Phishing Attempts to be aware of

[TimeWatch]

Phishing is the problem that cannot be controlled.It's the huge threat for many people around the internet every now and then.And also many people doesn't know about it or by ignorance they become a victim of it and loose money.

[1714509003]

1714509003

[1714509003]

1714509003

[1714509003]

1714509003

[phantomcircuit]

(I'm posting about the invoice jars in this thread because it's the only thread on bitcointalk that mentions it)

It's not just cloudhashing.com, it seems as though somebody got into the mailing servers (or at least spoofed them, but it looks legit) of various large/largish bitcoin websites, i got one from btc-e.

I got an email from both btc-e.com and cloudhashing.com with this invoice_772.jar

Actually, cloudhashing.com was invoice_773.jar

The "From" header in an email is not authenticated in anyway.

These emails are being sent from compromised servers through the smtp.com email service.

Please forward the phishing email to abuse@smtp.com

The .jar file contains a packed (ie disguised) trojan.

Whoever is doing this is rapidly modifying their technique and constantly changing the packing format.

It takes about 2 weeks for major AV products to update their signatures each time the attacker updates it, which unfortunately makes them basically useless.

tl;dr dont execute email attachments ending in .jar antivirus cant help you with this one!

[applesRyummy]

i already got an email from blockchain after i open the link its look phising website

and i close that link

You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks
and the i close that link and delete the email from my email

It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod

[williamj2543]

i already got an email from blockchain after i open the link its look phising website

and i close that link

You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks
and the i close that link and delete the email from my email

It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod

Get a wallet prefix, I got one. You don't have to keep any identifier anywhere, you just go to blockchain.info/wallet/mywalletname and it will fill in the identifier for you if the computer is trusted, if not it sends an email to confirm the computer and you can either click on the link in the email, or reopen the site for security. I personally use it.

[imBLACKjack]

i already got an email from blockchain after i open the link its look phising website

and i close that link

You should be fine. I don't think its possible for a website to directly infect you without downloading anything. Even if it looks like a phishing website I still open it so that I know how it looks. 

yeah i still open for 5 minutes to see how it looks
and the i close that link and delete the email from my email

It is probably best to delete the email to avoid accidentally clicking on the click when you are less vigilant.

I personally always will manually type in "blockchain.info" into my browser but sometimes it will forget my identifier, so I go to my email, get a recent backup of my wallet and click on the link, if you have a random pishing link in your email you man accidentally click on it and actually enter your passwrod

Get a wallet prefix, I got one. You don't have to keep any identifier anywhere, you just go to blockchain.info/wallet/mywalletname and it will fill in the identifier for you if the computer is trusted, if not it sends an email to confirm the computer and you can either click on the link in the email, or reopen the site for security. I personally use it.

What if you don't have an email associated with your wallet? Will it let anyone who knows your prefix attempt to access your wallet? How does it know your computer is "trusted"

[Kakmakr]

I saw people complaining about a phishing attempt on users on this forum too.

The person PM you, saying he has bad new or something, and post a link, that looks like a bitcointalk.org address, and if you click on that link, it prompts you to login. When you type in your username and password, your account is hacked. 

Luckily, nobody wants a newbie account, like mine. ^smile^

[Coef]

I saw people complaining about a phishing attempt on users on this forum too.

The person PM you, saying he has bad new or something, and post a link, that looks like a bitcointalk.org address, and if you click on that link, it prompts you to login. When you type in your username and password, your account is hacked. 

Yup, you need to be careful with all the links in posts, PMs, or emails.
Double check if the hyperlink is leading to the right site before clicking it, and be extra careful with redirecting links.

[icet208]

I`ve been hacked with Phishing method on btc-e.com

[Chemistry1988]

Other than being careful with all the links, you should enable 2FA on every sites in which the feature is available (eg. Coinbase, Bitstamp, btc-e, blockchain.info, etc) as a second protection to your bitcoin.

[williamj2543]

Other than being careful with all the links, you should enable 2FA on every sites in which the feature is available (eg. Coinbase, Bitstamp, btc-e, blockchain.info, etc) as a second protection to your bitcoin.

blockchain.info has it by default I think. On new computers, or if it has been a while I have to check my email to re verify my wallet.

[soowein]

Wouldn't it be easy for someone to figure out who owned that url
and charge him with conspiracy to hacking and stealing?