phishing
126,010 views
46 Posts
Hot
Latest
🚨 Phishing Attack Alert: $11.1M Lost in Recent Exploit! 🚨
Approximately 6 hours ago, a major phishing attack resulted in a significant loss of assets.
Details of the Exploit:
1⃣ 3,657 $MKR ($8,766,097) and 2.56M PT Ethena tokens ($2.4M) were stolen.
2⃣ The exploiter sold 3,657 MKR for 2,502 $ETH ($8,766,097), causing a 7.5% drop in the price of #MKR
3⃣ Additionally, 2.56M PT Ethena tokens were swapped for 689 ETH ($2.41M).
This incident highlights the critical importance of security in the crypto space. Always remain vigilant and take necessary precautions to protect your assets.
#Crypto #phishing #bitcoin #Binance $BNB
Approximately 6 hours ago, a major phishing attack resulted in a significant loss of assets.
Details of the Exploit:
1⃣ 3,657 $MKR ($8,766,097) and 2.56M PT Ethena tokens ($2.4M) were stolen.
2⃣ The exploiter sold 3,657 MKR for 2,502 $ETH ($8,766,097), causing a 7.5% drop in the price of #MKR
3⃣ Additionally, 2.56M PT Ethena tokens were swapped for 689 ETH ($2.41M).
This incident highlights the critical importance of security in the crypto space. Always remain vigilant and take necessary precautions to protect your assets.
#Crypto #phishing #bitcoin #Binance $BNB
Explained : Crypto Scams (Must Read....)
The rise of cryptocurrencies has brought about many opportunities for investors, traders, and businesses. However, it has also opened up a new avenue for scammers to deceive unsuspecting individuals. Crypto scams have become increasingly prevalent in recent years, with new scams emerging all the time. In this article, we will explore the different types of crypto scams and the ways to avoid them.
Fake Crypto Exchanges:
One of the most common crypto scams is fake crypto exchanges. Scammers set up fake websites that look like legitimate exchanges, and lure users into depositing their funds. They often promise low fees and high returns, which can be tempting to investors. However, once the user deposits their funds, the scammers disappear with the money. To avoid falling victim to fake exchanges, users should always verify the authenticity of an exchange before depositing their funds.
Phishing Scams:
Phishing scams are another prevalent type of #crypto scam. Scammers use emails, social media, or other forms of communication to trick users into giving away their private keys or login credentials. Once they have this information, they can access the victim's crypto #wallet and steal their funds. To avoid #phishing #scams , users should always double-check the authenticity of the communication and avoid clicking on suspicious links.
Ponzi Schemes:
Ponzi schemes are fraudulent investment schemes that promise high returns to investors. The returns are paid out of the capital invested by new investors, rather than from any legitimate profits. The scheme eventually collapses when new investors stop joining, and the scammer disappears with the funds. To avoid Ponzi schemes, users should be wary of any investment opportunity that promises unusually high returns and always do their due diligence before investing.
Initial Coin Offering (ICO) Scams:
Initial Coin Offerings (ICOs) are a popular way for cryptocurrency projects to raise funds. However, they are also vulnerable to scams. ICO scams involve scammers creating fake projects and issuing fake tokens to unsuspecting investors. They often promise high returns and claim to have a revolutionary product, but once the ICO is complete, the scammers disappear with the funds. To avoid ICO scams, users should always research the project and the team behind it before investing.
Fake Cryptocurrency Wallets:
Crypto wallets are used to store and manage cryptocurrencies. However, scammers can create fake wallets that look like legitimate ones, and trick users into depositing their funds. Once the funds are deposited, the scammers disappear with the money. To avoid fake cryptocurrency wallets, users should always download wallets from trusted sources and verify the authenticity of the wallet before depositing any funds.
Conclusion:
In conclusion, crypto scams are a growing concern for investors and traders in the cryptocurrency market. As the market continues to grow, scammers will continue to find new ways to deceive unsuspecting individuals. To avoid falling victim to crypto scams, users should always do their due diligence and be cautious when dealing with unfamiliar platforms or projects. Remember, if an investment opportunity sounds too good to be true, it probably is.
