Bitcoin Forum
October 15, 2019, 02:59:30 PM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [Alert! Alert] Bitcoin QR Generator” lead to scam websites.  (Read 231 times)
maxreish
Full Member
***
Online Online

Activity: 602
Merit: 133


View Profile
September 06, 2019, 05:35:21 AM
Merited by suchmoon (4), hugeblack (1), o_e_l_e_o (1), DdmrDdmr (1), dkbit98 (1)
 #1


Guys, according to the Zengo crypto wallet, four out of the first five results presented in the querying of Google  for the "Bitcoin QR Generator" was lead to scam websites. The company's researched found out that QR code Generator isn't really safe.

Since, the QR code contains our data information, then the scammers find a way how to get the public keys and changing the addresses to transfer the content to their addresses.

This is how it works:
Quote
“These sites generate a QR code that encodes an address controlled by the scammers, instead of the one requested by the user, thus directing all payments for this QR code to the scammers.”

Yes, it is easy and convenient to use the qr code scanner but after  I have read this article, I'd rather use a long random character code to copy paste it than to sacrifice my personal data which consist of my bitcoin.

Read here

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571151570
Hero Member
*
Offline Offline

Posts: 1571151570

View Profile Personal Message (Offline)

Ignore
1571151570
Reply with quote  #2

1571151570
Report to moderator
1571151570
Hero Member
*
Offline Offline

Posts: 1571151570

View Profile Personal Message (Offline)

Ignore
1571151570
Reply with quote  #2

1571151570
Report to moderator
bitmover
Hero Member
*****
Offline Offline

Activity: 630
Merit: 1065



View Profile
September 06, 2019, 10:37:17 AM
 #2

Many wallets generate QR codes for your public and private keys. There is no reason to go to third party websites for that.

When. Dealing with Bitcoin, no user should ever try to find on his own qr code generators, or search for a new random wallet to use.

Just stick with good, known, and open source software and you will be fine.

dkbit98
Sr. Member
****
Offline Offline

Activity: 560
Merit: 401


First 100% Liquid Stablecoin Backed by Gold


View Profile
September 06, 2019, 10:46:45 AM
 #3

Best way I found to generate QR code is to use open source software QR Workshop.
You can generate and read any QR codes even if you are offline.

stompix
Legendary
*
Offline Offline

Activity: 1218
Merit: 1170



View Profile
September 06, 2019, 05:01:45 PM
Merited by Foxpup (3)
 #4

There is one pretty easy way to see if they scam you..

Quote
Verify: Before sharing the QR, scan it with a wallet app and verify the scanned address is your original address.

Seriously, wouldn't that be your first concern when you get the QR code, to check it if it's really yours?
And you should do that even with legit services or clean open source application, maybe you messed up when you copy-pasted the address and your code points to an invalid address.

Speaking of, I did try to type "pussy" in the address field on one of those scam sites and it still generated a qr code  Grin
They could have at least put a validator so they are are not found out that easily.

hugeblack
Hero Member
*****
Online Online

Activity: 840
Merit: 752


6.15 Bitcoin We're moving fast.


View Profile
September 07, 2019, 01:56:57 PM
Last edit: September 07, 2019, 02:08:15 PM by hugeblack
 #5

Unfortunately, we trust by default the first results that appear on Google when we do not know what we are doing.
Scammers use this method to scam others and this is not limited to generating addresses but platforms, wallet, and others.
Address scanning, sending currencies does not require an Internet connection so this may be one of the possible solutions. (Disable internet)

philipma1957
Legendary
*
Offline Offline

Activity: 2618
Merit: 1933



View Profile
September 07, 2019, 02:05:00 PM
 #6

 I never scanned a qr code.  I don't trust them.  Basically why scan something you cant read into your phone which can have lots of info stolen from it.

This applies to any qr code.  I recently purchased a low cost  second phone from tracfone if I absolutely need to scan a qr code I will use the burner phone which has almost no info of value on it.


