[Beware]Bitcointalk PHISHING attempt by E-Mail

[apoorvlathey]

I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)

Code:

http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)

[1714669746]

1714669746

[1714669746]

1714669746

[1714669746]

1714669746

[dkbit98]

It is something similar that happened in may case:
https://bitcointalk.org/index.php?topic=5173531

People should always check URL bar to confirm correct link, and also watch out for Puny codes.

You should also check if your email is pwned:
https://haveibeenpwned.com/

[YOSHIE]

Code:

http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

I try to enter the link you mentioned.
But the results are as below.



In the matter that you are experiencing right now I can advise you that this is a hacking and fake attempt.

Find ways to safer your account.
1. Change the password that is very secret.
2. Change your new email, if necessary.
However, this depends on you, I'm just suggesting.

And henceforth you can visit this just in case.

Topic: Recovering hacked/lost accounts.

[Lafu]

There is alread a thread created with this Website  name in it !

If you look here https://bitcointalk.org/index.php?topic=5172689.0 you can see that morvillz7z has quoted a post

from tedyx  with the message here https://bitcointalk.org/index.php?topic=5154525.msg52073272#msg52073272

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)

Guess its the same person maybe that created the new Phishing Forum !

[Lucius]

Bitcointalk forum will never send such trivial e-mail messages, and if you pay attention to the header of e-mail then it is pretty clear that the post has nothing to do with this forum. If user has enabled e-mail notification then he/she may receive e-mails but then the address will be clearly stated _ from Bitcoin Forum <noreply@bitcointalk.org>

Paying attention to the details, and accessing the forum only from the link we saved in our browser bookmark is sufficient protection.

[hacker1001101001]

Just checking the senders email should ring a bell in your head. I think only some one with lowfunctioning brain cells would do the mistake of trusting that email.

But, it's good you reported it here, no offence.

[UserU]

Bitcointalk has an option to "Hide email address from public". Was it checked?

[mk4]

Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.

[teosanru]

I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)

Code:

http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)

The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful? I am a bit bad at hacking and all but as far as I know you need to create your own domain and a replica site to compromise with information of users. Won't entering data on the original username redirect the data to original database only? or is there something that I am missing?

[mk4]

The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful?

It's an anchor tag.

Here's an example: yahoo.com

You think that links to yahoo.com? Nope. It links to google.com. Even though it's a very very very old trick, it's honestly very deceiving especially to the uninformed; though with time knowing this sort of "trick", you'd get cautious everytime you see a link on forums. Always hover your cursor over the link and check where the link actually leads to.

Code:

BBCODE(mostly on forums): [url=https://google.com/]yahoo.com[/url]

HTML(websites): <a href="https://google.com">yahoo.com</a>

[teosanru]

The domain name mentioned in the picture is original it is of bitcointalk.org only then how can the Phishing attempt be successful?

It's an anchor tag.

Here's an example: yahoo.com

You think that links to yahoo.com? Nope. It links to google.com. Even though it's a very very very old trick, it's honestly very deceiving especially to the uninformed; though with time knowing this sort of "trick", you'd get cautious everytime you see a link on forums. Always hover your cursor over the link and check where the link actually leads to.

Code:

BBCODE(mostly on forums): [url=https://google.com/]yahoo.com[/url]

HTML(websites): <a href="https://google.com">yahoo.com</a>

Oh exactly. Sorry I didn't realized that it could easily happen. meta tag must have been set to original bitcointalk.org but link of some other site. Actually even some google searches about bitcointalk point out towards some phishing page. These pages have a slightly different domains.  Thanks for assisting.

[Pmalek]

Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.

I checked his profile and his email address is hidden. Not sure if it was always hidden so maybe the spammer got his email address just by checking it on his profile.


Having alt accounts is not against the rules on bitcointalk and many highly ranked and trusted users here have alts. Bitcointalk wouldn't be sending such messages because you are not breaking any rules by having an alt account. Also, scams are not moderated here so even if an alt of yours has scammed the forum administration would not investigate such cases. Scammers get tagged by DTs but they don't get banned.   

[FIFA worldcup]

I received the following email:


By no means, it looks like an official mail from the forum. Even the link is a fake one too.
It redirects to a clone of the forum. The phishing site as I received it is: (DON'T VISIT)

Code:

http://www.martynparry.com.au/index/?topic=5169902.0&u=apoorvlathey

It is not sure who might be behind this scam.

Most probably the scammers are using hacked email list to send out these emails because my account once got hacked in the past. Not aware if anyone else received the mail or not.

/Edit:

Another case of sharing this phishing site, this time via personal message:

Make sure you don't click PM links coming from naufalbashar scammer.
He's using special character г which looks like r

He's PMing people requesting clicking on a phishing website to "reply to him"

Phishing website is currently hosted on www. martynparry. com.au/index/?topic=3243635.0 (DO NOT GO THERE OR LOGIN WITH YOUR BITCOINTALK ACCOUNT, IT'S A PHISHING WEBSITE!!!)

I have already reported him to bitcointalk staff and to website admins as well (looks like legit website has been hacked and added fake phishing forum)

Email PHISHING  is very common these days and one should always check from where the email come from, specially the domain part of the sender address.
Also i will recommend everyone to take any good Phishing online course. One example is https://www.cybrary.it/course/phishing/ from where you can get one and a half hour of training and get a certificate too.

Disclaimer: I have no interest in this site, i learnt from there so i am recommending it to others.

[abel1337]

Since you actually received the message through your email instead of through Bitcointalk's messaging system like what happened to dkbit98, did you publicly submit your email on a bounty campaign topic by any chance(I assume some bounty campaigns requires you to submit your email/social media)? They'd have to get your email from somewhere. My guess that they got it through bounties as your email is hidden on your profile.

I checked his profile and his email address is hidden. Not sure if it was always hidden so maybe the spammer got his email address just by checking it on his profile.


Having alt accounts is not against the rules on bitcointalk and many highly ranked and trusted users here have alts. Bitcointalk wouldn't be sending such messages because you are not breaking any rules by having an alt account. Also, scams are not moderated here so even if an alt of yours has scammed the forum administration would not investigate such cases. Scammers get tagged by DTs but they don't get banned.   

Same thought man , I have known many trusted members alts. Alts is defined on how you will use it. Many member abuse the legalization of alts by making money in it. Using their alts to scam and to abuse some signature campaigns.

bitcointalk doesnt send a message that you have an alt account. It never happen and it never will. We have other threads here in the forum about the same issue which is phishing. Its just sad that hackers are adopting to new way of hacking accounts that you wont know that you where hacked.

[Lafu]

If you stay logged in the whole time on bitcointalk with your Account its easy to see Phishing clone sites.
The Phishing sites always ask for login Details.
The most problem with this sites is that users dont look at Adress link in the Browser, always check it when you login.