Fake Crypto Exchanges:
One of the most common crypto scams is fake crypto exchanges. Scammers set up fake websites that look like legitimate exchanges, and lure users into depositing their funds. They often promise low fees and high returns, which can be tempting to investors. However, once the user deposits their funds, the scammers disappear with the money. To avoid falling victim to fake exchanges, users should always verify the authenticity of an exchange before depositing their funds.
Phishing Scams:
Phishing scams are another prevalent type of #crypto scam. Scammers use emails, social media, or other forms of communication to trick users into giving away their private keys or login credentials. Once they have this information, they can access the victim's crypto #wallet and steal their funds. To avoid #phishing #scams , users should always double-check the authenticity of the communication and avoid clicking on suspicious links.
Ponzi Schemes:
Ponzi schemes are fraudulent investment schemes that promise high returns to investors. The returns are paid out of the capital invested by new investors, rather than from any legitimate profits. The scheme eventually collapses when new investors stop joining, and the scammer disappears with the funds. To avoid Ponzi schemes, users should be wary of any investment opportunity that promises unusually high returns and always do their due diligence before investing.
Initial Coin Offering (ICO) Scams:
Initial Coin Offerings (ICOs) are a popular way for cryptocurrency projects to raise funds. However, they are also vulnerable to scams. ICO scams involve scammers creating fake projects and issuing fake tokens to unsuspecting investors. They often promise high returns and claim to have a revolutionary product, but once the ICO is complete, the scammers disappear with the funds. To avoid ICO scams, users should always research the project and the team behind it before investing.
Fake Cryptocurrency Wallets:
Crypto wallets are used to store and manage cryptocurrencies. However, scammers can create fake wallets that look like legitimate ones, and trick users into depositing their funds. Once the funds are deposited, the scammers disappear with the money. To avoid fake cryptocurrency wallets, users should always download wallets from trusted sources and verify the authenticity of the wallet before depositing any funds.
Conclusion:
In conclusion, crypto scams are a growing concern for investors and traders in the cryptocurrency market. As the market continues to grow, scammers will continue to find new ways to deceive unsuspecting individuals. To avoid falling victim to crypto scams, users should always do their due diligence and be cautious when dealing with unfamiliar platforms or projects. Remember, if an investment opportunity sounds too good to be true, it probably is.
The Sandbox issues phishing alert for new scam
the company said that an unauthorized third party had accessed an employee’s computer and sent a bogus email to the platform’s users.
Source:blockchainreporter.net
#sandbox #crypto2023 #phishing #scams
the company said that an unauthorized third party had accessed an employee’s computer and sent a bogus email to the platform’s users.
Source:blockchainreporter.net
#sandbox #crypto2023 #phishing #scams
All about phishing scams☠️☠️?
Crypto #phishing scams are a type of online fraud that targets individuals and organizations involved in the cryptocurrency space. These scams are designed to trick people into revealing their sensitive information, such as private keys, #wallet addresses, or login credentials, with the intention of stealing their #Cryptocurrencies or gaining unauthorized access to their accounts.
Phishing scams typically involve the following tactics:
Deceptive Websites🕸️: Scammers create fake websites or clone legitimate cryptocurrency platforms, wallets, or exchanges to trick users into entering their private information.
Phishing Emails📩: Scammers send emails that appear to be from a trusted source, such as a popular cryptocurrency exchange or wallet provider. These emails often contain links to fake websites and may ask recipients to provide their login credentials, private keys, or other sensitive information.
Social Engineering👩💻: Scammers use social engineering techniques to manipulate and deceive individuals into revealing sensitive information. They may impersonate customer support representatives, friends, or family members to gain the victim's trust.
Fake Mobile Apps📱: Scammers create counterfeit mobile applications that mimic legitimate cryptocurrency wallet or exchange apps, which can be downloaded from app stores. These apps can steal login credentials or private keys when used.
Malware☠️: Malicious software can be used to infect a user's computer or device, allowing scammers to steal cryptocurrency-related data or manipulate transactions.
I will be very thankful to myself if you like the information. Hope this information will help you in understanding phishing scams in crypto and also help you in saving yourself from such scams.
#dyor
Crypto #phishing scams are a type of online fraud that targets individuals and organizations involved in the cryptocurrency space. These scams are designed to trick people into revealing their sensitive information, such as private keys, #wallet addresses, or login credentials, with the intention of stealing their #Cryptocurrencies or gaining unauthorized access to their accounts.
