BitShares Forum

Main => General Discussion => Topic started by: pc on November 09, 2014, 02:32:52 pm

Title: PHISHING WARNING!
Post by: pc on November 09, 2014, 02:32:52 pm
I've seen this twice in the last 30 minutes or so: after clicking on a thread the thread opens and the browser opens an authentication window telling me "To see this message, please confirm your identity".

So be careful everybody.

It happened to me here, for example: https://bitsharestalk.org/index.php?topic=11056.0

Edit: according to the auth window the authentication request stems from http://0x5896d083 - how can I attach a screenshot to this message?
Title: Re: Phishing attempt?
Post by: fluxer555 on November 09, 2014, 02:35:24 pm
It seems to have already infected some members.

The culprit is a false image in people's signatures, directed to a PHP page:
[deleted by admin]

(DO NOT CLICK -- link modified for security reasons)
Title: Re: Phishing attempt?
Post by: fluxer555 on November 09, 2014, 02:37:12 pm
I'm guessing it's this new member 'wmap'. He has this image and only two posts.

This thread is also a repost of a blog post I read a few months ago.
https://bitsharestalk.org/index.php?topic=11157.0
Title: Re: PHISHING WARNING!
Post by: onceuponatime on November 09, 2014, 02:43:49 pm
I'm getting that on two different computers. I am not tech savvy enough to know what is causing it, but I am savvy enough to close it without inputting any information.
Title: Re: PHISHING WARNING!
Post by: hadrian on November 09, 2014, 02:49:48 pm
I'm getting that on two different computers. I am not tech savvy enough to know what is causing it, but I am savvy enough to close it without inputting any information.

I've seen this too. I'm ignorant when it comes to tech. I closed the window using the red cross in the top right (also without inputting). Is there any risk when this is done?
Does anyone know?
Title: Re: PHISHING WARNING!
Post by: fluxer555 on November 09, 2014, 02:51:56 pm
I'm getting that on two different computers. I am not tech savvy enough to know what is causing it, but I am savvy enough to close it without inputting any information.

I've seen this too. I'm ignorant when it comes to tech. I closed the window using the red cross in the top right (also without inputting). Is there any risk when this is done?
Does anyone know?

You should be OK as long as you didn't enter any info.

I just sent a PM to tonyk and bitsapphire. I hope this is taken care of soon.
Title: Re: PHISHING WARNING!
Post by: liondani on November 09, 2014, 03:10:38 pm
Same problem: with me !
I make a new post with new title to be sure more members will see it!

(http://3.bp.blogspot.com/-daZEuINZIrE/VF-DeAlS0VI/AAAAAAAADOc/LrSleh5ZkaA/s1600/authentication_forum.png)
Title: Re: PHISHING WARNING!
Post by: Akado on November 09, 2014, 03:30:25 pm
The first time i closed it but the second time i got distracted and actually gave my forum log in, which is completely different from all my other passwords. Am i still at risk? :/
Title: Re: PHISHING WARNING!
Post by: fluxer555 on November 09, 2014, 03:32:54 pm
Akado, you are infected. Please change your password, and remove the image added to your signature!

If it is different than all your other passwords, you should be safe if you do these two things.
Title: Re: PHISHING WARNING!
Post by: Akado on November 09, 2014, 03:37:51 pm
I've changed the password (although it's different from the rest), however, I don't see the image at the moment. Did admins remove it?
Title: Re: PHISHING WARNING!
Post by: liondani on November 09, 2014, 03:44:52 pm
could we be at risk even if we haven't gave our info? Is like a virus loaded on memory or only phishing attempt?

Sent from my ALCATEL ONE TOUCH 997D

Title: Re: PHISHING WARNING!
Post by: liondani on November 09, 2014, 03:49:09 pm
bytemaster answered here https://bitsharestalk.org/index.php?topic=11161.0

Sent from my ALCATEL ONE TOUCH 997D

Title: Re: PHISHING WARNING!
Post by: liondani on November 09, 2014, 03:59:46 pm
official bitssaphire statement here:
https://bitsharestalk.org/index.php?topic=11163.0

Sent from my ALCATEL ONE TOUCH 997D

Title: Re: PHISHING WARNING!
Post by: fluxer555 on November 09, 2014, 04:05:19 pm
I've changed the password (although it's different from the rest), however, I don't see the image at the moment. Did admins remove it?

It seems the mods must have taken care of your signature.

could we be at risk even if we haven't gave our info? Is like a virus loaded on memory or only phishing attempt?

I believe it was only a phishing attempt. No virus, other than possibly adding a PHP image to your signature which would propagate itself.
Title: Re: PHISHING WARNING!
Post by: fuzzy on November 09, 2014, 05:14:02 pm
 +5%
Title: Re: PHISHING WARNING!
Post by: sumantso on November 09, 2014, 05:39:26 pm
Can the admins/BM confirm that our personal computers are not affected? What about other tabs open? I had Bter window open, amongst others.
Title: Re: PHISHING WARNING!
Post by: chryspano on November 09, 2014, 06:09:07 pm
All I know is that in my windows computer with
Microsoft Security Essentials
Malwarebytes Anti-Exploit Free
Malwarebytes Anti-Malware Premium I saw no warning messages. Full scans didn't find anything.
Title: Re: PHISHING WARNING!
Post by: xeroc on November 09, 2014, 10:05:51 pm
All I know is that in my windows computer with
Microsoft Security Essentials
Malwarebytes Anti-Exploit Free
Malwarebytes Anti-Malware Premium I saw no warning messages. Full scans didn't find anything.
looool ;)