New Phishing Scam Aimed at AlphaBay Users

alpha-bay-market (2)An Alpha Bay Market user has raised concern about his inability to login into the site, the user’s password gets always rejected despite being correct. He was left confused on what was happening; first thinking that the site was down temporarily then later alluding maybe admin could be scamming some customers by altering their passwords and pin numbers.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

However, things were not always negative for him since before digital orders went through normally. As a novice on Alpha Bay Market, most deliveries were completed successfully though he still admits being a bit skeptical about physical delivery of goods. Nonetheless, he was happy receiving his deliveries even though others didn’t work.

As time went by, he started placing larger orders with more bitcoins but suddenly his password began failing for no good reason. The user tried to recover it using a verse and pin but still it showed error, so he was left with no other option but to contact Alpha Bay Market support for assistance. The user says he can readily verify the account if needed by providing the last password digits and pin, though hoping admin hasn’t changed them yet.

The users account contains information about every BTC deposits and addresses, wherewith every order placed and disputed can be checked for reference sake. The user has waited for the marketplace to reply and hopeful that they’ll do so soon. Otherwise, if there are any delays he may assume it’s a scam and people are advised to be alert. The user has also requested anyone with information on what’s happening to let him know.

According to the moderator, if his password and PIN have been changed then chances are high it could be a phishing scam. Alpha Bay Market does not ask account users for PIN when they log in. The user was asked whether he had enabled 2FA protection on his account, to which he answered no. Without two-factor authentication, online users are more susceptible to hacking and phishing; hence, people are advised to install it before opening accounts particularly on the dark web.

login_buttonDespite having all the necessary details, the user is still unable to login, and this is causing him anxiety since there are many pending orders. The moderator has asked if he has his recovery neumonic. There’s a slim possibility it can work in getting his account up and running again. Additionally, the support team will require neumonic so as to verify account details. According to the moderator, it seems like he was phished and advised to enable 2FA protection on new accounts he will create.

The moderator has logged into Alpha Bay Market, only to verify later that no announcements about downtime had been made on the forums; hence, increasing the likelihood that the user was indeed phished. He told the user that he hoped that he didn’t give off his login details.

The users issue has not yet been solved and each time he tries logging in, an “Authentication failed” message shows up. According to him, he welcomes any suggestions or solutions that may prove helpful.

Common Phishing Techniques And How To Avoid Them

anthem-breach-phishing-attack-cited-showcase_image-1-a-7895Many AlphaBay users have been phished before, losing money or having their BTC balance disappear without a trace.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

AlphaBay admits that such an experience can be agonizing, but there are certain ways scamming can be prevented to safeguard your money from fraudsters. Nevertheless, since phishing methods have evolved with time, the best defense against phishers remains to be the application of common sense. Some AlphaBay phishing techniques to watch out for include:

Credential stealer, or “locked out after depositing” scam

It’s the most common technique used by fraudsters today. A fellow member sends you unsolicited “dox information” links for approval. While such sites seem like AlphaBay at first sight, they are just proxy domains that can capture your login details, thus giving the phisher access to stored bitcoins. But if there’s no available balance the AlphaBay scammer will record your deposit address, monitoring it for future incoming coins. To prevent this from happening, only use official links and avoid clicking on random referral sites.

PIN stealer

Here, the victim is tricked into following an “exclusive” phishing link that requests for PIN information and mnemonics upon signing up. AlphaBay will never ask for your PIN details if this ever happens then be rest assured that it’s a phishing page. In such cases even changing your password won’t help, mainly because the AlphaBay phisher already has your mnemonic data. You can quickly identify this anomaly by checking for authorized withdrawals made to unrecognizable addresses. This trick can also be prevented by only using the official links. A majority of users have been complaining about this issue, but there’s no way a withdrawal can be approved without one first having a valid web session cookie and PIN. The only reasonable conclusion is that somebody else has your AlphaBay login details.

Special deposit address

what-is-a-phishing-scam-136394107163503901-141103122830In this phishing technique, a person is tricked into following a special phishing link where the scammer will then see your “deposits address,” before copy/pasting it into your bitcoin client page and sending the coins straight to their wallet. Phishers use a special link that fetches data from AlphaBay but then changes on-screen deposit address. The PGP proof of ownership will henceforth not show validity. Some links even show their access key on the contacts page, meaning that users will unknowingly validate the phisher’s address by employing the phisher’s key. This can be avoided by getting the real AlphaBay login key and using it to authenticate stuff.

Withdrawal changer

Though less common compared to the other phishing techniques mentioned here, it can still happen and you should be wary of the risks involved. This scam occurs when you have a computer malware or bitcoin stealer program that alters address information on your clipboard after copy/pasting an address. Some of the phishing links even change the user address after clicking Send, without requiring any form of malware.

Anonymity Newsletter

By signing up to the Anonymity Newsletter you will receive invaluable information about how to remain anonymous online to hide your Deep Web activities. You will also receive the latest news on what is happening on the Darknet Marketplaces and Deep web as well as great resources to use on your journey through the Darknet.

You have Successfully Subscribed!