Phishing scams typically involve the following tactics:
Deceptive Websites🕸️: Scammers create fake websites or clone legitimate cryptocurrency platforms, wallets, or exchanges to trick users into entering their private information.
Phishing Emails📩: Scammers send emails that appear to be from a trusted source, such as a popular cryptocurrency exchange or wallet provider. These emails often contain links to fake websites and may ask recipients to provide their login credentials, private keys, or other sensitive information.
Social Engineering👩💻: Scammers use social engineering techniques to manipulate and deceive individuals into revealing sensitive information. They may impersonate customer support representatives, friends, or family members to gain the victim's trust.
Fake Mobile Apps📱: Scammers create counterfeit mobile applications that mimic legitimate cryptocurrency wallet or exchange apps, which can be downloaded from app stores. These apps can steal login credentials or private keys when used.
Malware☠️: Malicious software can be used to infect a user's computer or device, allowing scammers to steal cryptocurrency-related data or manipulate transactions.
I will be very thankful to myself if you like the information. Hope this information will help you in understanding phishing scams in crypto and also help you in saving yourself from such scams.
#dyor
⚠️ Crypto Alert: Phishing Scam Loss ⚠️
A little while ago, a trader on the Ethereum chain fell victim to a sophisticated phishing scam, losing a staggering $468,227 in Lido ETH and Coinbase ETH. This incident underscores the importance of vigilance while navigating the crypto markets
Always verify sources and never share your private keys. Stay vigilant, stay informed
#hack #Scam #phishing #Ethereum2024
A little while ago, a trader on the Ethereum chain fell victim to a sophisticated phishing scam, losing a staggering $468,227 in Lido ETH and Coinbase ETH. This incident underscores the importance of vigilance while navigating the crypto markets
Always verify sources and never share your private keys. Stay vigilant, stay informed
#hack #Scam #phishing #Ethereum2024
(@sell9000 )
PSA re: an expensive opsec lesson
At this time I have confirmed that it was a Google login that caused this compromise. An unknown Windows machine gained access about half a day before the attack. It also spoofed the device name, so the notification of the new activity alert (which occurred early morning while I was asleep) appeared similar to devices I normally use (it may have been a calculated gamble for a common device name unless I was specifically targeted).
Upon further investigation, this device is a VPS hosted by #KaopuCloud as a global edge cloud provider that is shared among hacker circles in Telegram, and has been used in the past for #phishing and other malicious activities by shared users.
I do have 2FA enabled, which the user managed to bypass. I have yet to determine exactly how this was achieved, but possibly attack vectors were OAuth phishing, cross site scripting, or man-in-the-middle attack on a compromised site, followed by possible additional #Malware . In fact, apparently #OAuth endpoint attack recently has been reported to hijack user cookie session (https://darkreading.com/cloud-security/attackers-abuse-google-oauth-endpoint-hijack-user-sessions…). Be extremely careful if you have to use Sign In From Google.
Takeaways:
1. Bitdefender sucks, it caught nothing while Malwarebytes caught a bunch of vulnerabilities after the fact.
2. Do not become complacent just because you were moving large figures for years without issues.
3. Never enter a seed, period, no matter what reasonable excuse you give yourself. Not worth the risk, just nuke the computer and start fresh.
4. I'm done with Chrome, stick with a better browser like Brave.
5. Preferably never mix devices, and have an isolated device for crypto activities.
6. Always check the Google Activity alert if you are continuing to use Google based devices or authentication.
7. Turn off extension sync'ing. Or just turn off sync'ing period for your isolated crypto machine.
8. 2FA is clearly not bulletproof, don't become complacent to it.
PSA re: an expensive opsec lesson
At this time I have confirmed that it was a Google login that caused this compromise. An unknown Windows machine gained access about half a day before the attack. It also spoofed the device name, so the notification of the new activity alert (which occurred early morning while I was asleep) appeared similar to devices I normally use (it may have been a calculated gamble for a common device name unless I was specifically targeted).
Upon further investigation, this device is a VPS hosted by #KaopuCloud as a global edge cloud provider that is shared among hacker circles in Telegram, and has been used in the past for #phishing and other malicious activities by shared users.
