Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
November 04, 2019, 02:01:12 PM Last edit: November 25, 2019, 02:02:55 PM by Lucius |
|
I just see warning on Reddit about 2 fake sites pretending to be original Ledger sites. It seems that one site is no longer involved in bad activity, but the other one is still active and it will ask you to enter your seed by showing the message that your device memory is damaged. Never enter your seed (24 words) anywhere except in Ledger, or in case your Nano S/X is damaged/broken be sure to use seed on a clean device and that wallet is genuine. Please use this link to report this site: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=enMore info : Scam/Phising websites posing as Ledger trying to steal Seed Phrase
|
|
|
|
DdmrDdmr
Legendary
Offline
Activity: 2492
Merit: 11050
There are lies, damned lies and statistics. MTwain
|
|
November 04, 2019, 02:31:25 PM |
|
The gruesome thing is that the two fake entries appear on Google before the entry to the official site, as they are being promoted by paid adds on google. The technique used, indicating that your device is faulty and that you need to provide your 24 word seed has been around for some time, but I guess that seeing the message on screen may cause a moment of panic, and drive some people into a rush to provide it. Better to always take a step back before letting haste drive one to action.
|
|
|
|
yazher
|
|
November 04, 2019, 03:05:35 PM |
|
The gruesome thing is that the two fake entries appear on Google before the entry to the official site, as they are being promoted by paid adds on google. The technique used, indicating that your device is faulty and that you need to provide your 24 word seed has been around for some time, but I guess that seeing the message on screen may cause a moment of panic, and drive some people into a rush to provide it. Better to always take a step back before letting haste drive one to action.
This is alarming, I really need to post this on my Local News thread. I will tell my fellow countrymen about this site, I know there are many of them using Ledger, I'm afraid that they might fall to this kind of scam. Google really needs to look out for that first search entry add. last year when I was looking for an online job on the internet, the search result gave me some fake websites at the top.
|
|
|
|
JeromeTash
Legendary
Offline
Activity: 2324
Merit: 1260
Heisenberg
|
|
November 04, 2019, 03:26:16 PM |
|
Google really needs to look out for that first search entry add. last year when I was looking for an online job on the internet, the search result gave me some fake websites at the top.
Why would they care if they are already getting money out of Ads Anyway i just wish masses would get sensitized on never to rely on direct search results and instead at least; - know the websites they would love to visit. - Bookmark very important sites
|
|
|
|
kolonel_x
|
|
November 04, 2019, 04:24:18 PM |
|
If we are not observant in looking at the website maybe I will get into the trap of the scamer, thank you for informing on this thread I will be careful in entering 24 SEEDs and I worry that many do not know about this.
|
INVALID BBCODE: close of unopened tag in table (1)
|
|
|
mk4
Legendary
Offline
Activity: 2926
Merit: 3881
📟 t3rminal.xyz
|
|
November 04, 2019, 06:23:28 PM Last edit: November 05, 2019, 03:29:54 AM by mjglqw |
|
This is alarming, I really need to post this on my Local News thread. I will tell my fellow countrymen about this site, I know there are many of them using Ledger, I'm afraid that they might fall to this kind of scam. Google really needs to look out for that first search entry add. last year when I was looking for an online job on the internet, the search result gave me some fake websites at the top.
Don't just tell them to avoid this site, tell them to install a decent adblocker like uBlock Origin(available for both Chrome and Firefox) to prevent them from accidentally clicking on Google ads(that could potentially be malicious like this one), instead of the first few actual Google search results. Having an adblocker alone eliminates a good amount of potential scams.
|
|
|
|
funsponge
|
|
November 04, 2019, 11:46:47 PM |
|
Anyone that uses a ledger make sure to add these malicious sites to a host file and not allow your computer to connect to them. I would advise getting the official website address to ledger and copy and pasting it whenever you need to visit it instead of typing it out and making a mistake. The issue with having several sites above the official site is concerning since people usually don't check and just pick the top entry.
|
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
November 05, 2019, 11:37:23 AM |
|
Don't just tell them to avoid this site, tell them to install a decent adblocker like uBlock Origin(available for both Chrome and Firefox) to prevent them from accidentally clicking on Google ads(that could potentially be malicious like this one), instead of the first few actual Google search results. Having an adblocker alone eliminates a good amount of potential scams.
Until AdBlockers do not become an integral part of the browsers we should constantly warn all Internet users that something like that is absolutely necessary and that can really play a crucial role in the case of paid ads like this. With AdBlock ON, such links are completely invisible, and therefore there is no danger to users. Someone mentioned before that Chrome will completely disable AdBlockers in the future, which I can understand because they sell ads that most block, but this will be very bad news for all users of this browser. This will be another reason to switch to Firefox or Brave.
The site posted in OP is still live, but what about that second site which is now showing some music store? I read in Reddit that both sites may be hacked, is this explain why one site still shows fake Ledger, and the other is again under the control of the real owner?
