Fake Bounties using Phishing

[sicattjl 33]

Phishing consists of the impersonation of an authority, company or even someone, in order to trick the victim into revealing their confidential information. In this way, the attacker can access your accounts or wallets and steal the funds.

We can distinguish several types of phishing used in the crypto world:

 

Cloned sites
This is the most common type. Here the scammers prepare a website identical to the legitimate one, which can be from an exchange house or online wallet to the official page of an Initial Coin Offering (ICO), and spread it through different means, including email, chats and even Google ads that can be mistaken for the original page in search results.
It is not unusual that, in the case of email and chats, the link to the fraudulent site is accompanied by some false story about the company requiring the user to log into their account. Thus, when the victim enters their credentials to enter the supposed site, what they are actually doing is giving them to the attacker.

 

The most effective way to avoid this scam is to look closely at the URL of each page where we have funds before entering any credentials. In phishing, the URL always changes in some character, since the domain (name) of the company or project is already taken and it is not possible that there are two exactly alike. In this sense, once we identify the real page, we should save it in Favorites and enter there, instead of using the search results.

This was the case with MyEtherWallet last year, while this year among the cloned sites are the popular Blockchain.info domain and the Token Bee ICO, where cybercriminals managed to steal up to $ 700,000.

 

Fake support teams
Sometimes scammers save themselves the trouble of creating the fake site by simply posing as the support team of some legitimate platform, including exchanges and wallets. In this way, the only thing they imitate are the logos and the email address of the company within the message they send to their victims to announce any alleged inconvenience and request their private information with the false purpose of helping them.

 

As the FBI's Internet Crime Complaint Center explains: "The fraudulent support requests access to the victim's virtual wallet and transfers the victim's virtual currency to another wallet for a temporary hold during maintenance. The virtual currency it is never returned to the victim, and the criminal ceases all communication. Criminals who have access to the victim's electronic device use the victim's personal information and credit card to purchase and transfer virtual money to an account controlled by the criminal ".

 

It is important to remember in these cases that both traditional financial companies and cryptocurrency platforms never ask for your credentials, under any circumstances. Simply because they already have them.

 

Phone scams or vishing (voice phishing)
In this case, the scammers do not contact you directly, but rather your phone company. After finding out your phone number and even your identification number and address thanks to a stolen invoice or because you simply published that information at some point, the attacker contacts the company to transfer your line to a new SIM card under his control.

Since the security of several telephone companies is usually quite weak in these cases, the operator will ask the attacker very little information to confirm his identity. If successful, the criminal will be able to reset all the passwords of the legitimate user using two-step authentication, that is, the code that reaches the phone and that usually serves as an extra layer of security. In this way, online wallets could be emptied in a matter of minutes, long before the rightful owner can do anything.

 

This happened to Cody Brown, who had to see his 8 thousand dollars in cryptocurrencies disappear in fifteen minutes. A similar case was that of Jered Kenna, who lost up to $ 40,000 for each day that he failed to resolve the problem with the phone company.

A similar scenario
It may also happen that the phone scam targets you. In this way, someone could contact you posing as a company, tell you a false story and not only ask for your credentials, but also urge you to deposit funds in a portfolio.

This is what happened to an elderly woman in Canada: a scammer contacted her by phone, assuring her that she was a member of the local police and that she owed a large sum in taxes, so she had to go to bitcoin ATMs to solve them . Before the fraud was discovered, the woman deposited 17 thousand dollars

 

See you in my next post

[sicattjl 33]

13 minutes ago, SAMJ101 said:

Thank you very much. Good article. I have more than 20 Emails that are begging me to click a button in HTML page.

The hacker claims it is the support team's Email. and ask me to enter my pass.

But he/she doesn't know there is a big mistake in this cheating plan.

 

I recommend, delete and block this email user. He/She is a Scammer

[smithk 149]

Thanks. Very informative article. It is always advisable to counter check the websites we access to avoid giving out our private info to scammers

[Heisenberg 3301 1]

Thanks for this useful information. I've come across this many times

[Calvinpriva 17296]

Of course, there are many fake bounties from phishing websites. We should be very careful about this and make sure we make research on each bounty before we participate on them. Many people have been scammed by this trick.

[qsy12 24]

There are many fraud methods on the Internet, and in fact, unfortunately, many beginners in this field fall into them, and the loss is great at some times, and the legal authorities must put an end to them. We have fallen into many fraudsters like them, unfortunately.

[Zeshan Khalid 2577]

These persons through fraudulent emails or posts let people enter thier sensitive information on a site through which your wallet can be hacked easily and you lose your money.

[AlfFusco 664]

Thank you for the very interesting information, now there are really a lot of scammers, I constantly notice fake emails in the mail, so you should always be careful and not fall for the tricks of scammers

[Raqeebzy 6456]

Great post mate, extensively explained.

Fake bounties are everywhere. The need to be very clever when dealing with each and every random bounties cannot be over talked about. I take on bounties but when it comes to releasing personal information, clicking on links and downloads, I am extra careful. In fact, hunting bounties is advised to be done separately from platforms you use in accessing wallets and exchanges.