I do have 2FA enabled, which the user managed to bypass. I have yet to determine exactly how this was achieved, but possibly attack vectors were OAuth phishing, cross site scripting, or man-in-the-middle attack on a compromised site, followed by possible additional #Malware . In fact, apparently #OAuth endpoint attack recently has been reported to hijack user cookie session (https://darkreading.com/cloud-security/attackers-abuse-google-oauth-endpoint-hijack-user-sessions…). Be extremely careful if you have to use Sign In From Google.
Takeaways:
1. Bitdefender sucks, it caught nothing while Malwarebytes caught a bunch of vulnerabilities after the fact.
2. Do not become complacent just because you were moving large figures for years without issues.
3. Never enter a seed, period, no matter what reasonable excuse you give yourself. Not worth the risk, just nuke the computer and start fresh.
4. I'm done with Chrome, stick with a better browser like Brave.
5. Preferably never mix devices, and have an isolated device for crypto activities.
6. Always check the Google Activity alert if you are continuing to use Google based devices or authentication.
7. Turn off extension sync'ing. Or just turn off sync'ing period for your isolated crypto machine.
8. 2FA is clearly not bulletproof, don't become complacent to it.
🚨Trigger Warning for (X)Twitter Users.
💡Here are Some Tips in Spotting Fake #twitter accounts in just few minutes.
I made an example from a Twitter Account from Supra.
"Research is a great skill to craft
and will saved you many times here in #web2 and #web3 ."
#crypto2023 #phishing #cybersecurity
💡Here are Some Tips in Spotting Fake #twitter accounts in just few minutes.
I made an example from a Twitter Account from Supra.
"Research is a great skill to craft
and will saved you many times here in #web2 and #web3 ."
#crypto2023 #phishing #cybersecurity
All You Need To Know To Secure Your Data From Phishing
Phishing measures are becoming increasingly necessary as hackers attempt to steal your personal information and funds online every day.
According to a recent report by Scam Sniffer, in February, about 57,000 victims suffered losses of around $47 million due to crypto phishing scams. They pointed out that “most victims were lured to phishing websites through phishing comments from impersonated Twitter accounts.”
Therefore, to avoid falling into the hands of fraudsters, you need to be able to recognize phishing and know how to protect yourself and your money. In this article, we will discuss this in detail.
Latest Hacker Attack On Exchanges
Cybersecurity company Lookout has announced the disclosure of a new phishing tool called CryptoChameleon. This tool demonstrates a new tactic aimed at some cryptocurrency exchanges such as Binance, Gemini, Coinbase, as well as the US Federal Communications Commission (FCC) via mobile phones. Attackers can create copies of single sign-on (SSO) pages and then use a combination of email and voice calls to obtain user data.
The report notes that CryptoChameleon has attacked employees of the Federal Communications Commission and Binance. In addition, users of Binance, Gemini, ShakePay, and other exchanges were affected. CryptoChameleon uses phone numbers and websites that look legitimate and represent the company’s support service in Gmail, iCloud, Outlook, X, and other services.
Lookout reported that they were able to speak to some of the victims and confirm that a combination of phone calls and messages were used to force the victim to complete the process.
“In one scenario, a victim received an unsolicited phone call that spoofed a real company’s customer support line. The person on the other end of the line was the threat actor, but sounded like a member of the support team from that company.”
Hackers informed the user that their account had been hacked, but they would help them restore it. During a phone conversation with the victim, the attackers would send a message that redirected to a phishing page.
The company’s analysis revealed more than 100 successful phishing attempts and ongoing phishing activity, mostly on Hostwinds, Hostinger, and Russian RetnNet servers. The vast majority of victims are located in the United States.
How Do I Recognize Phishing?
The main goal of phishing is to obtain confidential user information.
Attackers commonly send emails with malicious links on behalf of websites or exchanges. These can be security warnings, account hacking, various surveys, etc. Fraudsters usually emphasize the urgency of action or attract attention by offering a large reward for participation.
Signs that may indicate that the email is fraudulent:
The message uses subdomains, misspelled URLsThe message is written in a way that instills fear or a sense of urgency.The email asks you to confirm personal information, such as financial information or a password.The message is written illiterately and contains spelling and grammatical errors.
There are other verification methods used by companies such as Binance, WhiteBIT, and KuCoin, which have an additional way to verify the authenticity of an email with the Anti-Phishing feature. After activating it, the user has to enter a custom code that will signal that the email came from these companies. After saving the code, every time the user receives a technical email from the exchanges, it will contain this code.
