[WARNING] Scammers use Patreon to send SPAM emails

[PX-Z]

What happened: As the title said, spammers now learned how to bypass spam emails and phishing URLs at least in gmail (which i currently use) to avoid redirecting it spam folder.
This is a related thread posted in reddit https://www.reddit.com/r/patreon/s/JZquBZKFW2

Scammers Profile Link:

Code:

radarappd6.site -> radar-dapp.net

Additional Notes:
The moment i received email from Patreon wonders me why i'm receiving this when i never have subscribe to someone's Patreon before. This avert me to check everything sent on the email. I thought this also a case of spoofed email but it looks like it was sent using patreon's email server.
This is the email content:




The URL in question (scammer profile link) that redirects to other site.

I searched about "radar dapp" and I found one in cmc the "RADAR" token with its website^(below) which is the main website

Code:

dappradar.com

So this is just another story of giveaway scam in emails but with a twist.

[1714539418]

1714539418

[1714539418]

1714539418

[_act_]

That means that your email has been known to scammers as it is used to get to use to fall victim of a phishing attack. It is good to use your email not to subscribe on any site anyhow you want, the untrusted sites that you gave that email has been the reason for this. My emails something like this happened to in the past, I just do not use it again. The airdrops of what you did not subscribe for is definitely a way to know that you are dealing with scammers.

[ABCbits]

Scammer really have clever idea. But i expect Patreon will take action very soon since they don't want all of their email got blocked by Google (and other major email service provider) due to high rate of report. Although i find it's weird that Patreon would send email if you don't subscribe to anyone.

[PX-Z]

That means that your email has been known to scammers as it is used to get to use to fall victim of a phishing attack.

Yes, this is the same email i used to buy from ledger and used in an account in cmc which was also breached as per haveibeenpwned.com.
The thing is, all spam emails get redirected to spam folder but not this one since patreon looks legit mail, i actually received 3 mails from them today.

Although i find it's weird that Patreon would send email if you don't subscribe to anyone.

Yes, first is i received an email about registration in patreon which i never did, then the 2nd and 3rd email are like in the OP. Although there's no suspicious activity of my email since this is 2fa activated, backup with all the available options in gmail except the device key stick (yubikey). The registration then receiving emails feels off.

[albon]

Now, they have used Patreon's email to send deceptive phishing messages. OMG!  

I read an article a while ago and will provide the source link below to check it. It indicates that the email addresses of WalletConnect, Token Terminal, and news providers like Cointelegraph and De.Fi also has scammers use a method to send phishing messages to users through them. What I understood is that the methods leading to this may involve a security breach of third-party email service providers that these companies collaborated with. It could result from hacking these companies' employees or email servers. It may also involve email spoofing, forging the "From" field to make the fraudulent email sent to users look official and legitimate.

What's happening now suggests that one should take the sender's email seriously and do research before clicking on the link to which you will be redirected. Fortunately, you can detect the phishing link of the Radar airdrop through the image they attached in the message, or you can also right-click to copy the link they added to the text without clicking directly and then perform further search, just like you did @OP.

Source: https://coinmarketcap.com/community/articles/65afd21750a9b65042b7b024/

[Bitcoin_Arena]

I received a similar email on one of my email addresses but what is funny is that they first sent a confirmation email as though someone had registered on patreon.com using my email address



20 minutes later, I received the chain link phishing email. I think they have a database of leaked emails so they keep registering each on the patreon.com and then use a loophole to push phishing emails.

[PX-Z]

I received a similar email on one of my email addresses but what is funny is that they first sent a confirmation email as though someone had registered on patreon.com using my email address
..
20 minutes later, I received the chain link phishing email. I think they have a database of leaked emails so they keep registering each on the patreon.com and then use a loophole to push phishing emails.

Right? I thought about it too, like is my email was compromised? I never heard a notification of suspicious activity though, or login access in any device which i always get when i'm trying to login in other device, browser, or even google login in websites. All 2fa was set too except for the device stick.

[Bitcoin_Arena]

Right? I thought about it too, like is my email was compromised? I never heard a notification of suspicious activity though, or login access in any device which i always get when i'm trying to login in other device, browser, or even google login in websites. All 2fa was set too except for the device stick.