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
November 05, 2019, 05:16:47 PM |
|
Anyone that uses a ledger make sure to add these malicious sites to a host file and not allow your computer to connect to them.
This would only protect against these two already found sites. The problem usually is not to protect against already known fake sites, but to protect against new unknown ones. I would advise getting the official website address to ledger and copy and pasting it whenever you need to visit it instead of typing it out and making a mistake.
The real problem is not that people would visit a fake ledger site IMO. The problem is, that people still enter sensitive information (mnemonic code, private keys, etc. ) into websites because of little to no knowledge regarding ongoing scams in the crypto world. People who already add scam sites to their hosts file with 0.0.0.0 or loopback, already know not to enter sensitive data on such websites. The newcomers are the ones getting caught by that. I think informing newcomers about the most common scams is the best way to circumvent that.
|
|
|
|
mk4
Legendary
Offline
Activity: 2926
Merit: 3881
📟 t3rminal.xyz
|
|
November 05, 2019, 06:11:05 PM |
|
Until AdBlockers do not become an integral part of the browsers we should constantly warn all Internet users that something like that is absolutely necessary and that can really play a crucial role in the case of paid ads like this. With AdBlock ON, such links are completely invisible, and therefore there is no danger to users. Someone mentioned before that Chrome will completely disable AdBlockers in the future, which I can understand because they sell ads that most block, but this will be very bad news for all users of this browser. This will be another reason to switch to Firefox or Brave. If Chrome does really implement that(disable adblockers), it's just another perfect reason to slowly and surely remove Google from people's online activities(in general, nut just Chrome, which can be really understandably hard). Not sure if they really would though. They'd obviously lose a lot of users from that move alone, though I don't know the total percentage of Chrome users that actually uses ad blockers.
|
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
November 25, 2019, 02:00:56 PM |
|
I just checked what's happening with fake pages today, and by searching for Ledger without AdBlock, two sites are shown on top of search results (paid ads), and both redirect to fake Ledger site with fake seed recovery. https://legder.co/wallet/ Never enter your seed anywhere except in hardware wallet, and install AdBlock for any browser - Google is not our friend
|
|
|
|
ryzaadit
Legendary
Offline
Activity: 2646
Merit: 1261
|
|
November 25, 2019, 03:04:34 PM |
|
-snip- If you searching "Ledger" regularly on your search engine, Google will give you ads from your history browser since the ads from google will targeting their ads based on activity history a user. For example like me, I'm not searching "Ledger" in the past of 3 months and try to search "Ledger" in my search engine today but I'm not getting phishing ads from google cause im not really regularly searching/visiting ledger from my browser. These shit ads showing because the ads targeting their user/customer from different aspect like: - History from user activity
- Tags/keyword
- Topics
- Cookies browser
- Etc
The suck things about ads provider, they never moderated/review the application ads before the ads published on their platform.
|
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
November 25, 2019, 03:38:30 PM |
|
If you searching "Ledger" regularly on your search engine, Google will give you ads from your history browser since the ads from google will targeting their ads based on activity history a user.
I was checking the same thing yesterday and didn't see anything like it, just Ledger official site on top even with Adblock turn off. Today the situation is completely different and these ads are showing on top of search results. I think this is not based on my surfing history/cookies because I delete everything daily, but Google is probably saving such data in their servers and compare it with IP addresses. However, I think that Google is taking the advertising issue of this type too easy, much stronger controls are required before ads are approved. Unfortunately, there are no indications that something will change on this issue, it is obviously much easier to sweep problem under the carpet than to solve it.
|
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
May 07, 2020, 09:36:35 AM |
|
Scammers never sleep, and each day we have more new users who use hardware wallets. Ledger users are a very frequent target of attacks, so we have a new fake Ledger site which is trying to steal user seeds, in the particular case without falsely displaying any error. By clicking on "Connect Now" users will get option to enter seed, and after solving captcha to submit that to hacker. Please use link from OP to report this and any similar site. This site is also linked with fake Ledger Telegram support. https://t.me/Ledger_Live_Support News source -> Ledger Reddit
|
|
|
|
Kakmakr
Legendary
Offline
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
|
|
May 07, 2020, 11:26:51 AM |
|
I think the red flags should be raised the moment when a site asks for your "Seed" even if it says that the wallet is corrupted or some other obscure error message. When you are faced with some weird error for the first time, just take a screen capture and then visit this forum and use the search option to see if anyone else reported something similar and if you do not find something, then create your own post and ask if someone might know what it is.
The chance is high that someone might spot the phishing attempt or they might have read something about this on some other site. These scammers create a fake support channel to be able to talk to you directly and to support their scam, not to help you. So make use of alternative options to bypass these scammers.
Also report the site to Badbitcoin.org so that it can be added to the "bad list"
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
May 07, 2020, 02:15:50 PM |
|
I think the red flags should be raised the moment when a site asks for your "Seed" even if it says that the wallet is corrupted or some other obscure error message.