How To Avoid Phishing Scams?
Use strong passwords and enable two-factor authentication: Use a strong and unique password for all accounts. Don’t write them down in an easily accessible place or share them with others. For storing and managing complex passwords, it’s best to use a password manager, such as 1Password, LastPass, Dashlane, and others. Enable two-factor authentication for all accounts to provide an extra layer of security. To do this, you can install a 2FA app on your phone, such as Google Authenticator, Authy, 2FAS, etc.
Don’t ignore update notifications: Security patches and updates are released primarily to address current cyberattack techniques, closing security gaps. Set your software to update automatically to avoid new threats.
Check the website address before entering your information: The URL of a page can often differ from the domain by a single letter and sometimes by case. For example, 1-l, I-l (uppercase “i” and lowercase “l”). It is also not recommended to enter passwords and logins on websites without HTTPS (a lock icon next to it) — it protects the connection and encrypts data.
Do not click on suspicious links: Commonly, scammers use links about winning millions of dollars or gifts as a lure. Therefore, do not click on such links and always check all current sweepstakes and company events.
Summary
Understanding phishing schemes and their signs is the most important thing in the fight against this type of fraud.
By knowing how to recognize harmful attacks and what methods attackers use, users can better protect their personal data. And by following the above recommendations, they can reduce the likelihood of theft.\
#security #phishing #guide
According to a recent report by Scam Sniffer, in February, about 57,000 victims suffered losses of around $47 million due to crypto phishing scams. They pointed out that “most victims were lured to phishing websites through phishing comments from impersonated Twitter accounts.”
Therefore, to avoid falling into the hands of fraudsters, you need to be able to recognize phishing and know how to protect yourself and your money. In this article, we will discuss this in detail.
Latest Hacker Attack On Exchanges
Cybersecurity company Lookout has announced the disclosure of a new phishing tool called CryptoChameleon. This tool demonstrates a new tactic aimed at some cryptocurrency exchanges such as Binance, Gemini, Coinbase, as well as the US Federal Communications Commission (FCC) via mobile phones. Attackers can create copies of single sign-on (SSO) pages and then use a combination of email and voice calls to obtain user data.
The report notes that CryptoChameleon has attacked employees of the Federal Communications Commission and Binance. In addition, users of Binance, Gemini, ShakePay, and other exchanges were affected. CryptoChameleon uses phone numbers and websites that look legitimate and represent the company’s support service in Gmail, iCloud, Outlook, X, and other services.
Lookout reported that they were able to speak to some of the victims and confirm that a combination of phone calls and messages were used to force the victim to complete the process.
“In one scenario, a victim received an unsolicited phone call that spoofed a real company’s customer support line. The person on the other end of the line was the threat actor, but sounded like a member of the support team from that company.”
Hackers informed the user that their account had been hacked, but they would help them restore it. During a phone conversation with the victim, the attackers would send a message that redirected to a phishing page.
The company’s analysis revealed more than 100 successful phishing attempts and ongoing phishing activity, mostly on Hostwinds, Hostinger, and Russian RetnNet servers. The vast majority of victims are located in the United States.
How Do I Recognize Phishing?
The main goal of phishing is to obtain confidential user information.
Attackers commonly send emails with malicious links on behalf of websites or exchanges. These can be security warnings, account hacking, various surveys, etc. Fraudsters usually emphasize the urgency of action or attract attention by offering a large reward for participation.
Signs that may indicate that the email is fraudulent:
The message uses subdomains, misspelled URLsThe message is written in a way that instills fear or a sense of urgency.The email asks you to confirm personal information, such as financial information or a password.The message is written illiterately and contains spelling and grammatical errors.
There are other verification methods used by companies such as Binance, WhiteBIT, and KuCoin, which have an additional way to verify the authenticity of an email with the Anti-Phishing feature. After activating it, the user has to enter a custom code that will signal that the email came from these companies. After saving the code, every time the user receives a technical email from the exchanges, it will contain this code.
How To Avoid Phishing Scams?
Use strong passwords and enable two-factor authentication: Use a strong and unique password for all accounts. Don’t write them down in an easily accessible place or share them with others. For storing and managing complex passwords, it’s best to use a password manager, such as 1Password, LastPass, Dashlane, and others. Enable two-factor authentication for all accounts to provide an extra layer of security. To do this, you can install a 2FA app on your phone, such as Google Authenticator, Authy, 2FAS, etc.
