Scam Warning
Help protect others by sharing any scam experiences you’ve faced.
OTHER
Bitcoin Scam Incident on eBay – Warning and Prevention
Hello, ChainBounty Community, I recently encountered a classic scam while selling Bitcoin on eBay. I want to share this experience to warn others and help prevent similar fraud. 📌 Incident Overview 1. I encouraged my parents to invest in Bitcoin, and they started selling it on eBay. 2. A buyer made a payment via PayPal, and after confirming the transaction, we sent 1 BTC. 3. About a week later, the buyer claimed they "never received the Bitcoin" and opened a dispute on eBay. 4. This appears to be a classic chargeback scam, where the buyer receives the Bitcoin and then falsely claims non-receipt to get a refund. ⚠️ How to Avoid Similar Scams - Avoid selling Bitcoin on eBay or through PayPal. (Bitcoin transactions are irreversible, but PayPal does not protect digital assets.) - Keep detailed transaction records and store the blockchain transaction ID (TxID). - If a dispute arises, use blockchain transaction proof to defend your case. - Report scams to eBay, PayPal, and relevant authorities immediately. These scams are becoming more frequent, and it’s crucial to stay vigilant. If you have experienced a similar issue or have advice on handling such disputes, please share your insights. Thank you.
SNS
Crypto Airdrop Scam Alert: Beware of Wallet Connection Requests!
Recently, there has been a surge in cryptocurrency theft cases disguised as airdrops in the crypto community. This article aims to explain these risks and provide prevention guidance. Airdrop scams are criminal schemes that promise free tokens or coins to trick users into connecting their wallets, ultimately leading to theft of their cryptocurrency holdings. These scams particularly target new cryptocurrency investors, luring them with promises of free tokens to gain wallet access. # Main types of scams include: Fake profile marketing airdrops: Creating fake accounts impersonating legitimate projects or influencers Phishing website attacks: Creating fake claim websites mimicking legitimate airdrop sites Unauthorized token/NFT drops: Sending unsolicited tokens or NFTs to users' wallets and directing them to fake claim websites !!Warning!! Red flags to watch out for: - Promises of unrealistically high returns or token amounts - Requests for wallet connections or private keys - Unclear or inadequate project documentation - Urgent time limits or FOMO creation - Typos or unusual URLs # Safe participation guidelines: - Verify information only through official channels - Check project team members' real identities and backgrounds - Review community reputation and activity history - Never share private keys or seed phrases - Visit official websites through new browser windows - Double-check URL accuracy repeatedly - Be cautious of unnecessary permission requests # Emergency response protocol if wallet compromise is suspected: 1. Immediately transfer all digital assets to a secure wallet 2. Revoke all connected API keys and permissions 3. Create a new wallet and backup !! Warning !! Legitimate airdrops prioritize protecting users' assets. Don't fall prey to promises of free tokens at the cost of exposing your personal information. Continuous education and vigilance are essential for safe cryptocurrency investing.
New PayPal Scam: Exploiting Legitimate Invoices for Phishing
A new scam method using PayPal has been identified. Unlike typical phishing emails, this scam takes advantage of legitimate PayPal invoices, making it more deceptive and harder to detect. #Scam Overview 1) Receiving an Invoice Email That Appears to Be from PayPal - The email is actually sent from PayPal’s real domain (@paypal.com). - It contains an invoice from ‘Coinbase Inc.’ requesting a payment of $516.99 USD. - A note from the “seller” includes a message instructing the recipient to call a specific phone number to cancel the transaction. 2) The Invoice is Real and Visible on PayPal’s Website - Clicking the "View and Pay Invoice" button redirects the user to the actual PayPal website, where the invoice appears. - This means scammers are sending invoices directly to PayPal users without their consent. 3)Fake Customer Support Number for Further Phishing Attempts - The phone number in the email is similar to, but different from, PayPal’s official support number. - Calling the number results in an automated message before the call disconnects. - This suggests a potential setup for identity theft or further fraudulent attempts. #Precautionary Measures & How to Respond - Always verify suspicious invoices by logging into PayPal directly instead of clicking links in emails. - Never call the number provided in the email—check PayPal’s official website for the correct customer support contact. - Report any fraudulent invoices to PayPal immediately. - Enhance your PayPal security settings to prevent unauthorized invoices. This scam is more sophisticated than typical phishing attempts, as it uses legitimate PayPal emails and website features to create a false sense of authenticity. Users who receive similar invoices should report them immediately and take steps to strengthen their account security to prevent further attacks.
