Beware of BitcoinTalk.ro

[GazetaBitcoin]

I just found a Romanian form of the site, of course, having nothing in common with the real forum: https://bitcointalk.ro/.

According to the site whois, it looks brand new:

Domain Name: bitcointalk.ro
  Registered On: 2020-08-24
  Expires On: 2021-08-24
  Registrar: Awesome Projects SRL
  Referral URL: www.hostico.ro

Awesome Projects SRL is a Romanian company (https://www.awesomeprojects.ro/) which seems to be in webhosting business. I called them at the number posted on their site and they said they didn't know about the existence of BitcoinTalk.org and that they just registered the domain for a client. The domain was bought by them from RoTLD - the Romanian authority which offers the domain names.

If we perform the whois search on RoTLD (https://rotld.ro/whois/) we find out also the real owner:

Nume Domeniu: bitcointalk.ro
Data Înregistrării: 2020-08-24
Data Expirării: 2021-08-24
Nume Deţinător: NANOTEL SRL
Tip Persoana: Companie Comercială
Adresă#1: Str. Aleea Scolii
Adresă#2: Nr. 8
Oraș: Ploiesti
Județ/Sector/Stat: Prahova
Cod Poștal: 100498
Țara: ROMANIA
Telefon: +40.726266835
Email: office@nanotel.ro

I just called the real owner and he said that it didn't even cross his mind to try a phishing attempt with this site and that he lives from buying domains with interesting names and then reselling them. In case of BitcoinTalk.ro he said he observed that its previous registration is close to expire (this means that this domain existed before) and he registered as soon as it expired.

He said that all he can say in his defense (for not being accused of phishing) is that he has a public company, visible at whois and a phone number, also visible at whois. And, of course, that he is willing to talk on the matter. He said that he can not do anything more than this. If anyone desires, he / she can file a complaint at the Police and the Police will search the code of the site, in order to investigate if it has phishing code or not.

At the end of the discussion, he said that he may add a logo on the homepage, something like BitcoinTalk ROMANIA, in order to show somehow that his site is not related to the original one (we'll see if this happens).

On the other side, the registrar said it's not his business about the name chosen by the client and that they don't store the site's data: they just helped with the registration of the domain.


I advise all the members of the forum to not enter their user names / passwords on the .ro website. It may or may not be phishing, you can never know. Be aware.

[casperBGD]

interesting, did not saw that one could register on the website, it is a lot different than this website, and seems to be in Romanian, so i do not see it as phishing attempt, but of course user names and passwords from this site should not be used elsewhere, this Romanian site included

[LTU_btc]

I agree with post above - from first glance it doesn't looks like phishing website. Seems it's just newly made local Romanian forum about Bitcoin. And fact that owner of website don't hide and answered your questions is good sign. I don't like when websites are simply copying domain names of popular websites, but reason why they are doing it is obvious - it's easier to get visitors in such way.
But after all - it would stupid idea to re-use same username and password there as on original Bitcointalk.

[shield132]

they said they didn;t know about the existence of BitcoinTalk.org and that they just registered the domain for a client.

If they said so... It's so funny when I read/hear something like this, they didn't know about bitcointalk, yeah, of course, who knows about this website?

The only way that comes to my mind in preventing of such things is to use CSC Corporate Domains service but idk if bitcointalk is able to negotiate with them since this forum isn't a property of brand, digital business, etc.

Btw I don't think creating of such threads on every case is beneficial, I hugely doubt anyone will see this thread in google when they type bitcointalk.ro and users who use bitcointalk may know that they shouldn't enter their login/password on bitcointalk.ro

[UserU]

I agree with post above - from first glance it doesn't looks like phishing website. Seems it's just newly made local Romanian forum about Bitcoin. And fact that owner of website don't hide and answered your questions is good sign. I don't like when websites are simply copying domain names of popular websites, but reason why they are doing it is obvious - it's easier to get visitors in such way.
But after all - it would stupid idea to re-use same username and password there as on original Bitcointalk.

Definitely the owner is trying to piggyback off this forum's popularity.

But about the identity, I think he might have forgotten to purchase WHOIS protection. After all, it's not smart to be exposed unless it's a business entity.

[michellee]

Thank you for the info. As far as I know, buying and selling domain is a profitable business because they search the domain that will almost expire and they bought it, and then they resell it. Maybe what he said is right, he doesn't know about the existence of bitcointalk.org, so when his client buy from him (because he has a domain and hosting services), he doesn't have an idea for what will his client do with the domain.

At least, he wants to add a logo on the homepage, something like BitcoinTalk ROMANIA, in order to show somehow that his site is not related to the original one (we'll see if this happens). It is a good responsibility from him if he is aware of a scamming on the internet, but we will see it later.

But somehow, I think that domain has been used to other reason in the past (maybe scamming people to log in to that site using their username and password). We don't know about that, but I agree that we need to be careful.

[DdmrDdmr]

Actually, the site has an archived primitive instance from back in 2014, where it seemed to pretend to redirect to the Romanian local board on Bitcointalk, on a : https://web.archive.org/web/20140606023412/https://bitcointalk.org/ro

All the remaining site captures seem do the same over the years (there are only a few captures though, and none from mid 2018 onwards). Can’t infer from that the real intent, but it was likely waiting to see in traffic build-up enough to increase the domain’s value (and from then on who knows).

