Bitcoin Forum
December 04, 2016, 04:12:53 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Attention Phishing (Mtgox)  (Read 1867 times)
bitrain
Sr. Member
****
Offline Offline

Activity: 308



View Profile
February 26, 2012, 01:51:29 PM
 #1

 Just received an e-mail:

Quote
Dear Mt.Gox user,

Your account is currently pending review, please visit htps://mtgox.com/forms/verification (fake link)
For those users who have had their accounts marked for review, an explanation of why were are implementing these security measures can be found here:

Security Measures Explained

“Verified” Accounts are eligible for monthly/daily transaction limits of up to 5 times the monthly limit and 10 times the daily limit.

In order to apply for the “Verified” account status please attach a copy of the following documents:
- Your government issued photo ID (passport, permanent residence card or driver’s license) and
- A scan of either your monthly utility bill (power, phone, TV, gas, water, etc.) or a certificate of residency issued by your local government.

Thanks,
The Mt.Gox team

 Typical phishing. Don't play with it.
 All links drives to http://yhhr4.tmweb.ru . Message sent from Ukraine.

1480824773
Hero Member
*
Offline Offline

Posts: 1480824773

View Profile Personal Message (Offline)

Ignore
1480824773
Reply with quote  #2

1480824773
Report to moderator
1480824773
Hero Member
*
Offline Offline

Posts: 1480824773

View Profile Personal Message (Offline)

Ignore
1480824773
Reply with quote  #2

1480824773
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480824773
Hero Member
*
Offline Offline

Posts: 1480824773

View Profile Personal Message (Offline)

Ignore
1480824773
Reply with quote  #2

1480824773
Report to moderator
ineededausername
Hero Member
*****
Offline Offline

Activity: 784


bitcoin hundred-aire


View Profile
February 26, 2012, 02:35:19 PM
 #2

I went and gave them this:
Username: fuck
Password: you
Grin

(BFL)^2 < 0
jake262144
Full Member
***
Offline Offline

Activity: 210


View Profile
February 26, 2012, 02:47:25 PM
 #3

I went and gave them this:
Username: fuck
Password: you
Grin
Not prudent - you can't tell what browser exploits the fake site might have been enriched with.
While your act of defiance is duly noted, never actually touching the attacking server is the way to go.

And *PLEASE* don't tell me that running <your_favourite_antivirus> justifies this attitude.
marked
Full Member
***
Offline Offline

Activity: 168



View Profile
February 26, 2012, 02:56:49 PM
 #4

Not prudent - you can't tell what browser exploits the fake site might have been enriched with.
While your act of defiance is duly noted, never actually touching the attacking server is the way to go.

And *PLEASE* don't tell me that running <your_favourite_antivirus> justifies this attitude.

ha, they can't exploit my lynx running from my atari st that's running MiNT....  Smiley

marked, now wondering what gui browser is available.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 26, 2012, 03:05:56 PM
 #5

I went and gave them this:
Username: fuck
Password: you
Grin

why didn't you use your former avatar?  aka The Bird.
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1722

Let's talk governance, lipstick, and pigs.


View Profile
February 26, 2012, 04:49:25 PM
 #6

Let's compare notes. Did anyone contact anyone in the bitcoin community by email shortly before getting this phishing email? Or did anyone post in a particular section or thread? I'm not asking for names, I'm simply looking for a pattern.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
February 26, 2012, 04:59:02 PM
 #7

I went and gave them this:
Username: fuck
Password: you
Grin
Not prudent - you can't tell what browser exploits the fake site might have been enriched with.
While your act of defiance is duly noted, never actually touching the attacking server is the way to go.

And *PLEASE* don't tell me that running <your_favourite_antivirus> justifies this attitude.
i got noscript. problem?

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
jake262144
Full Member
***
Offline Offline

Activity: 210


View Profile
February 26, 2012, 05:19:06 PM
 #8

i got noscript. problem?
That makes at least two of us...  Cheesy
That "fuck you" attitude needed some sort of comment lest we see newbs catching up the idea and getting zapped. A week later "I lost my bitcoins" posts will crop up like a bad rash on one's behind.