Bitcoin Scam Using Leaked Password & Email Spoofing
Recently, I received a Bitcoin scam email that attempted to extort money by using my email address and an old leaked password. The scam email falsely claims that my device has been hacked and demands a Bitcoin ransom. 📌 Key Points of the Scam Email 1) Spoofed Sender Address: The email appears to come from my own email address, but this is a spoofing technique used to fake the sender information. 2) Leaked Password: The email includes an old password that was likely compromised in a past data breach. However, my actual email account has not been hacked. 3) Threats & Blackmail: Claims that spyware was installed on my devices and recorded my private activities (such as watching adult content). Threatens to leak these recordings to my friends, family, and colleagues. Demands a Bitcoin payment to prevent the release of this so-called evidence. 4) Bitcoin Payment Demand: The scammer requests $1450 in Bitcoin to be sent to a specific wallet address. 5) Additional Threats: Claims that if I contact the police or delete the email, the supposed videos will be automatically released. Warns against trying to delete or destroy evidence. 🛑 How to Respond ✅ Change Your Password: If the leaked password is still in use, update it immediately. ✅ Enable Two-Factor Authentication (2FA): Strengthen your email security by enabling 2FA. ✅ Ignore & Delete: This is a common scam, and you should never send any money. ✅ Report the Email: Mark it as spam and report it to your email provider (Gmail, Outlook, etc.) or relevant authorities (such as the FTC or cybercrime units). ✅ Check for Data Breaches: Use Have I Been Pwned to check if your email was part of a past data breach and secure your accounts accordingly. 🚨 Final Thoughts This is a classic "sextortion" Bitcoin scam that relies on psychological pressure and fear tactics. While the threats may seem alarming, they are completely false—there is no actual spyware or recorded content. The scammer is simply using old leaked credentials to trick you into paying. Stay vigilant, follow online security best practices, and never fall for these scams! 🚀
Phishing Emails Disguised as Coinbase
I’d like to report a concerning phishing campaign that is actively targeting Coinbase users. Below are the details: 1) Issue Overview: Some users, including myself, are receiving phishing emails disguised as official Coinbase communications. These emails request users to log in through a fraudulent link. 2) Key Concern: Google’s email verification system is incorrectly marking these scam emails as legitimate. As a result, these emails bypass spam filters, significantly increasing their credibility and making them highly dangerous for unsuspecting users. 3) Steps Taken So Far: I’ve contacted Coinbase regarding this issue, and they confirmed that the email address used is not theirs. However, the fact that these phishing attempts are verified as legitimate by Google raises a critical security concern for all affected users. 4) Potential Risk: Users who fall for these scams are at severe risk of losing their funds and personal data. 5) Recommendation: Spread awareness about this phishing campaign. Advise users to double-check email links before logging in and ensure they only use official channels. 6) Request to Coinbase: Please investigate and address this issue as a priority. It’s vital to enhance the detection and prevention of such fraudulent emails.