It's completely unthinkable for me and you to do something like that, but those who seek trouble find it sooner or later. Only red flag that can help them at that critical moment is that their browser is show them warning and block that site. There is no harm to report such sites to badbitcoin or similar collections of bad sites, but it's much more efficient to report them to their hosting or to Google as phishing site. That way we can protect all future users to not become victims, but problem is that such sites appear like mushrooms after rain.
|
|
|
|
20kevin20
Legendary
Offline
Activity: 1134
Merit: 1598
|
|
May 07, 2020, 02:42:55 PM |
|
~
Last time I looked up "Ledger" on Google I saw 2 different fake Ledger website ads. The fact that the only difference between legit search results and ads is that "AD" little text next to the ads makes it an even higher possibility to click them. How come do we never see fake YT or Amazon links over there while crypto scams are advertised intensely and easily? No wonder Ripple is suing YT over identity theft scams. It probably takes a large lawsuit before Google finally decides to stop supporting thieves because that's what they're basically doing.
|
|
|
|
boyptc
|
|
May 07, 2020, 02:56:03 PM |
|
There are also fake Facebook pages just like the other thread that's posted. --> https://bitcointalk.org/index.php?topic=5245916.0Does Ledger do take action with these fake sites and pages? they are having a hard time combatting these because there's a lot of it.
|
|
|
|
Lucius (OP)
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
May 08, 2020, 09:46:29 AM |
|
Does Ledger do take action with these fake sites and pages? they are having a hard time combatting these because there's a lot of it.
There is no doubt that Ledger is doing everything in their power to remove or block such sites as soon as possible, but unfortunately such things usually take too long and scammers react very quickly with new sites. It is the eternal game of cat and mouse, but it is generally known that there are many more mice than cats. Until crypto wallet users learn how to use them safely, some bad people will abuse their ignorance and make easy money.
|
|
|
|
Yaunfitda
|
|
May 08, 2020, 11:43:27 PM |
|
There are also fake Facebook pages just like the other thread that's posted. --> https://bitcointalk.org/index.php?topic=5245916.0Does Ledger do take action with these fake sites and pages? they are having a hard time combatting these because there's a lot of it. Yes, they have identified this as a problem and have post about it on their official blog. https://support.ledger.com/hc/en-us/articles/360035343054-Beware-of-phishing-attemptsThey encourage users to report them ASAP and I'm sure that they are active pursuing those fake/phishing site. Education is the key here to at least not to be a victim of these cyber criminals.
|
|
|
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████ ██████████▀▄▀▀▀████ ████████▀▄▀██░░░███ ██████▀▄███▄▀█▄▄▄██ ███▀▀▀▀▀▀█▀▀▀▀▀▀███ ██░░░░░░░░█░░░░░░██ ██▄░░░░░░░█░░░░░▄██ ███▄░░░░▄█▄▄▄▄▄████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████ ▀████████ ░░▀██████ ░░░░▀████ ░░░░░░███ ▄░░░░░███ ▀█▄▄▄████ ░░▀▀█████ ▀▀▀▀▀▀▀▀▀ | █████████ ░░░▀▀████ ██▄▄▀░███ █░░█▄░░██ ░████▀▀██ █░░█▀░░██ ██▀▀▄░███ ░░░▄▄████ ▀▀▀▀▀▀▀▀▀ |
| | | | | | .
| | | ▄▄████▄▄ ▀█▀▄▀▀▄▀█▀ ▄▄░░▄█░██░█▄░░▄▄ ▄▄█░▄▀█░▀█▄▄█▀░█▀▄░█▄▄ ▀▄█░███▄█▄▄█▄███░█▄▀ ▀▀█░░░▄▄▄▄░░░█▀▀ █░░██████░░█ █░░░░▀▀░░░░█ █▀▄▀▄▀▄▀▄▀▄█ ▄░█████▀▀█████░▄ ▄███████░██░███████▄ ▀▀██████▄▄██████▀▀ ▀▀████████▀▀ | . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀ ███▀▄▀█████████████████▀▄▀ █████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀ ███████▀▄▀██████░█▄▄▄▄▄▄▄▄ █████████▀▄▄░███▄▄▄▄▄▄░▄▀ ████████████░███████▀▄▀ ████████████░██▀▄▄▄▄▀ ████████████░▀▄▀ ████████████▄▀ ███████████▀ | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀▄▄███████▄▄▀███▄ ▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄ ▄██▀▄███░░░▀████░███▄▀██▄ ███░████░░░░░▀██░████░███ ███░████░█▄░░░░▀░████░███ ███░████░███▄░░░░████░███ ▀██▄▀███░█████▄░░███▀▄██▀ ▀██▄▀█▄▄▄██████▄██▀▄██▀ ▀███▄▀▀███████▀▀▄███▀ ▀████▄▄▄▄▄▄▄████▀ ▀▀███████▀▀ | | OFFICIAL PARTNERSHIP SOUTHAMPTON FC FAZE CLAN SSC NAPOLI |
|
|
|
|