How dangerous are email phishing links and youtube and twitter links?

[jerry0]

So I seem to receive a lot of those phishing link emails from a fake coinbase or binance or metamask that goes on my spam email.  However, it sometimes still appear on my regular email?  How do spammers do this that the email goes straight to the regular email?  I know most of these emails tell you to click on a link and to connect to your wallet or ask you to enter your seed phrase.



Now if you click on any of these links on your computer but just close the window, is your computer still safe or not?  I heard very mixed opinions from people on this from it's fine as long as you don't enter anything.  But I then heard people say their software wallet got hacked after that.  So which is true here?  That would mean it's possible just clicking that link could mean you have that address paste malware right where when you copy a btc address with your hardware wallet or coinbase or some site, it would then copy the hacker's btc address?  So you have to make sure you confirm it first before sending right?  So that means a hacker wouldn't be able to click send for you in coinbase then after you paste their btc address?  Now they can't do that with the hardware wallet since you have to click buttons on it.  But couldn't they put malware and basically get into your coinbase or binance account anytime since you are either typing or pasting your coinbase or binance password each time?  But if you use 2FA, it doesn't work then and they need access to that?  I heard they could still do it.  Couldn't they just after you log in... notice you haven't use your mouse in a while and then quickly move your mouse remotely on their laptop to withdraw the btc?  Obviously doing that while you are moving your mouse would cause suspicion.  Thoughts on this part?



Now what about when you can easily click on links posted on twitter by accident?  Since lot of twitter comments you read whether it's crypto or anything else would have people posting links.  If you click on that... is your laptop safe or not?  What about those youtube comments where these bots or hackers post links where it's very easy to accidentally click on?  If you have a software wallet in your computer, can you get your wallet hacked like trust wallet or electrum or exodus?  I always heard if you open an exe file, then you are screwed.  But as long as no program opens on the computer, you are generally fine?  But I did recall someone say they can open an exe file open without you knowing... is that true?  

[1714663039]

1714663039

[jerry0]

Now does this differ if you are using an iphone phone?  When watching videos on youtube, obviously very easy to click on comments and things like that.  I assume it's fine?  However, could you get malware on your iphone though so your email or online banking can get comprommised?  What about clicking the same things on twitter on the phone?  Any difference?



From what I read, I believe if you click clicks on twitter or youtube comments or anything, if they put malware or keylogger, then you are screwed if you have a software wallet on your laptop?  The reason being if your trust wallet or electrum on the laptop has a password you put to open it... well they going to know what it is when you enter it due to keylogging right?  And even if you don't have a password for that, well they can get in the same way?  So basically they would wait until you turn off the computer and then just log into your software trust wallet or electrum wallet to hack it.  Is that correct?  But if you don't have a software wallet... well are you safe or not?  If you use 2FA for coinbase and binance, are you safe or not?  



Now if you click on any of these links, can an antivirus scan your computer and confirm 100% there is no malware or virus or keylogger or no antivirus does that?  Thus I'm talking about kaspersky total or norton or bitdefender.  So if you ever click on any of these links by mistake, do a full scan and remove anything that it finds correct?  The thing is I know many people click on links because they get phished thinking it's the real coinbase or whatnot but many times you can easily click on it by mistake especially when it comes to youtube and twitter.  You could be watching a cooking video even on youtube and a comment could be talking about crypto or someone posting a cooking link and well it's malware right?

[bayu7adi]

Let's talk about security, and you want to know how far security measures go, right? Isn't that something kind of secretive that not everyone knows until they experience it?

Some people say that up to a certain point, you're still safe. But the truth is, with every advancement in hacking, they're finding new ways and making us feel secure when we're actually not. We don't know how much those links can threaten our security until we face losses from what they target. So instead of trying to figure out how far the safe point is, it's better not to go further if there are any suspicious signs of potential harmful breaches.

It's okay to seek information, but if it risks the security of our valuable assets, that's not a wise move. Always secure your assets first. If you want to know about the many scams in the world, just wait for someone to share their story on social media.

It's true, being cautious is normal, but measuring and risking your own assets still isn't a wise way to go about it. My advice is, don't take that extra step to test how strong your security is.

[btc78]

So I seem to receive a lot of those phishing link emails from a fake coinbase or binance or metamask that goes on my spam email.  However, it sometimes still appear on my regular email?  How do spammers do this that the email goes straight to the regular email?  

When spam emails don’t go through spam anymore and they go directly to your inbox, it might be possible that the reason for this is because your email was leaked publicly or you shared it in a website and your email got sold allowing spammers verify your email is yours and so they skip the spam section

Now what about when you can easily click on links posted on twitter by accident?  Since lot of twitter comments you read whether it's crypto or anything else would have people posting links.  If you click on that... is your laptop safe or not?  What about those youtube comments where these bots or hackers post links where it's very easy to accidentally click on?

yes some links present like they are from reputable websites or social media apps this is not only exclusive to social media apps i’ve seen people replicate wallets or exchanges or put up fake websites and asks people to put in their wallet addresses it’s hard to really know which links are sent out by scammers and which ones are not so it’s better to be always safe and don’t just be reckless

[Fundamentals Of]

Phishing links and other suspicious links sent through email, Twitter, forums, and other social media sites could vary. They aren't the same. Some would only bring you to their sites to increase traffic. Some could acquire information from you. Some could inject malware to your computer. But if you consider all the possible dangers of clicking suspicious links, it could even drain you of your money. It could obtain your passwords, pin, private keys, etc.