[notblox1]

Not the first website to use bitcointalk domain name without any real connection with bitcointalk.org.
I think their stone theme design is terrible, and I don't think this forum is something we should be concerned about after looking at their statistic:

Total Members:4
Total Posts:8
Total Topics:7
Most online users:9

[GazetaBitcoin]

It's so funny when I read/hear something like this, they didn't know about bitcointalk, yeah, of course, who knows about this website?

Yes indeed... I asked when I was talking with the registrar: "if someone asks you to register bnr.com or bnr. biz, would you register it?". For those unaware, bnr.ro is the website of the National Bank of Romania. And I was told that "of course not...in such cases we usually verify the origin of the domain name". Then how comes you never heard of BitcoinTalk???

Anyway...the fact is that during bull markets many newbies enter in crypto domain, most with 0 knowledge, looking for getting rich overnight. These people which barely know their name tend to do stupid things many times, including inserting their usernames / passwords on phishing sites... Yes, BitcoinTalk.ro looks different than the original forum but still... Maybe some new users would tend to try to log on that site instead of the original one. Or maybe they would tend to log on BitcoinTalk.com / .biz or on what other replicas are available on the Internet. I just wanted to raise awareness here. If I can help at least 1 person to not get phished I can say I'm more than happy

[Casdinyard]

But after all - it would stupid idea to re-use same username and password there as on original Bitcointalk.

You cannot really judge that some people really aren't looking at the website they are visiting after they already seen the UI of the website they visited. But I tried visiting the bitcointalk.ro website that the OP is mentioning and it seems to be far different from the legit Bitcointalk.org domain and its default language is Romania, which is I guess romanian users here in the forum had been inspired to remake their own spinoff of the forum but focusing only on their main country and language.

I advise all the members of the forum to not enter their user names / passwords on the .ro website. It may or may not be phishing, you can never know. Be aware.

Judging by its looks and the website itself (which uses SMF 20 the latest one), I don't think it is a phishing website, but again, a spin-off of the forum, a copy-cat, but for Romanian users only. As long as they don't require nor the user wouldn't try to enter their real bitcointalk.org username and password, then there's no probable harm nor risk. But still, it is preferrable to use Tor or VPNs to access it, for further privacy.


You might wanna add this screenshot as well:

[Pmalek]

You might wanna add this screenshot as well:
...

I am sorry, but if someone mistakenly visits this site and tries to login with his Bitcointalk login, it is just a matter of time before he makes an irreversible error, and ends op losing all of his money and worse. His Bitcointalk account should be the least of his problems.

It looks nothing like our forum, the categories are different, it has almost no threads and posts, and there are even links to social media on the left...
I don't think it is a phishing site, looks more like the owner is trying to make some money from the Bitcointalk brand.

[cabalism13]

You might wanna add this screenshot as well

way too obvious that it is indeed a fake. My point here is, I don't think anybody who have visited the forum will likely to fall into that kind of trap. Maybe mostly of the victims that could fall in there are the new people wants to view the forum without know bitcointalk.org is the real one.

It looks nothing like our forum, ...

yeah, the other reported phishing sites from the past looks likely to have more victims than this new reported case. But like I said it's only the newbies who'd fall from this kind of phishing site.

[pakhitheboss]

If this website was meant for phising then they will never reveal their identity. In this case OP was able to contact the real owner hence I do not think they are looking for any trouble. I think they might be planning to launch a local forum or a website on Bitcoin.

[Mpamaegbu]

I just found a Romanian form of the site, of course, having nothing in common with the real forum: https://bitcointalk.ro/.

I advise all the members of the forum to not enter their user names / passwords on the .ro website. It may or may not be phishing, you can never know. Be aware.

I think the first rule of thumb here should be for everyone to bookmark or save the original link of BTT that brought them here on their app screen. However, those using the .ro site may not even know of BTT to start with. And since the two sites are totally different I don't think it's an attempt at phishing. Name choice could've been a mere coincidence. OP, your attempt at verifying from the site owner is commendable. Nice work and time spent on that. Kudos.

[Lordhermes]

At least, he wants to add a logo on the homepage, something like BitcoinTalk ROMANIA, in order to show somehow that his site is not related to the original one (we'll see if this happens). It is a good responsibility from him if he is aware of a scamming on the internet, but we will see it later.

I'm surprise that the owner is not aware of bitcointalk.org, I really think this is not true and could be a new trick to get users login credentials.
Checked through the website and noticed every impersonations done, as you have said op, it may or may not be a phishing one. Changing the name to bitcointalkromania in the future will be a good one especially if they introduce merit system.

[arwin100]

I also found this https://bitcointalk.com/ and for having the same name with this forum I think they are riding the fame of the real bitcointalk.

And this is tricky since maybe they have double intention for creating the same name of the forum, so we need to be careful especially on our account details.

[FIFA worldcup]

I also found this https://bitcointalk.com/ and for having the same name with this forum I think they are riding the fame of the real bitcointalk.

And this is tricky since maybe they have double intention for creating the same name of the forum, so we need to be careful especially on our account details.

Forum like BitcoinTalk.ro or https://bitcointalk.com may be made with good intentions but we never know if they will just get our passwords and then try it on bitcointalk.org.  Most people keep same password and usernames across the forums and this can be dangerous and the account may get hacked.

[ranochigo]

Good effort to try to stop phishing attempt. In this case, I really doubt it would be that big of an issue; the website looks nothing like Bitcointalk and their forum doesn't mirror the content over. It would be more of a concern if they're operating a website that looks exactly like Bitcointalk and has has the contents being mirrored over. The obvious difference should prevent anyone from submitting their login credentials on the wrong site.