PayPal Phishing Email Scam Report
Recently, I came across a phishing email scam impersonating PayPal. Below are the main details and characteristics of the email: 1. Sender Information Sender Name: Horrigan OT Instituto Sender Email Address: (Include the suspicious sender email address if available) 2. Email Subject Subscription Invoices_HN37190 3. Key Content The email pretends to be an invoice from PayPal, claiming that the recipient has already paid $380.82. It includes the statement: "Charge is already deducted. Please do not pay again." to reassure the recipient. The invoice lists a purchase for cryptocurrency (0.07973772 Coins) and related Chainblock receiving charges. 4. Suspicious Elements Fake Sender Information: The sender’s email address does not belong to PayPal’s official domain. Unrecognized Transaction: The recipient has no knowledge of this purchase, and it does not appear in their official PayPal account. Fraudulent Support Number: The number (877) 567-4770 provided does not match PayPal’s official customer support. Urgency Tactics: The email urges the recipient to check the attached file immediately, creating unnecessary urgency. 5. Potential Threats The attached file could contain malware or direct users to a phishing website. If recipients contact the provided number or open the file, they risk further financial information theft or monetary loss. 6. Recommended Actions Do not open the email or download any attached files. Verify the transaction by contacting PayPal’s official customer support directly. Report the email, including the full email header information, to PayPal and security organizations.
Analysis of a Crypto Phishing Email and Prevention Tips
Hello, Security Community, I recently came across a phishing email attempting to exploit cryptocurrency users. This case seems to specifically target beginners, and I wanted to share my analysis and prevention tips with you. #Key Characteristics of the Phishing Email 1) Sender (To/From): The email was sent using BCC (blind carbon copy), while the main recipient was a random Yahoo email address. This tactic prevents scam targets from connecting with each other and blocks knowledgeable users from warning potential victims. 2) Sender Details Check: The sender appears to be associated with Tencent QQ, a messaging service, but the address cannot be trusted. While the service itself is legitimate, scammers frequently spoof such addresses to appear credible. 3) Email Content: Vague wording and awkward English phrases: -> Example: "Please use today during the day." -> Such phrasing is likely written by someone unfamiliar with English or generated by an automated spam tool. Unrealistic offers: -> Example: Claims of rewards already in your wallet. Anyone familiar with how cryptocurrency works would immediately recognize this as implausible. 4) Scammer's Goal: To lure victims into clicking a malicious link, leading to ransomware or malware installation. Alternatively, they may try to trick victims into signing a smart contract or stealing their credentials. #Prevention Tips 1) Report and Delete Suspicious Emails Immediately: -> Report the email as phishing, and do not open the contents or click on any links. 2) Perform a Security Check: -> Check if your email address has been part of a data breach. -> If suspicious activity is detected, change your passwords immediately and enable MFA (multi-factor authentication). 3) Never Click on Links in Emails: -> Instead, visit the official website directly to verify any claims or updates. 4) Notify the Service Being Impersonated: -> Report the scam email to the company or service it is pretending to be from so they can take action to protect others. This case highlights a common phishing tactic that can be easily avoided by following basic security practices. Please share this information with others to raise awareness and help prevent further incidents. Thanks
OTHER
Beware of Fake Game Downloads: Scam Targeting Users with Virus Hoaxes
Hi everyone, I want to share my recent experience with a potential scam in hopes of helping others stay vigilant. About a week ago, I downloaded a free game onto my laptop out of curiosity (I know, not the smartest move). Shortly after, I received a creepy email claiming my laptop was infected with a virus. The email even included a screenshot of my laptop’s screen, showing the zip file I downloaded. However, the screenshot seemed suspiciously edited because the file access time didn’t match the actual time I downloaded it. Since then, I’ve been bombarded with emails about suspicious activity on my Facebook, Google, and Apple ID accounts. These emails also appeared on my phone, which made me even more concerned. After looking into it, I realized this was likely a scare tactic used by scammers to intimidate people into taking rash actions. However, I still have a few questions about fully securing my laptop and eliminating any potential malware: What are the best tools or steps to confirm whether my laptop is infected with a virus? Should I be concerned about any data they claim to have extracted? (I only use my laptop for university work.) Is there any chance my other accounts (Facebook, Google, Apple) could actually be compromised? To be safe, I’ve already changed all my passwords to random, secure ones. I’m sharing this to warn others not to fall for similar scams. If you receive emails like this, don’t panic, and take time to investigate. I’d also appreciate any advice from the community on what else I can do to protect myself. Stay safe, everyone!
