Bitcoin Forum
August 23, 2019, 11:20:03 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: ⚠️ BITCOIN-TALK FORUM PHISHING WEBSITE! BE AWARE!! ⚠️  (Read 303 times)
blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 20, 2019, 12:46:04 PM
Last edit: March 20, 2019, 03:37:37 PM by blockchain2k
Merited by trumpc2016 (29), Halab (2), ethereumhunter (1), DdmrDdmr (1)
 #1

Dear Bitcointalk mods and users.

While I was conducting an ICO project research due to an ICO project we are going to launch, I made the following search on Google.com: ''dragon coin bitcointalk''

You will notice, that the 2nd result which pops-up is a PHISHING SITE (ENTER AT YOUR OWN RISK!) and when you click on it, it look identically like Bitcointalk, has the same amount of posts and thread and my Meta Mask extension screamed right away that it is a phishing site.

''A phishing website (sometimes called a "spoofed" site) tries to steal your account password or other confidential information by tricking you into believing you're on a legitimate website. You could even land on a phishing site by mistyping a URL (web address).''

Evidence - https://imgur.com/a/W8AjLdo

They probably use it to get peoples log-in details for Bitcointalk forum.

Be aware and let's fight it by reporting the website to Google! https://safebrowsing.google.com/safebrowsing/report_phish/?rd=1&hl=en


MODS, PLEASE, DELETE THIS THREAD WHICH I POSTED ON SERIOUS DISCUSSIONS, OFF_TOPIC IS A FAR BETTER PLACE FOR IT TO BE ON!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566602403
Hero Member
*
Offline Offline

Posts: 1566602403

View Profile Personal Message (Offline)

Ignore
1566602403
Reply with quote  #2

1566602403
Report to moderator
1566602403
Hero Member
*
Offline Offline

Posts: 1566602403

View Profile Personal Message (Offline)

Ignore
1566602403
Reply with quote  #2

1566602403
Report to moderator
1566602403
Hero Member
*
Offline Offline

Posts: 1566602403

View Profile Personal Message (Offline)

Ignore
1566602403
Reply with quote  #2

1566602403
Report to moderator
UserU
Member
**
Offline Offline

Activity: 308
Merit: 26

Free Counter-Strike @ CSONLINE2.NET


View Profile WWW
March 20, 2019, 01:05:54 PM
 #2

Yup, its back online.

Its so convincing I wont be surprised if many fell for it.

blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 20, 2019, 02:21:32 PM
 #3

Yup, its back online.

Its so convincing I wont be surprised if many fell for it.

We need to get as many people as possible from here to report the site in the Google Phishing site report page that I have posted a link to.

Tamilson
Hero Member
*****
Offline Offline

Activity: 1022
Merit: 503


View Profile
March 20, 2019, 03:05:29 PM
 #4

It will be more appropriate if this will be move in beginners and help? Only few people are visiting this board. Though, I know there's also related thread about phishing site of bitcointalk.org but this is actually insane.

Please, just remove the link of the phishing site, some people here aren't mindful in clicking links. The image tells us everything anyway.
blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 20, 2019, 03:22:13 PM
 #5

It will be more appropriate if this will be move in beginners and help? Only few people are visiting this board. Though, I know there's also related thread about phishing site of bitcointalk.org but this is actually insane.

Please, just remove the link of the phishing site, some people here aren't mindful in clicking links. The image tells us everything anyway.

Hi Tamilson! I just removed the link and now you can see the site in the image. Perhaps it would be better if this was moved to Beginners & Help board. IHow do I do that?

harizen
Legendary
*
Offline Offline

Activity: 1624
Merit: 1145


View Profile
March 20, 2019, 03:39:22 PM
 #6

Perhaps it would be better if this was moved to Beginners & Help board. IHow do I do that?

a) Find this on the lower left part of this thread:

move topic  |  unlock topic

b) Hit the Move Topic.

c) Move to: (choose the section where you will move the thread)

Having a problem uploading the screenshots for much easy guide but Im sure you can able to follow the instruction without a problem.

blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 20, 2019, 03:43:42 PM
 #7

Perhaps it would be better if this was moved to Beginners & Help board. IHow do I do that?

a) Find this on the lower left part of this thread:

move topic  |  unlock topic

b) Hit the Move Topic.

c) Move to: (choose the section where you will move the thread)

Having a problem uploading the screenshots for much easy guide but Im sure you can able to follow the instruction without a problem.

Thank you for your assistance harizen. I did as you instructed and the operation went smoothly. Hopefully, this will help to prevent people from losing their accounts.

DdmrDdmr
Hero Member
*****
Offline Offline

Activity: 588
Merit: 2574

There are lies, damned lies and statistics. MTwain


View Profile WWW
March 20, 2019, 04:18:23 PM
 #8

The ".to" Bitcointalk site has been back online for over a month now, after a few months of being off-line. This is how it performed when I gave it a cautious deliberate try (with fake data) a month ago:

Beware!!!!

It seems that the .to phishing version of Bitcointalk is back online today, after being down for a few months. That is likely one of the main sources for hacked accounts around here.
The crazy thing is that it now displays a gambling site popup screen, which is obviously not forum policy. Data is nearly up-to-date with forum, and is barely a day off.

I never ventured to try to log onto the .to site before, but for the sake of it, I tried now with fake data. What it does is capture your login/password, and then immediately redirect you to the proper .org version of the forum, where you are back to the login screen. The impression you get is that you are on the correct site, but suffered a connection glitch that made the site ask you for your credentials twice. The fuckers …

khaled0111
Hero Member
*****
Offline Offline

Activity: 798
Merit: 506


View Profile
March 20, 2019, 04:45:30 PM
 #9

I am certain many people reported it already and I don't know why google and other search engines didn't ban it till now.

