Bitcoin Forum
November 09, 2024, 10:19:25 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: {Warning}: Fake Trezor (geo-target)  (Read 234 times)
Baofeng (OP)
Legendary
*
Offline Offline

Activity: 2772
Merit: 1680



View Profile
April 03, 2020, 12:53:50 PM
Merited by dbshck (4), Lucius (1), HeRetiK (1), Jating (1)
 #1

There is a new phishing attack the cyber criminals are carrying out, through geo target.

This is one example. Go to https://www.google.com.hk/ and type "Trezor". And then the first thing that you will notice is this ad.



And when you click it, you will be redirected to this website. The website will give you a 403 Forbidden Error if it detected that you are not from the location .hk (hence geo-target).

Obviously, this is a phishing website and I do hope that some of our friends in Hong Kong will not fall for this trick.

Code:
https://wallet.trczor.com/#/



Code:
Whois Record for tRcZor.com
 Domain Profile
Registrant REDACTED FOR PRIVACY
Registrant Country ru
Registrar ERANET INTERNATIONAL LIMITED Eranet International Limited
IANA ID: 1868
URL: http://www.eranet.com
Whois Server: whois.eranet.com

(p)
Registrar Status clientTransferProhibited
Dates 28 days old
Created on 2020-03-06
Expires on 2021-03-06
Updated on 2020-03-27  
Name Servers SERENA.NS.CLOUDFLARE.COM (has 22,313,248 domains)
TONY.NS.CLOUDFLARE.COM (has 22,313,248 domains)
  
Tech Contact REDACTED FOR PRIVACY
REDACTED FOR PRIVACY,
REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY
(p) (f)
IP Address 190.115.18.221 - 2 other sites hosted on this server
  
IP Location Belize - Belize - Belize City - Ddos-guard Corp.
ASN Belize AS262254 (registered Dec 05, 2012)

http://whois.domaintools.com/trczor.com

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6149


Crypto Swap Exchange🈺


View Profile WWW
April 03, 2020, 01:58:30 PM
 #2

I did exactly what you wrote, but it doesn't seem like the ad is aimed at just one country, because I did not get any error - page is open quite normal for me in EU. I see that ad also without using google . hk, but only when turn off uBlock which, in conjunction with Firefox, successfully blocks such attempts.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Baofeng (OP)
Legendary
*
Offline Offline

Activity: 2772
Merit: 1680



View Profile
April 03, 2020, 02:13:27 PM
 #3

I did exactly what you wrote, but it doesn't seem like the ad is aimed at just one country, because I did not get any error - page is open quite normal for me in EU. I see that ad also without using google . hk, but only when turn off uBlock which, in conjunction with Firefox, successfully blocks such attempts.

Weird though, when I tested it prior, I was getting a 403 forbidden error (I should have screen shot). Maybe they adjusted something or Google really f**k it up again. Anyways, I have reported this site, hopefully Google will take it down.

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1598


View Profile
April 03, 2020, 02:24:45 PM
 #4

I did exactly what you wrote, but it doesn't seem like the ad is aimed at just one country, because I did not get any error - page is open quite normal for me in EU. I see that ad also without using google . hk, but only when turn off uBlock which, in conjunction with Firefox, successfully blocks such attempts.

The ad is not targeted only for HK. I am in Romania and can confirm the ad appears on my Search Results too.



Fuck Google and their crap. Stop supporting them and letting them collect your data. Move to DuckDuckGo when searching stuff and get some AdBlocker - you'll thank me later. Smiley
BITCOIN4X
Legendary
*
Offline Offline

Activity: 2156
Merit: 1171



View Profile
April 03, 2020, 02:31:48 PM
Last edit: April 03, 2020, 02:52:06 PM by BITCOIN4X
 #5

Not only one or two countries are targeted (very likely). I am from Indonesia and still get it for my search results in the first place. If this is a problem, is reporting enough to make it removed from Google?





How about this ? Use the keyword "bitcoin" and you will see it like this. Almost the same, it will lead to phishing sites that can harm the user.


.
.DuelbitsSPORTS.
▄▄▄███████▄▄▄
▄▄█████████████████▄▄
▄██████████████████████▄
██████████████████████████
███████████████████████████
██████████████████████████████
██████████████████████████████
█████████████████████████████
███████████████████████████
█████████████████████████
▀████████████████████████
▀▀███████████████████
██████████████████████████████
██
██
██
██

██
██
██
██

██
██
██
████████▄▄▄▄██▄▄▄██
███▄█▀▄▄▀███▄█████
█████████████▀▀▀██
██▀ ▀██████████████████
███▄███████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
▀█████████████████████▀
▀▀███████████████▀▀
▀▀▀▀█▀▀▀▀
OFFICIAL EUROPEAN
BETTING PARTNER OF
ASTON VILLA FC
██
██
██
██

██
██
██
██

██
██
██
10%   CASHBACK   
          100%   MULTICHARGER   
Csmiami
Copper Member
Legendary
*
Offline Offline

Activity: 1652
Merit: 1325


I'm sometimes known as "miniadmin"


View Profile WWW
April 03, 2020, 03:04:19 PM
 #6

That is rather easy to prevent; NEVER click ad search results Roll Eyes

Also, don't use google, don't use Google, don't use Chrome and... well, check the link and everything you download

HeRetiK
Legendary
*
Online Online

Activity: 3108
Merit: 2177


Playgram - The Telegram Casino


View Profile
April 03, 2020, 03:25:18 PM
 #7

Central Europe reporting in, I see it as well.