Don’t ignore update notifications: Security patches and updates are released primarily to address current cyberattack techniques, closing security gaps. Set your software to update automatically to avoid new threats.
Check the website address before entering your information: The URL of a page can often differ from the domain by a single letter and sometimes by case. For example, 1-l, I-l (uppercase “i” and lowercase “l”). It is also not recommended to enter passwords and logins on websites without HTTPS (a lock icon next to it) — it protects the connection and encrypts data.
Do not click on suspicious links: Commonly, scammers use links about winning millions of dollars or gifts as a lure. Therefore, do not click on such links and always check all current sweepstakes and company events.
Summary
Understanding phishing schemes and their signs is the most important thing in the fight against this type of fraud.
By knowing how to recognize harmful attacks and what methods attackers use, users can better protect their personal data. And by following the above recommendations, they can reduce the likelihood of theft.\
#security #phishing #guide
"Crypto phishing attacks rose by 40% in 2022, reaching over 2 billion attempts, warns Kaspersky Lab. Fraudsters use fake websites and messages to trick investors into sharing private keys and accessing their crypto wallets." #cryptocurrency #phishing #cybersecurity
What an #unlucky guy!
He got 275,700 $LINK ($4.42M) stolen by a #phishing #attack .
This guy accumulated 290,750 #LINK ($2.26M) at $7.8 from #exchanges between Jun 7, 2022, and Oct 14, 2023, a profit of nearly ~$2.4M currently.
Unfortunately, he accidentally clicked on the phishing link and was deceived into signing the approval transaction.
Ultimately, he lost a profit of $2.4M and a cost of $2.26M, a total loss of $4.66M!
He got 275,700 $LINK ($4.42M) stolen by a #phishing #attack .
This guy accumulated 290,750 #LINK ($2.26M) at $7.8 from #exchanges between Jun 7, 2022, and Oct 14, 2023, a profit of nearly ~$2.4M currently.
Unfortunately, he accidentally clicked on the phishing link and was deceived into signing the approval transaction.
Ultimately, he lost a profit of $2.4M and a cost of $2.26M, a total loss of $4.66M!
Önemli Güncelleme🏮
Fonlarınızı kaybetmeden önce bu gönderiyi kontrol edin.
Boğa piyasası yaklaşırken, şu anda kripto alanında devam eden kimlik avı dolandırıcılığına dikkat edin. Birçok dolandırıcı, bu piyasa değerlenmesini kullanarak şüphelenmeyen yatırımcılara kimlik avı e-postaları ve tokenler gönderiyor.
• Kimlik avı dolandırıcılığı nedir?
Kimlik avı dolandırıcılıkları, bireyleri kullanıcı adları, şifreler veya finansal detaylar gibi hassas bilgileri ifşa etmeye yönelik kandırmaya çalışan aldatıcı girişimlerdir. Genellikle sahte e-postalar, mesajlar veya web siteleri aracılığıyla gerçekleştirilen bu dolandırıcılıklar, sıklıkla meşru kurumları taklit eder.
• Kurban olmamak için yapmanız gerekenler:
Bilinmeyen bağlantılara tıklamayın ve gelen mesajlarda, alışılmadık gönderici adresleri, yazım hataları veya hassas bilgi talepleri gibi kırmızı bayrakları arayın.
İki faktörlü doğrulama gibi ek bir koruma katmanı ekleyerek, taleplerin meşruiyetini resmi kanallar aracılığıyla doğrulayın.
Cüzdanınızda beliren rastgele tokenleri veya NFT'leri satmaya çalışmayın.
Ticaret ve cüzdanla ilgili etkinlikler için özel bir telefon veya PC'niz olsun.
Unutmayın: Cömert bahşişleriniz ❤️, daha değerli içerikler paylaşmamıza güç verecek.
#HotTrends #Write2Earn #phishing #cryptoonline
Fonlarınızı kaybetmeden önce bu gönderiyi kontrol edin.
Boğa piyasası yaklaşırken, şu anda kripto alanında devam eden kimlik avı dolandırıcılığına dikkat edin. Birçok dolandırıcı, bu piyasa değerlenmesini kullanarak şüphelenmeyen yatırımcılara kimlik avı e-postaları ve tokenler gönderiyor.