Also, don't fall into the delusion of invulnerabillity. There have been exploits aplenty targeting various bugs in html parsing, completely orthogonal to JavaScript.
NoScript makes you a less desirable/expected target but it can't mitigate all attack vectors.
dub0matic
Full Member
***
Offline Offline

Activity: 182



View Profile
February 26, 2012, 08:23:26 PM
 #9

haha thats exactly why i came here today to make sure. lastweek i got it and width-drew all my my coins i would never verify my account mtgox anyway

make it rain haha
btc 176MrZ3CCXGb1GqFiGaoqQpaynzYqZsW6n
stick_theman
Sr. Member
****
Offline Offline

Activity: 372


View Profile
February 27, 2012, 05:50:13 AM
 #10

I wonder how successful these phising emails are, giving the btc community is a lot more tech savvy.
drakahn
Hero Member
*****
Offline Offline

Activity: 504



View Profile
February 27, 2012, 05:53:26 AM
 #11

i wonder what site the people that got it are all a member of

14ga8dJ6NGpiwQkNTXg7KzwozasfaXNfEU
sveetsnelda
Hero Member
*****
Offline Offline

Activity: 644


View Profile
February 27, 2012, 07:10:52 AM
 #12

i wonder what site the people that got it are all a member of

That's the real question. What membership are they drawing from and how did they get that access?

When MTGox was hacked months ago, the user database was leaked.  I'm sure it's still from that database.

14u2rp4AqFtN5jkwK944nn741FnfF714m7
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1722

Let's talk governance, lipstick, and pigs.


View Profile
February 27, 2012, 07:39:01 AM
 #13

Besides MT Gox, I have only given my email address to Matthew. I hope his system isn't compromised. Although the mods/admins may have access to it as well.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
Bro
Full Member
***
Offline Offline

Activity: 218



View Profile
February 27, 2012, 09:52:45 AM
 #14

i wonder what site the people that got it are all a member of

That's the real question. What membership are they drawing from and how did they get that access?

When MTGox was hacked months ago, the user database was leaked.  I'm sure it's still from that database.

nope, I haven't receive any phishing attempt
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
February 27, 2012, 10:16:03 AM
 #15

i wonder what site the people that got it are all a member of

That's the real question. What membership are they drawing from and how did they get that access?

When MTGox was hacked months ago, the user database was leaked.  I'm sure it's still from that database.

my account was formed since then :/  i got the phishing stuff too. it is really why i do not want to deal with gox via email. on the forum or irc is the safest way.
Opposite, here, though same point implied. I had account prior to hack but did not get the phishing email (checked spam folder) - also subscribed to BTC Mag.

Not sure what other large BTC-related services remain which hold email.

Don't mix your coins someone said isn't legal
zer0
Sr. Member
****
Offline Offline

Activity: 350



View Profile
February 27, 2012, 05:42:51 PM
 #16

I gave up on tracking gox phishing scams ever since one of my old emails was leaked I must get around a dozen per week of various pathetic nigerian attempts
deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
February 27, 2012, 10:41:39 PM
 #17

I got my phishing stuff about a month ago, at least before Matthew had my address. I doubt that is the source.

Goat is there any need to implicate Matthew beyond some form of unreasonable animosity?

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
Kluge
Donator
Legendary
*
Offline Offline

Activity: 1218


Michael, send me some coins before I hitman you


View Profile
February 27, 2012, 10:43:05 PM
 #18

I got my phishing stuff about a month ago, at least before Matthew had my address. I doubt that is the source.

Goat is there any need to implicate Matthew beyond some form of unreasonable animosity?
Ciphercoin brought him up, not Goat, who actually implied it was not Matt. (unless I misinterpreted it)

Don't mix your coins someone said isn't legal
deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
February 27, 2012, 10:44:52 PM
 #19

I got my phishing stuff about a month ago, at least before Matthew had my address. I doubt that is the source.

Goat is there any need to implicate Matthew beyond some form of unreasonable animosity?
Ciphercoin brought him up, not Goat, who actually implied it was not Matt. (unless I misinterpreted it)

Valid point, well we know gox has been comprimised before them selling our emails wouldnt suprise me

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!