Phishers Insert Fake AlphaBay URL on Wikipedia

Cyber-criminals have profited from a phishing scheme by posting a false AlphaBay URL on Wikipedia, redirecting users to a fake AlphaBay platform.

Wikipedia has been the victim of multiple cyber-attacks in recent times, particularly in the last five years.

A large percentage of the schemes aimed at the site have been phishing schemes.

In one of the latest phishing schemes, the cyber criminals posted a false AlphaBay URL to bait internet users into a fake dark web platform.

AlphaBay is the largest dark web platform today and one of the most successful, a predominant reason why this scheme was so profitable.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

The operation is quite simple. Since Wikipedia can be edited by virtually anyone, the criminals keep inserting the fake AlphaBay URL into Wikipedia’s AlphaBay page.

A victim who clicks on the AlphaBay URL is promptly redirected to a fake version of the site.

This tricks them into entering his/her username and password.

Once this happens, the internet criminals have access to the victim’s credentials.

In many cases, the victim is redirected to the authentic AlphaBay market.

As such, they may never be aware that they just gave out their credentials to the fraudsters.

The criminals employ tools such as Scallion to hash out the fake AlphaBay URL making it look similar to the authentic one.

Revealed in a report, the fake AlphaBay URL was pwoah7p6o5e67qul.onion, while the genuine one is pwoah7foa6au2pul.onion.

The immediate visual similarity indicates that an ordinary internet user would not be able to spot the difference at a glance.

This is often the case for many onion URLs since they are randomized.

It is important to note that the fake URL was deleted immediately and the page was taken down permanently.

Unfortunately, for the affected victim in such cases, the internet criminals proceed to steal their accounts and the funds withheld therein.

The funds are typically in the form of digital cryptocurrencies, such as Bitcoin.

The internet criminals can stand to earn tens of thousands of dollars’ worth of Bitcoin with very little effort.

A large percentage of the schemes aimed at the site have been phishing schemes.

Dark web vendors are also liable to attacks through such phishing schemes.

Data breaches involving the vendor accounts are potentially more profitable as they often contain more funds as well as clients’ information.

Client information can be used for secondary attacks, making such incidences more notorious.

Some cyber criminals opt to hold the confidential data ransom in exchange for large sums of money.

Unfortunately, paying the demanded ransom does not always guarantee that the darknet vendors and clients will receive access to their accounts again.

Malicious cybercriminals sometimes put the data for sale even after the victims have paid the requested amounts.

For this reason, internet security experts strongly advise affected parties to avoid paying ransom for data and instead opt for mitigation procedures.

This puts dark web vendors with a reputation to uphold in a tight spot.

They almost always end up paying to avoid losing clients.

Doing so ends up making the schemes highly profitable and attracts even more hackers.

This is an incentive that has been influential in the increasing incidences of cybercrime in the last half-decade.

This latest AlphaBay URL phishing scheme on Wikipedia will definitely not be the last.

Wikipedia has a history with these kinds of phishing campaigns in various forms from 2010 through to 2016.

In some of the cases, the technique was used to spread malware.

In the wake of the AlphaBay URL scheme, Wikipedia’s editor Chris Monteiro was quick to reassure internet users of benefits of the site if it is used properly.

He noted that if the users were more aware of best cybersecurity practices and are vigilant, such hacking campaigns would not be as successful as they are currently.

AlphaBay’s operators also touched on this point, but seemed to be less sympathetic to the victims.

They pointed out the issue of user fallibility.

AlphaBay operators have always advised dark web users to cross-check URLs coming from purported official sources, as they may not always be legitimate.

Crosschecking could have easily saved many dark web users from the AlphaBay URL scheme.

New Phishing Scam Aimed at AlphaBay Users

alpha-bay-market (2)An Alpha Bay Market user has raised concern about his inability to login into the site, the user’s password gets always rejected despite being correct. He was left confused on what was happening; first thinking that the site was down temporarily then later alluding maybe admin could be scamming some customers by altering their passwords and pin numbers.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

However, things were not always negative for him since before digital orders went through normally. As a novice on Alpha Bay Market, most deliveries were completed successfully though he still admits being a bit skeptical about physical delivery of goods. Nonetheless, he was happy receiving his deliveries even though others didn’t work.