Jesus, Google really needs to get its act together. If only they would have the technology and skill to automatically asses and categorize data Roll Eyes

Seriously though, it's pretty infuriating how quick and loose Google is with demonetizing YouTubers and AdSense publishers while at the same time looking the other way when one of their AdWords customers advertises rather obvious phishing links.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
Bitum
Sr. Member
****
Offline Offline

Activity: 1414
Merit: 271


bitonator.tangled.com/join


View Profile
April 03, 2020, 03:31:06 PM
 #8

Paid ad from google, I also see this fake website and I am in Europe. This is another example, you should always enter the web address manually, never go through google. It will definitely catch someone who is not careful

Tangled Social Network Web 3.0 | Earning Millix (MLX): https://bitonator.tangled.com/join
Post & Earn (Posting, Likes, Comments etc.), Uncensored & Anonymous, Referral links allowed, Lightning-fast & hassle-free withdrawal in $MLX
CMC: https://coinmarketcap.com/currencies/millix/
ShowOff
Legendary
*
Offline Offline

Activity: 2786
Merit: 1197


View Profile
April 03, 2020, 03:48:28 PM
 #9

I think search results that contain advertisements and lead to phishing sites are only displayed if you search Google with a PC. I use Android Chrome and the results do not appear as revealed by the OP.

But if you and they all use chrome and explore with a desktop site on Android, the results will also be the same as the OP revealed. I dont think it only applies to a few countries, Europe and Asia clearly experience it and I think almost all countries will experience the same thing.
20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1598


View Profile
April 03, 2020, 04:03:53 PM
 #10

That is rather easy to prevent; NEVER click ad search results Roll Eyes

Also, don't use google, don't use Google, don't use Chrome and... well, check the link and everything you download

They made it such a small difference between ads and normal results that it is likely you might accidentally click an ad instead of a wanted result. It's happened to me more than 5 times in the past few weeks..

I thought cryptocurrency ads were removed by Google? It's almost as if Google, Twitter (with their fake giveaways which ran for MONTHS without them doing anything about it) and all the other large corporations want us to fall victims to scams so we could lose trust in cryptocurrencies.. Oh wait, that's exactly what they want  Cheesy
Jating
Hero Member
*****
Offline Offline

Activity: 3108
Merit: 884


DGbet.fun - Crypto Sportsbook


View Profile
April 03, 2020, 11:11:30 PM
 #11

That is rather easy to prevent; NEVER click ad search results Roll Eyes

Also, don't use google, don't use Google, don't use Chrome and... well, check the link and everything you download

They made it such a small difference between ads and normal results that it is likely you might accidentally click an ad instead of a wanted result. It's happened to me more than 5 times in the past few weeks..

I thought cryptocurrency ads were removed by Google? It's almost as if Google, Twitter (with their fake giveaways which ran for MONTHS without them doing anything about it) and all the other large corporations want us to fall victims to scams so we could lose trust in cryptocurrencies.. Oh wait, that's exactly what they want  Cheesy

There are still loads of fake giveways in Google. And no way they are going to removed or at least filtered those ads unless people reported it to them. That's how messed up Google system is, and as much as we tell crypto people not to used it, I'm sure majority are still using it. And with the Covid-19 situation, Google should at least review all their ads as it might contained theme attacks, but as everybody here says, they don't care as long as they can also generate money from ads.

20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1598


View Profile
April 04, 2020, 09:52:46 AM
 #12

There are still loads of fake giveways in Google. And no way they are going to removed or at least filtered those ads unless people reported it to them. That's how messed up Google system is, and as much as we tell crypto people not to used it, I'm sure majority are still using it. And with the Covid-19 situation, Google should at least review all their ads as it might contained theme attacks, but as everybody here says, they don't care as long as they can also generate money from ads.

This is exactly what they want & what they need. Google can't get out of their cage and say "you see, we absolutely HATE giving you freedom and decentralization!", they'll do it in such a subtle way you won't even notice it. Scam ads are just a perfect weapon to steer newcomers away from crypto by letting them get scammed. Create a fake Google scam ad and you'll probably find authorities at your door next day. Do it with crypto and live off it. It's obvious now that they simply want the crypto scams to live.

"Never interrupt your enemy when he is making a mistake." - Napoleon Bonaparte
Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6149


Crypto Swap Exchange🈺


View Profile WWW
April 04, 2020, 09:56:56 AM
 #13

Jesus, Google really needs to get its act together. If only they would have the technology and skill to automatically asses and categorize data Roll Eyes

Google has a primary goal to earn as much money, and if in the process someone loses his own money and be scammed they see it as a normal part of the business. There has already been a lot of debate about why they don't put more human resources into checking content they promote, but the general conclusion is that it would cost the company too much, and that it is better to hire people to do some more useful jobs.

I can agree that everyone is primarily responsible for themselves and their actions, but the undeniable fact is that Google has a great responsibility in all of this because it allows such advertisements. No one will convince me that it is impossible to hire 100 people who would check ads before they were published, which would certainly not be 100% effective, but would definitely reduce the proportion of bad ads.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!