• Kimlik avı dolandırıcılığı nedir?
Kimlik avı dolandırıcılıkları, bireyleri kullanıcı adları, şifreler veya finansal detaylar gibi hassas bilgileri ifşa etmeye yönelik kandırmaya çalışan aldatıcı girişimlerdir. Genellikle sahte e-postalar, mesajlar veya web siteleri aracılığıyla gerçekleştirilen bu dolandırıcılıklar, sıklıkla meşru kurumları taklit eder.
• Kurban olmamak için yapmanız gerekenler:
Bilinmeyen bağlantılara tıklamayın ve gelen mesajlarda, alışılmadık gönderici adresleri, yazım hataları veya hassas bilgi talepleri gibi kırmızı bayrakları arayın.
İki faktörlü doğrulama gibi ek bir koruma katmanı ekleyerek, taleplerin meşruiyetini resmi kanallar aracılığıyla doğrulayın.
Cüzdanınızda beliren rastgele tokenleri veya NFT'leri satmaya çalışmayın.
Ticaret ve cüzdanla ilgili etkinlikler için özel bir telefon veya PC'niz olsun.
Unutmayın: Cömert bahşişleriniz ❤️, daha değerli içerikler paylaşmamıza güç verecek.
#HotTrends #Write2Earn #phishing #cryptoonline
FBI Warns of Account Hijackers Targeting NFT and Crypto Enthusiasts ✉️
The FBI issued a warning about criminals #hijacking social media accounts and posing as legitimate figures in the NFT and crypto space.
These fraudsters promote new NFT releases with urgent phrases and share #phishing links to spoofed websites. Victims are tricked into connecting their wallets to claim NFTs but end up losing their funds to drainer smart contracts.
Even without wallet connection, people have reported losing valuable NFTs due to spoofed websites, with #malware or hidden wallet links suspected as possible causes.
Google's search results also featured fake NFT marketplaces, aggravating the problem. The FBI urged vigilance and advised vetting websites before clicking on them to safeguard against such scams.
#Binance
#crypto2023
The FBI issued a warning about criminals #hijacking social media accounts and posing as legitimate figures in the NFT and crypto space.
These fraudsters promote new NFT releases with urgent phrases and share #phishing links to spoofed websites. Victims are tricked into connecting their wallets to claim NFTs but end up losing their funds to drainer smart contracts.
Even without wallet connection, people have reported losing valuable NFTs due to spoofed websites, with #malware or hidden wallet links suspected as possible causes.
Google's search results also featured fake NFT marketplaces, aggravating the problem. The FBI urged vigilance and advised vetting websites before clicking on them to safeguard against such scams.
#Binance
#crypto2023
1. #CertiK Skynet warns against fake Rocket Pool #phishing site: CertiK Skynet issued an alert about a #fraudulent website (hxxps://dao-rocketpool.net/) pretending to be Rocket Pool and linked to known scammers.
2. Caution urged to protect assets and personal information: Users are strongly advised not to interact with the fake site to safeguard their digital #assets and avoid potential financial loss and identity theft.
3. Prevention measures to counter phishing attacks: CertiK Skynet reminds users to be vigilant by verifying website addresses, avoiding suspicious links, and ensuring they only engage with legitimate #platforms to minimize the risk of falling prey to phishing tactics.
2. Caution urged to protect assets and personal information: Users are strongly advised not to interact with the fake site to safeguard their digital #assets and avoid potential financial loss and identity theft.
3. Prevention measures to counter phishing attacks: CertiK Skynet reminds users to be vigilant by verifying website addresses, avoiding suspicious links, and ensuring they only engage with legitimate #platforms to minimize the risk of falling prey to phishing tactics.
via Zachxbt on X
#phishing emails are currently being sent out that appear to be from #Cointelegraph , #WalletConnect , #TokenTerminal and #DeFi team emails.
~$580K has been stolen so far
0xe7D13137923142A0424771E1778865b88752B3c7
#phishing emails are currently being sent out that appear to be from #Cointelegraph , #WalletConnect , #TokenTerminal and #DeFi team emails.
~$580K has been stolen so far
0xe7D13137923142A0424771E1778865b88752B3c7