As time went by, he started placing larger orders with more bitcoins but suddenly his password began failing for no good reason. The user tried to recover it using a verse and pin but still it showed error, so he was left with no other option but to contact Alpha Bay Market support for assistance. The user says he can readily verify the account if needed by providing the last password digits and pin, though hoping admin hasn’t changed them yet.

The users account contains information about every BTC deposits and addresses, wherewith every order placed and disputed can be checked for reference sake. The user has waited for the marketplace to reply and hopeful that they’ll do so soon. Otherwise, if there are any delays he may assume it’s a scam and people are advised to be alert. The user has also requested anyone with information on what’s happening to let him know.

According to the moderator, if his password and PIN have been changed then chances are high it could be a phishing scam. Alpha Bay Market does not ask account users for PIN when they log in. The user was asked whether he had enabled 2FA protection on his account, to which he answered no. Without two-factor authentication, online users are more susceptible to hacking and phishing; hence, people are advised to install it before opening accounts particularly on the dark web.

login_buttonDespite having all the necessary details, the user is still unable to login, and this is causing him anxiety since there are many pending orders. The moderator has asked if he has his recovery neumonic. There’s a slim possibility it can work in getting his account up and running again. Additionally, the support team will require neumonic so as to verify account details. According to the moderator, it seems like he was phished and advised to enable 2FA protection on new accounts he will create.

The moderator has logged into Alpha Bay Market, only to verify later that no announcements about downtime had been made on the forums; hence, increasing the likelihood that the user was indeed phished. He told the user that he hoped that he didn’t give off his login details.

The users issue has not yet been solved and each time he tries logging in, an “Authentication failed” message shows up. According to him, he welcomes any suggestions or solutions that may prove helpful.

Common Phishing Techniques And How To Avoid Them

anthem-breach-phishing-attack-cited-showcase_image-1-a-7895Many AlphaBay users have been phished before, losing money or having their BTC balance disappear without a trace.

==> Click here for the AlphaBay Guide and AlphaBay URL <==

AlphaBay admits that such an experience can be agonizing, but there are certain ways scamming can be prevented to safeguard your money from fraudsters. Nevertheless, since phishing methods have evolved with time, the best defense against phishers remains to be the application of common sense. Some AlphaBay phishing techniques to watch out for include:

Credential stealer, or “locked out after depositing” scam

It’s the most common technique used by fraudsters today. A fellow member sends you unsolicited “dox information” links for approval. While such sites seem like AlphaBay at first sight, they are just proxy domains that can capture your login details, thus giving the phisher access to stored bitcoins. But if there’s no available balance the AlphaBay scammer will record your deposit address, monitoring it for future incoming coins. To prevent this from happening, only use official links and avoid clicking on random referral sites.

PIN stealer

Here, the victim is tricked into following an “exclusive” phishing link that requests for PIN information and mnemonics upon signing up. AlphaBay will never ask for your PIN details if this ever happens then be rest assured that it’s a phishing page. In such cases even changing your password won’t help, mainly because the AlphaBay phisher already has your mnemonic data. You can quickly identify this anomaly by checking for authorized withdrawals made to unrecognizable addresses. This trick can also be prevented by only using the official links. A majority of users have been complaining about this issue, but there’s no way a withdrawal can be approved without one first having a valid web session cookie and PIN. The only reasonable conclusion is that somebody else has your AlphaBay login details.

Special deposit address

what-is-a-phishing-scam-136394107163503901-141103122830In this phishing technique, a person is tricked into following a special phishing link where the scammer will then see your “deposits address,” before copy/pasting it into your bitcoin client page and sending the coins straight to their wallet. Phishers use a special link that fetches data from AlphaBay but then changes on-screen deposit address. The PGP proof of ownership will henceforth not show validity. Some links even show their access key on the contacts page, meaning that users will unknowingly validate the phisher’s address by employing the phisher’s key. This can be avoided by getting the real AlphaBay login key and using it to authenticate stuff.

Withdrawal changer

Though less common compared to the other phishing techniques mentioned here, it can still happen and you should be wary of the risks involved. This scam occurs when you have a computer malware or bitcoin stealer program that alters address information on your clipboard after copy/pasting an address. Some of the phishing links even change the user address after clicking Send, without requiring any form of malware.

Anonymity Newsletter

By signing up to the Anonymity Newsletter you will receive invaluable information about how to remain anonymous online to hide your Deep Web activities. You will also receive the latest news on what is happening on the Darknet Marketplaces and Deep web as well as great resources to use on your journey through the Darknet.

You have Successfully Subscribed!