[skyfqv 7]

Good day. read your article and find it very helpful. Recently, there have been a lot of fake airdrops that not only gain an audience, but also steal payment data. Thank you for bringing up such important topics. Good luck to you!

[mzk7736 1592]

Fake bounties are a big risk as they can introduce phishing to your wallet. They make you click on suspicious links then ask about your sensitive information to enter your private online space.

[Abdulkhaleed 17]

On 10/5/2020 at 9:16 PM, sicattjl said:

Phishing consists of the impersonation of an authority, company or even someone, in order to trick the victim into revealing their confidential information. In this way, the attacker can access your accounts or wallets and steal the funds.

We can distinguish several types of phishing used in the crypto world:

 

Cloned sites
This is the most common type. Here the scammers prepare a website identical to the legitimate one, which can be from an exchange house or online wallet to the official page of an Initial Coin Offering (ICO), and spread it through different means, including email, chats and even Google ads that can be mistaken for the original page in search results.
It is not unusual that, in the case of email and chats, the link to the fraudulent site is accompanied by some false story about the company requiring the user to log into their account. Thus, when the victim enters their credentials to enter the supposed site, what they are actually doing is giving them to the attacker.

 

The most effective way to avoid this scam is to look closely at the URL of each page where we have funds before entering any credentials. In phishing, the URL always changes in some character, since the domain (name) of the company or project is already taken and it is not possible that there are two exactly alike. In this sense, once we identify the real page, we should save it in Favorites and enter there, instead of using the search results.

This was the case with MyEtherWallet last year, while this year among the cloned sites are the popular Blockchain.info domain and the Token Bee ICO, where cybercriminals managed to steal up to $ 700,000.

 

Fake support teams
Sometimes scammers save themselves the trouble of creating the fake site by simply posing as the support team of some legitimate platform, including exchanges and wallets. In this way, the only thing they imitate are the logos and the email address of the company within the message they send to their victims to announce any alleged inconvenience and request their private information with the false purpose of helping them.

 

As the FBI's Internet Crime Complaint Center explains: "The fraudulent support requests access to the victim's virtual wallet and transfers the victim's virtual currency to another wallet for a temporary hold during maintenance. The virtual currency it is never returned to the victim, and the criminal ceases all communication. Criminals who have access to the victim's electronic device use the victim's personal information and credit card to purchase and transfer virtual money to an account controlled by the criminal ".

 

It is important to remember in these cases that both traditional financial companies and cryptocurrency platforms never ask for your credentials, under any circumstances. Simply because they already have them.

 

Phone scams or vishing (voice phishing)
In this case, the scammers do not contact you directly, but rather your phone company. After finding out your phone number and even your identification number and address thanks to a stolen invoice or because you simply published that information at some point, the attacker contacts the company to transfer your line to a new SIM card under his control.

Since the security of several telephone companies is usually quite weak in these cases, the operator will ask the attacker very little information to confirm his identity. If successful, the criminal will be able to reset all the passwords of the legitimate user using two-step authentication, that is, the code that reaches the phone and that usually serves as an extra layer of security. In this way, online wallets could be emptied in a matter of minutes, long before the rightful owner can do anything.

 

This happened to Cody Brown, who had to see his 8 thousand dollars in cryptocurrencies disappear in fifteen minutes. A similar case was that of Jered Kenna, who lost up to $ 40,000 for each day that he failed to resolve the problem with the phone company.

A similar scenario
It may also happen that the phone scam targets you. In this way, someone could contact you posing as a company, tell you a false story and not only ask for your credentials, but also urge you to deposit funds in a portfolio.

This is what happened to an elderly woman in Canada: a scammer contacted her by phone, assuring her that she was a member of the local police and that she owed a large sum in taxes, so she had to go to bitcoin ATMs to solve them . Before the fraud was discovered, the woman deposited 17 thousand dollars

 

See you in my next post

Thank you for your information, indeed this a good article, one will know how to take care of such kind of issues

[zagzag 320]

Unfortunately, we always come across fake rewards on the internet, especially using phishing. The points you have stated in your article are really important and real. However, in addition to individuals and the state, there are important duties and responsibilities especially for certain platforms. Because there have been many victimizations related to this until today. So please, let's all be careful about this.

[Malik Ayaz 506]

Phishing is one of the common and most used techniques used by hackers. Phishing is the layout of any famous program where you have to put your secret passwords. Please be aware and before logging in verify it. In short, I would suggest everyone have a good knowledge of how to prevent hacking. Thanks for the useful information that you provide as it will help members of this forum to prevent from being hacked

[Michar1 1693]

On one occasion when they launched a previous yobit airdrop, something like this happened on a pirate cryptotalk platform that was sending messages to the different yobit users but towards your email, there were people who fell, later they warned about that problem and more further was resolved.

[Mohammad Sultan 857]

Pushing is just like a way where they trap u by the interface of popular websites where u have to put your security codes. So avoid them and if get such link please verify them is that belongs to actual website or not. If u become careless than u can lose all your money even personal data

[Mohammad Feyaz 615]

Really it's appreciated what you have write as it will all those who can be a victim of pishing and can reveal their confidential information. So be aware of those bounties compaign and if u come across any other bounties compaign than verify before revealing your secret passwords

[Aledar 48]

This is very good information indeed but reality is that you cant trust people in crypto because a lot of them will try to scam you using social engineering even if this looks like a bounty program or airdrop you are not that really safe.