It is really annoying to see it on the first page of search results.
Thankfully, I have Metamask installed and when clicking on the .to link I get this warning:

Quote
This domain is currently on the MetaMask domain warning list. This means that based on information available to us, MetaMask believes this domain could currently compromise your security and, as an added safety feature, MetaMask has restricted access to the site. To override this, please read the rest of this warning for instructions on how to continue at your own risk.

It is almost impossible to recognize the difference between .to and .org websites unless you have the "Always stay logged in" feature activated.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 658
Merit: 2554



View Profile
March 20, 2019, 08:59:34 PM
Merited by Vod (4), ethereumhunter (1)
 #10

If you add the ".to" site to your hosts file, your browser will flat out refuse to open it. You can completely eliminate the risk of being phished by this site in <30 seconds. I'll quote myself below from the last time this was discussed with instruction on how to do so. Alternatively, if you are using Windows, your hosts file can be found in "C:\Windows\System32\Drivers\etc\".

See the following site for instructions on how to open your hosts file on Windows, Mac or Linux: https://support.rackspace.com/how-to/modify-your-hosts-file/

Add the following line to the bottom of your hosts file:
Code:
0.0.0.0 bitcointalk.to

DdmrDdmr
Hero Member
*****
Offline Offline

Activity: 588
Merit: 2574

There are lies, damned lies and statistics. MTwain


View Profile WWW
March 21, 2019, 10:59:42 AM
 #11

<…>MODS, PLEASE, DELETE THIS THREAD WHICH I POSTED ON SERIOUS DISCUSSIONS, OFF_TOPIC IS A FAR BETTER PLACE FOR IT TO BE ON!
You can move the thread yourself to Archival for example (Other – Archival). You will find the option to do so at the bottom left of the screen ("move topic").

It may be better to move your other thread, and not this one (the other thread has less responses and no merits): BITCOIN-TALK FORUM PHISHING WEBSITE! BE AWARE! .

XZERO1
Member
**
Offline Offline

Activity: 71
Merit: 16


View Profile
March 21, 2019, 11:27:28 AM
 #12

Or you can just search within the original bitcointalk entering the word you're looking for + site:bitcointalk.org

You can use this method when you only want results from a specific website or like in this case worried about the security...

Example

jossiel
Hero Member
*****
Online Online

Activity: 1260
Merit: 541



View Profile
March 21, 2019, 11:51:47 PM
 #13

Yes, that ".to" domain is a fake and phishing copy cat website of bitcointalk.org.

Thanks for keeping the reminder again since that has been offline for sometime. To everybody, don't login any of your details there or your account might be fetched by the owner of that phishing site. It's easier if everyone will bookmarket 'bitcointalk.org' or typing the URL directly instead of searching it on google. It looks a simple tip but sorry to say that there are still few people that fall for it.

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 22, 2019, 08:35:34 AM
 #14

Thank you for showing various ways how to avoid it once you are aware of it, but the root problem has not been taken care of. If the ''report a phishing website to Google'' system does not work it means that Google has got a problem. It is either extremely too slow at checking out the website in general or they get way too many requests to handle them in a timely manner. This is just ridiculous for how long time the phishing website can exist for the biggest Bitcoin forum on earth.

Xenrise
Sr. Member
****
Offline Offline

Activity: 672
Merit: 251



View Profile
March 22, 2019, 01:17:49 PM
 #15

Just before you put your valuable information in logging in this forum you should verify the site you are logging on

Here are some ways for verification:
  • Try to bookmark bitcointalk.org
  • Check each letters one by one
  • Try not deleting history so that when you put at least some keyword of the forum, you can see bitcointalk in the suggested

Remember people that in cryptocurrency we have a lot of scammers in here. They do not rest, that's why play it safe and be careful ALL THE TIME. I remember last time there was a myetherwallet phishing site and it is myetherwaliet.com. If I remember it correct that was the spelling. Be sure to check always because we never know when scams will appear.
Velkro
Legendary
*
Offline Offline

Activity: 1890
Merit: 1006


<3 Vanity Addresses :)


View Profile
March 23, 2019, 01:37:41 AM
 #16

Problem is phishing websites are problem not only for this forum that could harm people but especially for exchanges or banks.
This warning is good to be turned in guide/advices topics that help people recognize all phishing signs to avoid them.

blockchain2k
Member
**
Offline Offline

Activity: 392
Merit: 39

Check out my signature.


View Profile WWW
March 23, 2019, 08:40:29 AM
 #17

Problem is phishing websites are problem not only for this forum that could harm people but especially for exchanges or banks.
This warning is good to be turned in guide/advices topics that help people recognize all phishing signs to avoid them.

My biggest problem with this issue is that Google is taking this matter very lightly. As far as I understand, the phishing sites for Bitcointalk have been a pro-longer problem and they remain the same in most cases. The Bitcointalk forum is the biggest Bitcoin forum and they collectively cannot do a thing. Google should seriously start putting more focus on this area.

When I search the domain name on WHOIS, it gives this info.

''
Tonic whoisd V1.1
bitcointalk dane.ns.cloudflare.com
bitcointalk emma.ns.cloudflare.com
''

UserU
Member
**
Offline Offline

Activity: 308
Merit: 26

Free Counter-Strike @ CSONLINE2.NET


View Profile WWW
March 23, 2019, 09:03:14 AM
 #18


Tonic whoisd V1.1
bitcointalk dane.ns.cloudflare.com
bitcointalk emma.ns.cloudflare.com
''

They even use CF? Wow... and the ori still doesn't.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!