Phishers Insert Fake AlphaBay URL on Wikipedia

Cyber-criminals have profited from a phishing scheme by posting a false AlphaBay URL on Wikipedia, redirecting users to a fake AlphaBay platform.

Wikipedia has been the victim of multiple cyber-attacks in recent times, particularly in the last five years.

A large percentage of the schemes aimed at the site have been phishing schemes.

In one of the latest phishing schemes, the cyber criminals posted a false AlphaBay URL to bait internet users into a fake dark web platform.

AlphaBay is the largest dark web platform today and one of the most successful, a predominant reason why this scheme was so profitable.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

The operation is quite simple. Since Wikipedia can be edited by virtually anyone, the criminals keep inserting the fake AlphaBay URL into Wikipedia’s AlphaBay page.

A victim who clicks on the AlphaBay URL is promptly redirected to a fake version of the site.

This tricks them into entering his/her username and password.

Once this happens, the internet criminals have access to the victim’s credentials.

In many cases, the victim is redirected to the authentic AlphaBay market.

As such, they may never be aware that they just gave out their credentials to the fraudsters.

The criminals employ tools such as Scallion to hash out the fake AlphaBay URL making it look similar to the authentic one.

Revealed in a report, the fake AlphaBay URL was pwoah7p6o5e67qul.onion, while the genuine one is pwoah7foa6au2pul.onion.

The immediate visual similarity indicates that an ordinary internet user would not be able to spot the difference at a glance.

This is often the case for many onion URLs since they are randomized.

It is important to note that the fake URL was deleted immediately and the page was taken down permanently.

Unfortunately, for the affected victim in such cases, the internet criminals proceed to steal their accounts and the funds withheld therein.

The funds are typically in the form of digital cryptocurrencies, such as Bitcoin.

The internet criminals can stand to earn tens of thousands of dollars’ worth of Bitcoin with very little effort.

A large percentage of the schemes aimed at the site have been phishing schemes.

Dark web vendors are also liable to attacks through such phishing schemes.

Data breaches involving the vendor accounts are potentially more profitable as they often contain more funds as well as clients’ information.

Client information can be used for secondary attacks, making such incidences more notorious.

Some cyber criminals opt to hold the confidential data ransom in exchange for large sums of money.

Unfortunately, paying the demanded ransom does not always guarantee that the darknet vendors and clients will receive access to their accounts again.

Malicious cybercriminals sometimes put the data for sale even after the victims have paid the requested amounts.

For this reason, internet security experts strongly advise affected parties to avoid paying ransom for data and instead opt for mitigation procedures.

This puts dark web vendors with a reputation to uphold in a tight spot.

They almost always end up paying to avoid losing clients.

Doing so ends up making the schemes highly profitable and attracts even more hackers.

This is an incentive that has been influential in the increasing incidences of cybercrime in the last half-decade.

This latest AlphaBay URL phishing scheme on Wikipedia will definitely not be the last.

Wikipedia has a history with these kinds of phishing campaigns in various forms from 2010 through to 2016.

In some of the cases, the technique was used to spread malware.

In the wake of the AlphaBay URL scheme, Wikipedia’s editor Chris Monteiro was quick to reassure internet users of benefits of the site if it is used properly.

He noted that if the users were more aware of best cybersecurity practices and are vigilant, such hacking campaigns would not be as successful as they are currently.

AlphaBay’s operators also touched on this point, but seemed to be less sympathetic to the victims.

They pointed out the issue of user fallibility.

AlphaBay operators have always advised dark web users to cross-check URLs coming from purported official sources, as they may not always be legitimate.

Crosschecking could have easily saved many dark web users from the AlphaBay URL scheme.

AlphaBay Introduce Anti-Scam Team “ScamWatch”

It is a well-known fact that darknet is teeming with scammers praying on unprotected personal and bitcoin information. While the practice of scamming is generally frowned upon on darknet, there are those who employ the view that one deserves to get scammed if they are “stupidly” careless.

AlphaBay ScamWatchOn the other hand, a darknet marketplace known as AlphaBay has recently implemented a feature in hope of battling scam attempts involving their website. The so-called “ScamWatch” was put in place to browse the AlphaBay URL and search for any suspected scamming attempts. The ScamWatch is made up of three trusted moderators of AlphaBay Market and there are rumors that highly rated community members will have a role in this as well.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

As the feature was being implemented there was a message on AlphaBay’s reddit page explaining the details of ScamWatch and how will it work. They claim that there are three paid “investigators” who are keeping a close eye on any suspicious activity on AlphaBay. The staff of ScamWatch will all keep their standard moderator privileges, but will also be able to delete listings, moderate topics and even make listings physical, but they will not have any role in disputes or forum permission moderation.
AlphaBay ScamWatchThe way in which ScamWatch works is that they will have to watch for suspicious users 24 hours per day and after determining that such a user exists, they will have the ability to freeze said account and prevent the user from withdrawing funds. The freeze of account can last up to 24 hours during which time the administration will review the cause and evidence for taking such action. While part of community believes that instant banning would be a better option, the owner of AlphaBay claims that instant banning could lead to abuse of power and that the 24 hour freeze is a sufficient measure.

While the concerns over this feature giving AlphaBay the ability to freeze all of its accounts and perform a scam themselves are rising, the owner of AlphaBay, alpha02 promises that such things will be carefully watched for and will be punished most severely. In light of this event alpha02 account will be renamed to “Admin” and will be receiving the messages only from staff members. For those who need to contact alpha02 personally, an encrypted message can be sent to somebody from the Staff with the note to be forwarded to “Administration” account.
AlphaBay ScamWatchThere will be an AlphaBay support section implemented and split into three sub-sections: the Bug Reports, the Scam-Reports and the Helpdesk. The ScamWatch will help the Staff in resolving issues from Scam-Reports, while the HelpDesk and the Bug-Reports will be in Staff’s exclusive jurisdiction. Any issues that have sufficient evidence backing them will be handed over to Administration for further investigation.

There was also a message from Trappy_Pandora, a spokesperson of AlphaBay, posted on reddit following the announcement of ScamWatch saying that while SW members might not be the most friendly of people, they are trusted members of AlphaBay who will not abuse their position.

With this latest addition AlphaBay has truly shown that they are stepping up their game when it comes to creating a relatively healthy darknet community. Let’s just hope there are no hidden agendas involved this time.