The login credentials to your email address may have not leaked before, especially if you don't reuse passwords, but logins to another site may have leaked. For example, when I check that email address of mine that received the phishing message on https://haveibeenpwned.com, it has been involved in 8 data breaches so far, so personally I am not surprised when I get such phishing emails.
You could also check yours too

[PX-Z]

The login credentials to your email address may have not leaked before, especially if you don't reuse passwords, but logins to another site may have leaked. For example, when I check that email address of mine that received the phishing message on https://haveibeenpwned.com, it has been involved in 8 data breaches so far, so personally I am not surprised when I get such phishing emails.
You could also check yours too

Yes, that email was seen on haveibeenpwned.com twice from cmc and ledger breached as i mentioned on my earlier reply. Although this trick is the only one that got me thinking unlike others which go to spam folder.

[Potato Chips]

Just got off r/patreon and found out you don't need to confirm your email (when you make an account) to follow a creator and receive updates on your email! ofc, scammers would take advantage of this once they find out.

PSA: If you have received a confirmation email from patreon indicating an account was made under your email address, it is likely real and you may wanna take control of this account otherwise, scammers will abuse it to death until patreon.com fix this.

What's Happening:

Scammers have figured out how to get Patreon to send spam for them. It works like this:

1. Scammer goes to patreon.com, and creates an account with your email address
2. Patreon sends a confirmation email to you. The scammer never gets this, but they don't care.
3. The scammer uses the new account to follow their crypto Patreon campaign.
4. The crypto patreon campaign then posts an update on Patreon.
5. Patreon sends the update as an email to all of the (unwitting) followers of the crypto campaign.

All of the emails come from Patreon, so they seem legitimate.

What you can do

Complain to Patreon that they allow spammers to use their services.
1. Take to social media, and tag '@patreon' or '@patreonsupport'
2. Point them to this post, or tell them that they should stop sending notifications to unconfirmed accounts.

Take control of the new Patreon account (if you ever want to use Patreon)
1. Confirm the Patreon account email (make sure it's an email from patreon.com)
2. Change the password (never reuse passwords between web sites)
3. Unfollow the crypto spammers <-- this will stop the spam emails coming

OR, in your email settings, block all email from patreon.com (if you don't care)

@OP, could you mention the reddit post as well on the first post? I think it deserves the extra exposure.

[PX-Z]

Just got off r/patreon and found out you don't need to confirm your email (when you make an account) to follow a creator and receive updates on your email! ofc, scammers would take advantage of this once they find out.

Sending confirmation email doesn't make any sense if its still the case. Now it's a wide spread loophole for scammers to do their shitty agenda. I reported this to patreon i hope they do something about this.

@OP, could you mention the reddit post as well on the first post? I think it deserves the extra exposure.

Thank you, i already did.

[Bitcoin_Arena]

>>snip<<

Exactly what I also thought when I first received a confirmation email before phishing email, so I figured out that they could be taking some security loophole with Patreon.

It looks like Patreon have been made aware of the issue and I received another email from them as shown in the screenshot.

[Yamane_Keto]

I saw a lot of similar complaints on Reddit. It seems that scammers have sent this scam to thousands of people. I hope that none of them lost their money, but I think it is time for Gmail to develop a little. In recent years, they have not provided effective tools to combat phishing, while there are other service providers that have provided many edits that can help mitigate such fraud.

[blckhawk]

That means that your email has been known to scammers as it is used to get to use to fall victim of a phishing attack. It is good to use your email not to subscribe on any site anyhow you want, the untrusted sites that you gave that email has been the reason for this. My emails something like this happened to in the past, I just do not use it again. The airdrops of what you did not subscribe for is definitely a way to know that you are dealing with scammers.

That's exactly what happened because there's no way that this can be just a simple spam attack, it's likely from a compromised database somewhere that OP has used that email for, that's what happened here in my country, they made the non-registration of phone numbers a criminal offense and then the IT side of the government that's supposed to be handling those numbers and the data all end up being stolen by hackers which they sell to some IT black market and casinos and scams buy these stolen data so they can bombard us with ads or scams.

