from that PC ever, again...

[seriouscoin]

An acquaintance accidently clicked on the link. What is the risk of his PC being infected? Does anybody know what he should do?

Gee you have to ask?

Its like you do an escort on craigslist bareback and then ask..... what is the risk of having STD?

Hint for virgins like you, if an escort doesnt care doing it bareback, shes already infected!
 

that is what I thought. Will tell him he should never touch his BTC from that PC ever, again...

LOL what? its like telling him never have sex again after infected with STD?

You tell him remove ethernet device on that PC and export priv key then import that private key to a new wallet. Dont bother using the old wallet on that PC.

Then move all BTCs to a cold storage. Reformat the HD and use the PC again, this time not being dumbed again.

[awesomeami]

just FYI:
2 more came "from" mtgox (2nd and 3rd of March):
basically the same text with:

http://accounting-mtgox-com.--DO-NOT-CLICK--grupoasci.com/?PaperMtgox.pdf
http://accounting.mtgox.com.--DO-NOT-CLICK--borisafremov.com/?PaperMtgox.pdf