I see BTC as the super highway and alt coins as taxis and trucks needed to move transactions.
akram143
Full Member
***
Offline Offline

Activity: 714
Merit: 112


★777Coin.com★ Fun BTC Casino!


View Profile
September 07, 2019, 03:49:02 PM
 #7

Copy and paste the bitcoin address is the reallysafe method than any other and also we need to be sure that our device doesn't contain any malwares while doing this or else we will send the bitcoins to wrong address.

TryNinja
Legendary
*
Offline Offline

Activity: 1162
Merit: 1557



View Profile
September 07, 2019, 04:04:20 PM
 #8

Copy and paste the bitcoin address is the reallysafe method than any other and also we need to be sure that our device doesn't contain any malwares while doing this or else we will send the bitcoins to wrong address.
Clipboard malware are extremely common though. In all cases, everyone should ALWAYS double and even triple check their address to see if they match.

GreatArkansas
Hero Member
*****
Online Online

Activity: 644
Merit: 594


WOLF.BET - Provably Fair Dice Game


View Profile WWW
September 08, 2019, 02:09:45 AM
 #9

Copy and paste the bitcoin address is the reallysafe method than any other and also we need to be sure that our device doesn't contain any malwares while doing this or else we will send the bitcoins to wrong address.
Clipboard malware are extremely common though. In all cases, everyone should ALWAYS double and even triple check their address to see if they match.
Agree. Copy pasting and QR code are still not safe at all w/out checking carefully by yourself.

To all: Speaking of double checking addresses before doing transaction.
How or what is the fastest way to check it?
Because what I am doing when checking is first I am comparing some first few letters/digits of the bitcoin address and the some of last digits/letters.

.WOLF.BET.
▀  ▀▀▀▀▀▀
  ▀ ▀▀▀
 ▄ ▄▄▄   
  ▄ ▄▄▄
▄  ▄▄▄▄▄▄
        ▄▄▄▀▀▀▀▄▄▄
    ▄███▌        ▀▀▄
  ▄▀   ▐█████████▄  ▀▄
 ▄▀  ▄█████████████▄  █
 ▌  █████████████████  █
▐  ████████████████ ▄█
█  █████████████████████▌
▐  ██████████████████ ▀█▌
 ▌ ▐█████████████████▌ ▐▀
 █  ██████████████▀ ▄▀
  █   ███████████▀  ▄▀
   ▀▄▄██ ▀▀▀▀▀▀▀  ▄▄▀
     ▀██▄▄▄▄▄▄▄▄▀▀▀
▄███████████▄
███████    ████████████▄
███████    ███████   ▀██
██████████████████    ██
██    ██████████████████
██    ███████    ███████
█████████████    ███████
███████    █████████████
███████    ███████    ██
██████████████████   ▄██
██        ▀███████████▀
██
██
      ▄█▄         ▄█▄
 ▄██ ███ ███████ ███ ██▄
▐███▄ ▀ ▄███████▄ ▀ ▄███▌
▐█▌▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▐█▌
▐█▌   ▄▄▄▄▄▄▄▄        ▐█▌
▐█▌   ████████        ▐█▌
▐█▌       ███     ▄▄▀▀▀██▄
▐█▌      ███    ██▀      ▀█
▐█▌     ███    ███         █
▐█▌    ███     ███          █
 ██▄           ███▄         █
  ▀█████████████████▄     ▄█
                  ▀▀█████▀▀

████
██
██
██
██
██
██
██
██
██
██
████


.AFFILIATE PROGRAM.
   ...FREE FAUCET........
..CHAT RAIN.............
pooya87
Legendary
*
Offline Offline

Activity: 1792
Merit: 1968


Remember tonight for it's the beginning of forever


View Profile
September 08, 2019, 04:17:33 AM
 #10

I never scanned a qr code.  I don't trust them.  Basically why scan something you cant read into your phone which can have lots of info stolen from it.

that's not how it works!
the QR code can't steal anything from your phone when you scan it. i don't know which scanning app you use but usually what they do is simply they "translate" the squares into a human readable string. that's all. they don't run anything, or read anything from your phone.

akram143
Full Member
***
Offline Offline

Activity: 714
Merit: 112


★777Coin.com★ Fun BTC Casino!