[yenniferamos14lsv 45]

Phishing is a very common evil in the world of cryptocurrencies, we must be very careful with the links we open, the emails. To take care of us, some exchanges and banks advise that we directly enter their page with the domain, do not search for it by google, when receiving an email, let's verify its origin, and configure the email to send the unknown to the spam folder, take care of this type of scams

[Mdhassan 270]

On 10/5/2020 at 9:16 PM, sicattjl said:

Phishing consists of the impersonation of an authority, company or even someone, in order to trick the victim into revealing their confidential information. In this way, the attacker can access your accounts or wallets and steal the funds.

We can distinguish several types of phishing used in the crypto world:

 

Cloned sites
This is the most common type. Here the scammers prepare a website identical to the legitimate one, which can be from an exchange house or online wallet to the official page of an Initial Coin Offering (ICO), and spread it through different means, including email, chats and even Google ads that can be mistaken for the original page in search results.
It is not unusual that, in the case of email and chats, the link to the fraudulent site is accompanied by some false story about the company requiring the user to log into their account. Thus, when the victim enters their credentials to enter the supposed site, what they are actually doing is giving them to the attacker.

 

The most effective way to avoid this scam is to look closely at the URL of each page where we have funds before entering any credentials. In phishing, the URL always changes in some character, since the domain (name) of the company or project is already taken and it is not possible that there are two exactly alike. In this sense, once we identify the real page, we should save it in Favorites and enter there, instead of using the search results.

This was the case with MyEtherWallet last year, while this year among the cloned sites are the popular Blockchain.info domain and the Token Bee ICO, where cybercriminals managed to steal up to $ 700,000.

 

Fake support teams
Sometimes scammers save themselves the trouble of creating the fake site by simply posing as the support team of some legitimate platform, including exchanges and wallets. In this way, the only thing they imitate are the logos and the email address of the company within the message they send to their victims to announce any alleged inconvenience and request their private information with the false purpose of helping them.

 

As the FBI's Internet Crime Complaint Center explains: "The fraudulent support requests access to the victim's virtual wallet and transfers the victim's virtual currency to another wallet for a temporary hold during maintenance. The virtual currency it is never returned to the victim, and the criminal ceases all communication. Criminals who have access to the victim's electronic device use the victim's personal information and credit card to purchase and transfer virtual money to an account controlled by the criminal ".

 

It is important to remember in these cases that both traditional financial companies and cryptocurrency platforms never ask for your credentials, under any circumstances. Simply because they already have them.

 

Phone scams or vishing (voice phishing)
In this case, the scammers do not contact you directly, but rather your phone company. After finding out your phone number and even your identification number and address thanks to a stolen invoice or because you simply published that information at some point, the attacker contacts the company to transfer your line to a new SIM card under his control.

Since the security of several telephone companies is usually quite weak in these cases, the operator will ask the attacker very little information to confirm his identity. If successful, the criminal will be able to reset all the passwords of the legitimate user using two-step authentication, that is, the code that reaches the phone and that usually serves as an extra layer of security. In this way, online wallets could be emptied in a matter of minutes, long before the rightful owner can do anything.

 

This happened to Cody Brown, who had to see his 8 thousand dollars in cryptocurrencies disappear in fifteen minutes. A similar case was that of Jered Kenna, who lost up to $ 40,000 for each day that he failed to resolve the problem with the phone company.

A similar scenario
It may also happen that the phone scam targets you. In this way, someone could contact you posing as a company, tell you a false story and not only ask for your credentials, but also urge you to deposit funds in a portfolio.

This is what happened to an elderly woman in Canada: a scammer contacted her by phone, assuring her that she was a member of the local police and that she owed a large sum in taxes, so she had to go to bitcoin ATMs to solve them . Before the fraud was discovered, the woman deposited 17 thousand dollars

 

See you in my next post

Scammers are very claiming to be wise they like legit community, they disburse the fake identity to avoid track them out i recommend to view various attempt about the site before we trust them 

[Sanaaa 18]

In my opinion 

Then his email was hacked, with phishing emails sent to thousands of his contacts it's so dangerous people's that is good for way scammer and give them a strict punishment.....

[Cryptotakl1 0]

There are many fraud method on the internet and in fact unfortunately ,many beginning in this field fall into them . through which your wallet your can be hacked easily and you your money .

[rahul12345 0]

Of course there are a lot of duplicate on all thes sites .they never want me to lose my account in the car .many people have been scammed by this strategy .and not fall for the stunts of con artists 

[Aroosa Malik 219]

Thanks friend for useful information . Pushing is like a way where they trap you by the interface of popular websites where you have to put your security codes. It is a good advice for all members to be avoid of such fraud and scammers. 

[Eezabell 339]

There are many sites that are the scam and promotes the scam services. We should not have do the sites by joining these websites. We must have to report against these sites.