Ether Wallet Scam

[casperBGD]

Please whatever you're doing don't save your ether wallet private keys online avoid saving you private keys on your mail It's a death trap the best way to save your keys is on a paper and keep it somewhere secured maybe in your grandma photos album or a place you can easily get access to any anytime, there is this new scam going on a random message would just pop up on your mobile with two options "Cancel" and "OK" meanwhile "OK" means Cancel while "Cancel" means  OK they interchanged the options to get you traped a friend of mine ether wallet was hacked yesterday through his mail and all his assets taken away. The messages can not be avoided the best solution is to keep your private keys offline

This new information is great for anyone who stores their private keys online. Hackers will continue to struggle to find ways to get what you have. but before that I thank you for this information and be even more careful.

you just do not store your private key online, it is not safe at all, even without scams like the one described (which is unknown to me), all online data could be hacked, and you do not want to have your private key online, since this make it vulnerable
one more thing, it is good to have your private key on at least two different locations, without copy on mobile phone, since mobile phone is security hole for each IT expert

[best123]

I was taught that when I joined blockchain new by my mentor those days.
I was once hacked and my btc in an exchange was withdrawn. Why the criminal was able to login to the exchange was because I was using web authenticator extension then, so he has access to it.
Nothing discourages as hack in blockchain. Losing your asset in a twinkle of an eye. That was my worst experience in the crypto-space.
Don't ever synchronize your Google account with the email you use in registration on several websites.

[judeafante]

Don't ever synchronize your Google account with the email you use in registration on several websites.

Don't synchronize it on anything, your main email should be separated from all the other emails that you are using from bounty campaign airdrop campaign and other sites where you have to sign up, and don't get into the habit of clicking any email that comes to you that are unfamiliar.

[Johnyz]

This is very tricky and hard to find out if the pop up is scam or not, well scammers are improving as well so we have to take caution always. Private keys are something that you should not share online so its not advisable to save it using a third party app, better to just write it down or put it into a place that only you have the access.

[BDBitcoinExpart]

I have been using my eth wallet for a long time. Currently using Metamask. I don't know much about other Eth wallets like trust, atomic. But my eth wallet is best to me.

[kpierce77]

This is very tricky and hard to find out if the pop up is scam or not, well scammers are improving as well so we have to take caution always. Private keys are something that you should not share online so its not advisable to save it using a third party app, better to just write it down or put it into a place that only you have the access.

Scammers have many ways they can use, including using malware and the like. in cases like "pop up message" the best thing to do is not to touch any buttons on the screen, including "cancel". You can go directly to back or home navigation, then force close the browser or related application

[Spaffin]

Please whatever you're doing don't save your ether wallet private keys online avoid saving you private keys on your mail It's a death trap the best way to save your keys is on a paper and keep it somewhere secured maybe in your grandma photos album or a place you can easily get access to any anytime, there is this new scam going on a random message would just pop up on your mobile with two options "Cancel" and "OK" meanwhile "OK" means Cancel while "Cancel" means  OK they interchanged the options to get you traped a friend of mine ether wallet was hacked yesterday through his mail and all his assets taken away. The messages can not be avoided the best solution is to keep your private keys offline

This new information is great for anyone who stores their private keys online. Hackers will continue to struggle to find ways to get what you have. but before that I thank you for this information and be even more careful.

I believe that before hackers take action to steal cryptocurrency from someone else's wallet, first of all it was necessary to attract their attention, that is, go to a phishing site or show the real attitude of a particular email to the owner's activities in the cryptocurrency market, since having only the wallet address and information about the balance, there is no way to steal it.

[1l1l11ll1l]

This new information is great for anyone who stores their private keys online. Hackers will continue to struggle to find ways to get what you have. but before that I thank you for this information and be even more careful.

I believe that before hackers take action to steal cryptocurrency from someone else's wallet, first of all it was necessary to attract their attention, that is, go to a phishing site or show the real attitude of a particular email to the owner's activities in the cryptocurrency market, since having only the wallet address and information about the balance, there is no way to steal it.

Yes, you can call it phishing. myetherwallet has also given a warning to bookmarks their website (if you want to access it using browser). Scammers use many methods including creating a website that is almost or even similar to MyetherWallet to create phising sites

[Sirait]

I have created several thread about it:

[1] Do not use any note taking apps for recording your crypto keys and password
[2] The dangers and threat of using Self destruct Private Notes.