[icalical]

I always heard if you open an exe file, then you are screwed.  But as long as no program opens on the computer, you are generally fine?  But I did recall someone say they can open an exe file open without you knowing... is that true? 

Yes, actually hacker can disguise .exe program as any files, .jpeg, .pdf, anything. People who don't have experience and knowledge about phising, could probably lured into installing hacking program and end up losing all of their money. But nowadays, other than .exe files, phising that targetting mobile user especially for phone that are using android. Similar case on PC, they will send something like fake Shipping Tracking, or Payment Proof that look like images or pdf files but actually those file will install hacking app.

[iBaba]

Phishing links and other suspicious links sent through email, Twitter, forums, and other social media sites could vary. They aren't the same. Some would only bring you to their sites to increase traffic. Some could acquire information from you. Some could inject malware to your computer. But if you consider all the possible dangers of clicking suspicious links, it could even drain you of your money. It could obtain your passwords, pin, private keys, etc.

Private keys are not supposed to be on your mobile phone regardless of whatever security you put in it. Any device that can be connected to the internet is automatically vulnerable to hacking and spamming so it has been mentioned times without number that we should not keep our private keys anywhere close to any internets.

It's better to quickly change your storage where you keep those highly protected from the malicious crooks. As much as possible, avoid saying your private key loud. Due to the nature of these devices, you can never tell if the device manufacturers are in a way spying on you through the Webcam or the microphone.

Lastly, we must avoid clicking on web links we dont have idea about. Whether it is secured or not. This period of festive, there will be a lot of links shared on various social media platforms offering giveaways and bonanza services or promo, you must be extra careful of the links you enter.

[dzungmobile]

Phishing is one of most common scam types and you can see phishing every where.

You can join the Phishing quiz to see what you are lack of against phishing attack scams.
[LEARN & EARN] Phishing Quizzes - Beginners & Experts

Some tutorials, guides to be safe against Phishing.
[GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto
[Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
Tool For Catch Phishing

You can contribute to take them down by reporting.

[mk4]

1. Just don't click on them, even if it's unlikely that you're going to get infected by clicking the link alone

2. If you're receiving a shit ton of spam emails, time to change your email address

3. 99% likely that these scammers/spammers got your email through leaked databases of crypto-related platforms


P.S. Having questions is great, but man calm down it's pretty difficult to answer like a thread of 20 questions.  

[hugeblack]

Why not stop your mouse on the link, and if it is not reliable, do not click on it or use services such as protonmail, as you will be asked to verify any link that came out of the email, but in general, without giving permissions to access the core (installing an application), clicking on a link can collect cookie information, They are running in the background, copying the clipboard content and may try to make you connect your wallet to the device or ask you for seeds.

[lovesmayfamilis]

If you accidentally click on a phishing link and realize you made a mistake, disconnect from the Internet. Check your task manager, as Windows users are often subject to malware being installed without warning. Look at the processes in the manager, and disable someone else's. Of course, close your browser, and when you open it again, delete all cookies and cache from it. Check your device with an antivirus, but for your peace of mind, change any passwords that may have been saved in cookies during your last session.
Also, see if the browser has downloaded anything and stop all downloads if they are working. Don't click on any downloaded file; just delete it and check the registry.
Although the likelihood of infection after clicking on a phishing link is low without additional steps, it never hurts to be vigilant.

[Issa56]

It could obtain your passwords, pin, private keys, etc.

I hardly save most of my sensitive information on my mobile device or my computer. The worst mistake you will make is leaving your wallet's private key on your device. It's kind of risky. If you are storing your private key, it should be completely stored offline, where there is no internet connection. In case anyone mistakenly has access to your device, you won't be losing your private key. I do recommend your private key be carved on maybe a small piece of iron steel, I think it is better than writing it on paper because paper can easily be destroyed, but iron steel will be more difficult to destroy in case there is a fire accident or a water accident, and it should also be written in multiple places and kept in different places.

[avp2306]

It could obtain your passwords, pin, private keys, etc.

I hardly save most of my sensitive information on my mobile device or my computer. The worst mistake you will make is leaving your wallet's private key on your device. It's kind of risky. If you are storing your private key, it should be completely stored offline, where there is no internet connection. In case anyone mistakenly has access to your device, you won't be losing your private key. I do recommend your private key be carved on maybe a small piece of iron steel, I think it is better than writing it on paper because paper can easily be destroyed, but iron steel will be more difficult to destroy in case there is a fire accident or a water accident, and it should also be written in multiple places and kept in different places.

