Bitcoin Forum
December 12, 2019, 03:50:05 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: 2 phishing websites shows on search engine when searching about Electum DDOS  (Read 97 times)
BitMaxz
Legendary
*
Offline Offline

Activity: 1638
Merit: 1278


Beware on fake ledger nano, trezor and electrum.


View Profile WWW
April 16, 2019, 01:55:49 PM
Last edit: April 16, 2019, 02:42:56 PM by BitMaxz
Merited by bones261 (3)
 #1

I would like other users to be aware of other new phishing Electrum websites that I found when I searching on bing and google.

Here's the 2 phishing sites.

Code:
http://electrum.bz
http://electrumsecuredownload.com

Keep your wallet safe and always use the original Electrum website which is electrum.org when downloading the latest version of Electrum.

Edit: It seems someone already victim again with electrum[.]bz in reddit from here
Please be careful guys don't give your Bitcoin to scammers.

1576165805
Hero Member
*
Offline Offline

Posts: 1576165805

View Profile Personal Message (Offline)

Ignore
1576165805
Reply with quote  #2

1576165805
Report to moderator
1576165805
Hero Member
*
Offline Offline

Posts: 1576165805

View Profile Personal Message (Offline)

Ignore
1576165805
Reply with quote  #2

1576165805
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1576165805
Hero Member
*
Offline Offline

Posts: 1576165805

View Profile Personal Message (Offline)

Ignore
1576165805
Reply with quote  #2

1576165805
Report to moderator
TryNinja
Legendary
*
Offline Offline

Activity: 1218
Merit: 1687



View Profile
April 16, 2019, 02:41:04 PM
Merited by bones261 (2)
 #2

We can report them here: https://support.google.com/google-ads/troubleshooter/4578507
And here: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

This will remove them from showing up on Google ads.

joniboini
Hero Member
*****
Offline Offline

Activity: 770
Merit: 1181


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile WWW
April 17, 2019, 02:34:28 AM
 #3

Edit: It seems someone already victim again with electrum[.]bz in reddit from here

It still amazes me how some people could fall to an explicit fake site like this. Don't they know about the legit site or do their DNS/computer gets hijacked somehow? How come do they know about Electrum in the first place? Looks like we need to increase spreading awareness about Electrum legit site and about phishing attack in general.

bob123
Legendary
*
Offline Offline

Activity: 1106
Merit: 1580



View Profile WWW
April 17, 2019, 06:30:23 AM
 #4

Don't they know about the legit site or do their DNS/computer gets hijacked somehow? How come do they know about Electrum in the first place? Looks like we need to increase spreading awareness about Electrum legit site and about phishing attack in general.

I would say more than 90% of all fake-electrums downloaded are because of user being unaware.
I don't have anything to prove this number, it is just a feeling.


DNS spoofing and cache poisoning takes quite some effort.. It is easier to just host a fake website and pay for a high google ranking / google ads.
And unfortunately the majority of people in the cryptospace (not just here, internet overall) are extremely unaware.

IMO it would be more lucrative this way, than spending lots of time and effort into dns spoofing etc. (even tho this would be the 'better' way for a high-value target which is quite aware).

Lucius
Legendary
*
Offline Offline

Activity: 1624
Merit: 1413


Fortis Fortuna Adiuvat


View Profile WWW
April 17, 2019, 09:03:50 AM
 #5

Both sites from OP are blocked in Firefox, and first one is also blocked on Brave browser. Second site is still opening in Brave, so this means that some users are exposed to the risk. It is important to report such sites to Google (links posted by TryNinja), but also direct from browsers. Firefox is have that option in Help -> Report Deceptive Site.

What can save each user to become victim of phishing  is to use adblocker for any browser, such extension will block all pay ads from Google search results, and it will show only legitimate Electrum site.

bob123
Legendary
*
Offline Offline

Activity: 1106
Merit: 1580



View Profile WWW
April 17, 2019, 09:34:01 AM
 #6

What can save each user to become victim of phishing  is to use adblocker for any browser, such extension will block all pay ads from Google search results, and it will show only legitimate Electrum site.

While i agree that using an adblocker is extremely helpful in avoiding such scams, it is also possible that a fake electrum site has an increased google ranking through some SEO.
It definitely helps avoiding such sites, but by far doesn't protect you from them.

It might even be possible that some fake site will be placed above the real electrum site. Therefore it is always necessary to double check the URL and verify the signature of the downloaded files.
Verifying the signature is the only way to be sure that the downloaded file is the one uploaded by ThomasV (assuming that ThomasV knows how to protect his signing key, which he most probably does).

hugeblack
Hero Member
*****
Offline Offline

Activity: 896
Merit: 943


For ReNt


View Profile
April 17, 2019, 10:59:57 AM
 #7

Verifying the signature is the only way to be sure that the downloaded file is the one uploaded by ThomasV (assuming that ThomasV knows how to protect his signing key, which he most probably does).
If the user does not check the site, he will not verify the signature. Verification of the signature is important in hacking the official site cases but will not be useful in such cases.

To solve the problem definitively there must be collaboration between browsers and search engines. There is an authentication badge next to each official account "just as it happens in social media" and therefore when a person visits any site similar to the official domain the warning appears.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!