So anything that is online is not safe to keep your private keys or mnemonic phrase. It's better to write it down, put in a safety deposit box for safe keeping.

^ nice topic. The private key is very sensitive so don't keep it anywhere especially Gmail/email. I have 3 wallet accounts = Atomic, Blockchain.info, and MEW, I store the private keys of each wallet that I have in my diary and store the book in my personal safe.

[Wildwest]

Things like that we have often found in the world of cryptocurrencies and they are always targeting our crypto assets then we have to be careful in creating wallet keys, now they have used a new way and this is very dangerous to us because every option in the form of ads we always press cancel, and this way is already used by them, then we must always be vigilant.

[tunaduong]

maybe your computer has been hacked i usually store the wallet keys in encrypted files which will cause every hacked attacker attempt to fail

[raidarksword]

Yes it's the best advice to have hard copy of private keys or memo phrases written on paper because it cannot be hacked or phished by someone no matter what. I do store store my private keys both offline and online just for back up purposes if anything happens on my hard copies. I felt i am guilty with this because i store my keys on my email, though i have enabled security measures on my email such 2FA, ip recognition and confirmation and my keys were compressed with high level password. So, i am still confident my email is safe and keys are safe as well.

[copoyes]

want to save everything offline or online there is a risk, if you save online don't save it in Gmail, just save it on your laptop / PC note and put it where only you know where it is and avoid saving anything important online in apps / media that are widely accessible to the public , also save offline and have to be extra in mind that offline forgetting to taru which can be difficult, offline and online have the same risk of returning to yourself, if there is a suspicious message just ignore it

[Salauddin1994]

There are risks involved in saving money online the number of scams is increasing as the crypto market improves that's why you need to save money on reliable sites. In order to maintain the security of your wallet you need to keep your wallet password and private key offline or if you use 2fa code for email password no one will be able to access your wallet easily if laptop or pc is lost or hacked accessing information online is very easy so don't share your personal information with anyone to avoid the risk.

[finaleshot2016]

Google accounts are now easy to compromise so it's not better to save any private keys in a google account or any online platform. Don't the security protocols of any online platform, anyone can be hacked right now especially when you don't have 2fa or any additional securities on your account.

If you really want to keep it safe, I suggest to go offline and save those private keys manually written or printed on paper.

[Raflesia]

The ridiculous thing that they have done, many have suggested before that safer storage for offline private keys is the best place, no matter how strong the security is online, hackers are smarter to infiltrate especially with google accounts to be easy to connect at any time because hackers are already proficient at this is, I am not doing this carelessly, this will still be a lesson for you how big the risk is to storing assets online, especially the very important private key, hopefully this will not happen the second time around

[libert19]

Holy shit, this is first time I have seen this type of scam, random pop ups and swapped actual options makes it harder to counter, i wonder how does this actually work?

[RabbiTANK]

Private keys are meant to be kept offline not online, using cloud storages and emails to store private keys isn't close to safe at all, and again start using 2FA on your smartphones if you are using crypto wallets on your phone, with 2FA it will be hard for random pop up to hijack your keys

[noorman0]

Holy shit, this is first time I have seen this type of scam, random pop ups and swapped actual options makes it harder to counter, i wonder how does this actually work?

This isn't a scam, it's a phishing attack.
Users who usually store confidential data online are typical of those who are in a hurry and everything is laid out for easy access anywhere quickly. When many tabs are open in one app (eg chrome), they do not really pay attention to the addresses visited.

[Twinkledoe]

Holy shit, this is first time I have seen this type of scam, random pop ups and swapped actual options makes it harder to counter, i wonder how does this actually work?

This isn't a scam, it's a phishing attack.
Users who usually store confidential data online are typical of those who are in a hurry and everything is laid out for easy access anywhere quickly. When many tabs are open in one app (eg chrome), they do not really pay attention to the addresses visited.

Yes, sometimes these random pop-ups are already a phishing website. So if in case you are working and suddenly a pop-up or unsolicited website appears, close it immediately. Usually, they come in the form of very enticing investment options or free items if you click their tab. Scammers are good in deceiving their potential casualty over the net.