[Bitcoin_Arena]

I saw a lot of similar complaints on Reddit. It seems that scammers have sent this scam to thousands of people. I hope that none of them lost their money, but I think it is time for Gmail to develop a little. In recent years, they have not provided effective tools to combat phishing, while there are other service providers that have provided many edits that can help mitigate such fraud.

For a service whose parent company (Google) still accepts scam and phishing site ads to appear at the top of their search engine's results even after many years of internet scam, expect less.
Patreon is also partly to blame. They had a very weak security protocol. All a scammer had to do was to sign up on their website using random email addresses of other people and without email verification, the newly created accounts were able to subscribe to scam accounts. Worse still, there would be notifications of posts to unverified email addresses. So the scammers figured that they would just create phishing messages that are sent as notifications to unsuspecting user email addresses. I hope they fixed the loophole.

[PX-Z]

... but I think it is time for Gmail to develop a little. In recent years, they have not provided effective tools to combat phishing, while there are other service providers that have provided many edits that can help mitigate such fraud.

That won't do, they have their google safe browsing site status checker and it doesn't work as always on phishing and malicious URLs. Although there are users and services who keep feeding google on these urls to include on their blocklist. With how active these scammers/hackers are it always still hard to cease them.

[Potato Chips]

Exactly what I also thought when I first received a confirmation email before phishing email, so I figured out that they could be taking some security loophole with Patreon.

It looks like Patreon have been made aware of the issue and I received another email from them as shown in the screenshot.
https://www.talkimg.com/images/2024/01/25/kEd4G.png

It's nice to see such notice email from them but I don't think the root problem was solved.

They did say additional protections were made but it's probably just band-aid treatment. I had to try on a test account and things were still the same... I was able to make an account without verifying my email address, follow someone plus all email notifications including ones from memberships were still enabled by default on the settings.

[ScamViruS]

I saw a lot of similar complaints on Reddit. It seems that scammers have sent this scam to thousands of people. I hope that none of them lost their money, but I think it is time for Gmail to develop a little. In recent years, they have not provided effective tools to combat phishing, while there are other service providers that have provided many edits that can help mitigate such fraud.

Gmail has now become the most effective medium for scammers, as they easily use Gmail to promote various types of phishing links. Why the developers of Gmail are not serious about this is the most important thing, in recent times scammers are sending mails targeting the users of many crypto wallets even though the information of the users of those wallets is being leaked from the websites of those wallets.

Once scammers could easily promote these phishing scams on Google, now they have been stopped. I hope that this phishing promotion on Gmail will also stop soon. The developers will be serious about this.

[Yamane_Keto]

Patreon is also partly to blame. They had a very weak security protocol. All a scammer had to do was to sign up on their website using random email addresses of other people and without email verification, the newly created accounts were able to subscribe to scam accounts. Worse still, there would be notifications of posts to unverified email addresses. So the scammers figured that they would just create phishing messages that are sent as notifications to unsuspecting user email addresses. I hope they fixed the loophole.

I do not think that is that easy If it is that easy, then this is a big problem.
There are many famous services that you can use without verifying the email. However, we have not heard of any similar cases from them.  no matter how much these services try to develop, it remains linked to email provider. If that provider takes additional measures, I think that the phishing rate will decrease by 90% or more.

[FinneysTrueVision]

Even if your subscription expires or there is a creator you are interested in supporting in the future there is a free tier that you can subscribe to and receive email updates whenever there is something posted in that tier. Scammers can buy or hack inactive accounts and convert them into scam accounts and spam all the previous subscribers with phishing emails. Apparently, there was also a loophole which allows people to create an account without verifying the registered email and they will still send you notification emails when these scammers subscribe you to their phishing. Since there are free subscription tiers this type of attack costs them nothing.

It should be easy for Patreon to close this loophole by requiring an email to be verified before adding it gets added to a content creator's mailing list. It is a great practice to use a different email alias for every website you use so that if one of your addresses gets publicly exposed it can be deactivated and you won't you can stop receiving these malicious emails trying to target you.