That would be the worst mistake we could do to save our important details on devices since anything harmful events that could happen to us especially if we are not totally aware on what we are clicking on online. Much better if we could save that on our notebooks or anywhere we can write up so we can possibly safe from any risk especially those hackings or them penetrating our device and to avoid huge loss. Although what you recommend is somehow hassle to do but its good suggestion, but make sure the carver don't know anything crypto since he might be the one who will get an interest to look st what inside on your wallet since he has your keys.

And we should avoid any links online since this is how misery start out our side so we should know what we are clicking to avoid taking worse mistakes.

[PrivacyG]

I believe this kind of viruses which only require the CLICK of a link to be infected are very rare.  But possible.

They are possible due to scripts.  Many years ago there was a virus some people introduced in YouTube comments.  You simply entered a video and the comment itself was a script, which loaded by itself once your Browser read it.  It was rather quickly fixed, but it shows this thing is a possibility.

Scripts are very dangerous.  Not only for hacking but if you want to be anonymous you will want it turned off as often as possible.  This is why I use no Java Script on my computer.  It poses a danger to my anonymity.

The best thing to do is use a Virtual Machine for browsing of weird pages.  Or a completely separate computer which is even safer and better for you.

Anything can happen out of the things you said in OP.  No body can guarantee the virus is not some weird guy who infected your computer to gain remote access to it.  Other viruses focus on gathering and transfer of information.  Some focus on clipboard changes or change the clipboard by themselves.  Others focus on webcam access to gather pictures or videos for blackmailing.  There are a ton of different purposes of a virus.  They are all dangerous however.

So why even bother being so paranoid when the fix is so easy.  Get yourself a very cheap used computer and use it particularly for Crypto or Browsing ONLY.  One or the other.  And there you are.  All problems solved.

[aylabadia05]

So I seem to receive a lot of those phishing link emails from a fake coinbase or binance or metamask that goes on my spam email.  However, it sometimes still appear on my regular email?  How do spammers do this that the email goes straight to the regular email?  I know most of these emails tell you to click on a link and to connect to your wallet or ask you to enter your seed phrase.

How dangerous, the danger can cause important data to be lost. There is no need to explain in detail about the dangers of phishing links for those of us who open them if the short answer is that they can cause all important data to be lost.

The mode of data theft on the internet is carried out by spreading phishing links via platforms that are frequently used by many people.
People's advice to avoid storing data that is accessed on the internet is to avoid this because people accidentally open it by clicking on the link.
Bitcoin is a valuable asset. People can steal these assets by knowing the seed phrase. If the seed phrase is stored online, then it is because of accident that they steal it.

All forms of website access, log in and use the original version of them.

[Husires]

These are many questions, but user wallets as if they were any financial application, as it must not be  in a phone full of viruses, and you must reformat your device and not download random applications if you need to downlaod any wallet.
Avoid clicking on links that you do not know.
Do not download a photo or video from an unknown source.
Use another phone or laptop if you want to try new things.
OS must be open source and you must stay away from cracked programs.

[Jating]

Might be better though if you check your email here? https://haveibeenpwned.com/.

But obviously, if you see links in your email, you should definitely not click on it. There are links that if you click, if might download something in your pc or laptop, so closing it might be late though.

You can also read How to lose your Bitcoins with CTRL-C CTRL-V.
 

[jerry0]

So I'm sure lot of people are getting those phishing emails from fake ledger and things like that.  Now if you open the email, there is no issue right?  However, if you click on the link that is in the email, do you get malware or keylogger or virus? 


Now if you click on the link and close it, is your computer safe or not?  Heard mixed reviews on this.  Now if you have kaspersky or norton, would that remove anything on the computer?

[Lucius]

Maybe you should read what other members have written, because there is really no point in repeating it. Just don't click on links that look suspicious to you, because why would you do that at all? In addition, all those phishing links for hardware wallets do not make any sense if you know that you should not enter your seed anywhere else except possibly in a new hardware wallet that you trust.


By the way, I see you're making progress - you didn't open a new thread to ask the same question

[Mpamaegbu]

Now if you click on any of these links, can an antivirus scan your computer and confirm 100% there is no malware or virus or keylogger or no antivirus does that?  Thus I'm talking about kaspersky total or norton or bitdefender.  So if you ever click on any of these links by mistake, do a full scan and remove anything that it finds correct?

I don't trust any antivirus works fine. The few times I had it on system a few years ago, it didn't work fine. Despite antivirus being installed, I still had virus infection on my system. Some said it was because the virus was stronger than the antivirus I had installed. Whatever that trash meant. I'm talking about the era when late John McAfee's (yes, the same McAfee who later went into crypto) antivirus was in vogue.

The thing is I know many people click on links because they get phished thinking it's the real coinbase or whatnot but many times you can easily click on it by mistake especially when it comes to youtube and twitter.  You could be watching a cooking video even on youtube and a comment could be talking about crypto or someone posting a cooking link and well it's malware right?

As a rule of thumb, I don't click on links I didn't ask for. If I've supposed business links sent to my email, I don't hastily open them without verifying online if there's any promo or discussions around such. If I can't find, I forget about it.