View Profile
September 08, 2019, 06:07:28 AM
 #11

Copy and paste the bitcoin address is the reallysafe method than any other and also we need to be sure that our device doesn't contain any malwares while doing this or else we will send the bitcoins to wrong address.
Clipboard malware are extremely common though. In all cases, everyone should ALWAYS double and even triple check their address to see if they match.
Agree. Copy pasting and QR code are still not safe at all w/out checking carefully by yourself.

To all: Speaking of double checking addresses before doing transaction.
How or what is the fastest way to check it?
Because what I am doing when checking is first I am comparing some first few letters/digits of the bitcoin address and the some of last digits/letters.
I am lazy to check all the letters while making transactions so I always check the first and last four digit before initiating it when sending a small amount.But for withdrawing amount from exchange needs only one time complete check because we can make it as our primary withdrawal address on most of the exchanges.

bitart
Hero Member
*****
Offline Offline

Activity: 1358
Merit: 623


Vires in Numeris


View Profile
September 10, 2019, 09:11:27 PM
 #12

Agree. Copy pasting and QR code are still not safe at all w/out checking carefully by yourself.

To all: Speaking of double checking addresses before doing transaction.
How or what is the fastest way to check it?
Because what I am doing when checking is first I am comparing some first few letters/digits of the bitcoin address and the some of last digits/letters.
It could give you a false feel of safety, if you only check the first few and the last few digits/letters of a bitcoin address...
Although I don't really know how hard and resource demanding would be for a clipboard virus to calculate a similar bitcoin address on the fly (in that few seconds when you copy/paste the address), just to scam you this way... I think the clipboard virus just replace the target bitcoin address with a given one, it just don't calculate anything...
I don't really think that it's possible to generate/search for a different bitcoin address that matches the original address in the first/last part, so checking the first/last part could be safe... but that's not enough, everyone should check everything every time...
Just thinking about how resource demanding to search for a proper vanity address, and the vanity address just means that the first part of the bitcoin address is unique but the last part is still random... Of course it would be more easy to generate an address that only matches the first 2 characters and the last 2 characters, so you should check at least 5-6 characters from the beginning and from the end to be on the safe side... but the safest is to check everything
prix
Hero Member
*****
Offline Offline

Activity: 753
Merit: 506


View Profile
September 11, 2019, 05:41:53 AM
 #13

Agree. Copy pasting and QR code are still not safe at all w/out checking carefully by yourself.

To all: Speaking of double checking addresses before doing transaction.
How or what is the fastest way to check it?
Because what I am doing when checking is first I am comparing some first few letters/digits of the bitcoin address and the some of last digits/letters.
It could give you a false feel of safety, if you only check the first few and the last few digits/letters of a bitcoin address...
Although I don't really know how hard and resource demanding would be for a clipboard virus to calculate a similar bitcoin address on the fly (in that few seconds when you copy/paste the address), just to scam you this way... I think the clipboard virus just replace the target bitcoin address with a given one, it just don't calculate anything...
I don't really think that it's possible to generate/search for a different bitcoin address that matches the original address in the first/last part, so checking the first/last part could be safe... but that's not enough, everyone should check everything every time...
Just thinking about how resource demanding to search for a proper vanity address, and the vanity address just means that the first part of the bitcoin address is unique but the last part is still random... Of course it would be more easy to generate an address that only matches the first 2 characters and the last 2 characters, so you should check at least 5-6 characters from the beginning and from the end to be on the safe side... but the safest is to check everything

The time it takes to generate an address that matches 6 characters (3 at the beginning and 3 at the end) is 10-20 seconds on my computer. It's not long although not very fast for hot swap.
But attacker can use a network of bots or can pregenerate such addresses and request them over the network. Or replace the address when reused (during the first use everything will be fine, but on another use, for example, in a day, the address will be as similar as possible). The likelihood of such tricks is small, but still do not neglect them.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!