DOOOH ... They almost got me. (phishing) exodus dot com

  • Release Candidate 6
    Guest:
    We are at a “proposed final” true release candidate with nothing known remaining to be changed or fixed. For the full story, please see this page in the "Pre-Release Announcements & Feedback" forum.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

rfrazier

Well-known member
Sep 30, 2020
569
194
Hi all, I've been away from the forum for a while and I'll have to catch up on all those nifty threads you're posting. Hopefully you've been having / will have happy holidays.

I post this as a public service even though ... o_O ... it's embarrassing.

NEVER assume you're invulnerable to attack.

Did you know that even years of training from @Steve and Leo don't make one cease to be a human, nor do they make you cease to be vulnerable? That training certainly helps though !!!

There is a cryptocurrency wallet site called exodus dot com. I had given them my email but had not actually established a wallet. When I give emails, I use specific addresses targeted to that site. When one comes in with that address, I give it slightly higher credibility because I know I gave the address out.

I got an email, to the proper address, saying a new app (binance I think, I already deleted the email) had been added to my exodus wallet. It said if this wasn't you, terrible things could happen, paraphrasing Jar Jar from Star Wars. OK, I'm joking about that, it just said click here to delete the app if you didn't add it. I don't even have a wallet, just an email address I've given them. But, I do have other cryptocurrency wallets. So, in merely a 478 mS brain fart, I clicked the link. Fortunately, my computer is suitably paranoid for a listener to SN with multiple layers of stuff that make the internet hard and annoying to use, like noscript and ublock origin and others. Something intercepted the request and took me to an intermediate web page that said Hey dude, you're going to a shady dangerous place, would you like to back out? I closed the page and that was the end of it.

But the start of the embarrassment. Have you ever almost had a car wreck because you did or didn't do something? And you say to yourself, that tractor trailer could have turned me into slimy dust? Yeah, that feeling.

So, fellow travelers, never assume you cannot be attacked. All they have to do is suspend your logical brain for 1/2 second. The NEVER CLICK ON LINKS IN EMAILS concept still is good advice although we all know sometimes there are legitimate reasons to do so.

Hope this is useful. Also, if any of you know if exodus dot com has been hacked, please let us know. At the very least, one email that I made up and gave only to them is out in the wild. Just for kicks, I went into the browser settings and made sure exodus dot com cannot run javascript on my system.

May your bits be stable and your interfaces be fast. :cool: Ron
 
Last edited: