phishing

WARNING: MILLIONS VANISHING!

Scam Sniffer uncovers a terrifying trend. January saw a $12.25 million loss from a single copied address error. Last month, another victim lost a staggering $50 million the same way. Signature phishing attacks exploded by 207% in January, costing 4741 victims $6.27 million. This is a silent epidemic draining wallets. Protect your assets NOW.

Disclaimer: This is not financial advice.

#CryptoSecuri #ScamAlert #Phishing #Web3 🚨

Topic#17: Phishing Scams – Fake Links Se Bacho 🚨
Password + 2FA ke baad bhi log phishing ki wajah se hack ho jate hain!
🎣 Phishing kya hota hai?
Fake emails, SMS, ya DMs jo Binance jaise lagte hain,
lekin asal mein aap se login ya codes churaane ke liye hote hain.
🛡️ How to Avoid Phishing:
1️⃣ Kabhi bhi email/SMS ke link se login na karein
Direct Binance app ya official website open karein
2️⃣ Sender ka email address carefully check karein
Fake domains bohat common hain
3️⃣ Login ya 2FA code kabhi share na karein
Binance kabhi bhi code nahi maangta ❌
4️⃣ Anti-Phishing Code ON karein (Binance feature)
🔐 Smart users click nahi karte — verify karte hain!

#Binance #Phishing #ScamAlert #CryptoSafety #StaySafe #BinanceSquare #CyberSecurity #CryptoTips
$BTC $ETH $BNB

⚠️ Hackers Impersonating X Staff to Target Crypto Users — Stay Alert
Hackers have hijacked high‑profile X accounts — including that of Scroll co‑founder Ye Chen — and used them to impersonate official platform staff, sending fake copyright‑violation warnings with malicious links designed to panic victims into clicking. [foxnews.com]
$ONDO
By redesigning the compromised profiles to mimic verified X branding and flooding feeds with reposts from official accounts, attackers made the scam appear legitimate before launching a wave of phishing DMs targeting executives, developers, founders, and investors across the crypto space. [cnbc.com]
$FIL
This pattern follows a broader surge in impersonation‑based social‑engineering attacks, which grew over 1400% year‑over‑year, making it one of the fastest‑expanding threats in the entire crypto ecosystem. [moneycontrol.com]
$XLM
😨🔒 “Trust the content, not the profile.”
📩🚫 “Never click urgent DM links — even from verified accounts.”
🛡️🔍 “In crypto, the first line of security is skepticism.”

#CryptoSecurity #ScamAlert #Phishing #StaySafe

Twenty malicious #npm packages impersonating the #Hardhat #Ethereum✅ development environment have targeted private keys and sensitive data. These packages, downloaded over 1,000 times, were uploaded by three accounts using #typosquatting techniques to trick developers. Once installed, the packages steal private keys, mnemonics, and configuration files, encrypt them with a hardcoded AES key, and send them to attackers. This exposes developers to risks like unauthorized transactions, compromised production systems, #phishing , and malicious dApps.

Mitigation tips: Developers should verify package authenticity, avoid typosquatting, inspect source code, store private keys securely, and minimize dependency usage. Using lock files and defining specific versions can also reduce risks.
$ETH

What's the first thing I do - and You should too - when received an #email from #Binance ?

I check my anti- #phishing code ✅

Did you set it up?

Cheers 🥂

🚨 ALERT: ENS founder Nick Johnson warns of an "extremely sophisticated" Google phishing scam targeting users with fake subpoena notices. 🛑

⚠️ The emails pass DKIM checks and appear as legit Gmail security alerts.

📩 Stay sharp — even your inbox isn’t safe.

#Phishing #Crypto #CyberSecurity #ENS #Web3

Stay #SAFU on X and other socials.

@JasonYanowitz on X narrates his #hack odeal.

I got hacked yesterday. At the risk of looking foolish, I'll share how it happened so you can avoid this nightmare. For the past few weeks, people have been trying to get into my accounts. #Crypto accounts, email, twitter, etc... every few days I get an email that someone is trying to access one of my accounts. Thankfully I have non-text #2FA set up for everything so nothing got hacked. So when I got back from dinner last night and saw this email, I panicked.
Someone in North Cyprus had finally managed to hack into my account. I guess my security wasn't strong enough and they found a loophole.
I clicked the link to "secure my account". I entered my username and password, updated to a new password, and voila: I'm back in. Crisis averted. Or so I thought. Moments later, I got an email saying my email address had been changed.

This was the real hack.

I was now officially locked out of my account. So how did this happen? It turns out the original email, which looks incredibly real, was not so real. Most email clients hide the actual address.
But when you expand it, you can see that this email was sent from "verify@x-notify.com" Fake address. I got phished. Very foolish mistake. I don't open Google Docs when they're sent to me. I don't click links. I typically check addresses. But Friday 8pm after a long week, they got me. I am aware this thread exposes a pretty dumb mistake but if I can save one person from this same mistake, it's worth it.

Some takeaways:
- Don't click links
- If you do click a link, review the actual email address
- Set up non-text 2FA on everything
- If you've done that, trust your own security process
- If you think you've been hacked, slow down and think about how this could have happened
Big thank you to @KeithGrossman and some folks at X for helping me get my account back so quickly.
If you're still reading, go read the self-audit series from @samczsun.
And this best practices from @bobbyong.
Lot more you can do but start there. #phishing

#CryptoScamSurge
La comunidad cripto frente a las estafas: cómo reconocerlas, prevenirlas y actuar.

El auge en los precios de los criptoactivos ha traído consigo un incremento preocupante de fraudes cada vez más elaborados, amenazando la credibilidad del entorno cripto y abriendo la puerta a mayores controles regulatorios.

¿Cómo puede responder el ecosistema cripto?
🔹 Formación continua: Es vital compartir información sobre fraudes como rug pulls, phishing, sorteos engañosos y estafas emocionales. Talleres, hilos educativos y recursos abiertos pueden marcar la diferencia.
🔹 Transparencia real: Impulsar que los proyectos presenten documentación clara, equipos verificables y auditorías disponibles públicamente
🔹 Acción conjunta: Plataformas, billeteras y usuarios deben trabajar unidos compartiendo listas de estafadores y reportando actividades sospechosas.
🔹 Herramientas de análisis: Fomentar el uso de servicios como Token Sniffer o DEXTools para evaluar contratos y tokens antes de invertir.
🔹 Apoyo activo a afectados: Crear espacios donde los usuarios puedan reportar estafas y compartir alertas para evitar que otros caigan.

Principales estafas cripto en 2025
⚠️ Deepfakes: Videos o audios manipulados donde supuestas celebridades promocionan inversiones falsas.
⚠️ Pig Butchering (matanza de cerdos): Estafas emocionales que construyen relaciones falsas para luego robar fondos.
⚠️ Rug pulls y esquemas pump & dump: Proyectos que inflan su valor y desaparecen con el dinero.
⚠️ Phishing y drenado de wallets: Sitios y apps maliciosas diseñadas para robar claves y criptoactivos.
⚠️ Malware en Telegram o mensajes directos: Aplicaciones y bots disfrazados que instalan spyware o extraen datos sensibles.

La mejor defensa sigue siendo el conocimiento y el trabajo en conjunto. Comparte esta información con tu comunidad y no bajes la guardia.

#CriptoEstafasAumen #CriptoSeguridad #BinanceSquare #CriptoEducación #DeFi #phishing #RugPull

🚨 SCAM ALERT: New Fake Customer Support Scams Target Binance Users 🚨

⚠️ Scammers are leveraging face-videos and QR codes to
impersonate official support.

🚫 Stay vigilant and never scan suspicious codes or share personal data with unverified accounts.

#CryptoScam #Phishing #BinanceSecurity #Write2Earn #BinanceSquare

🔐 Hai crypto? Allora devi proteggerle.

Il mercato non perdona chi è distratto. Ecco le 3 basi da conoscere:

1️⃣ Usa un wallet sicuro

Inizia con un non-custodial (es: Metamask, Trust Wallet)

Se investi cifre importanti, valuta un hardware wallet

2️⃣ Mai condividere la seed phrase

Neanche con amici, neanche per scherzo

Scrivila offline. Meglio su carta, in più copie

3️⃣ Occhio al phishing

Non cliccare su link strani

Controlla sempre che il sito sia quello vero

🧠 Le crypto sono libertà, ma richiedono responsabilità.

🔁 Seguimi per imparare a gestirle senza farti fregare.

$BTC

#CryptoSicurezza #SeedPhras #Phishing #CryptoMindset

🚨 WLFI Blacklists 272 Wallets Amid Rising Phishing Threats

World Liberty Financial Inc. (WLFI) has announced the blacklisting of 272 crypto wallets in response to a surge of phishing attacks and wallet compromises.

🔐 WLFI emphasized this move is protective, not punitive—aimed at shielding users from malicious activity, not restricting legitimate trading.

📊 Breakdown of actions:

215 wallets linked to phishing attacks

50 wallets blacklisted at user requests after compromise

5 wallets flagged for high-risk exposure

1 wallet under investigation for misappropriating funds

✅ WLFI assured affected users it is working directly with rightful owners to secure and relocate assets, while maintaining transparency by sharing investigation outcomes publicly.

⚡ Key takeaway: User safety remains the top priority as WLFI strengthens protections against evolving threats in the crypto space.

---

#CryptoSecurity #Phishing #BlockchainSafety #WLF I #CryptoNews

🚨#CyberSecurityAlert: There are now over 2,650 fake DeepSeek phishing sites, with a significant spike since Jan 26.

These sites trick users into revealing login credentials or buying virtual assets through misleading domains and interfaces.

Stay vigilant and double-check URLs! 🛑 #phishing #DeepSeek #CryptoScams

🚨 Cuidado com Phishing!

🎣 Criminosos tentam imitar sites e apps oficiais para roubar seus dados.
✅ Sempre verifique o endereço do site.
✅ Ative a autenticação em 2 fatores (2FA).
❌ Nunca clique em links suspeitos recebidos por e-mail, SMS ou redes sociais.

🔒 Segurança é prioridade: proteja seu acesso e seus criptoativos.

📌 Regra de ouro: se parece estranho, é golpe.

#CriptoSeguro #Phishing #SegurançaDigital #ProtejaSeusAtivos #BitcoinBrasil

Serenity : 🧠 You Are the Final Firewall

A major cyberattack has just compromised over 184 million user credentials, affecting global tech giants including Google, Apple, and Microsoft. The hackers exploited multiple systems and leaked login #data across the dark web — exposing the alarming fragility of password based #security models.

🔐 The attackers broke through every wall – but sAxess ensures there’s one they can’t cross:

Your fingerprint.

✅ No more passwords to steal
✅ No #phishing traps to fall into
✅ No central databases to breach
✅ Your identity, secured by biometrics + blockchain

#Serenity #sAxess isn’t just a wallet. It’s a personal firewall. A biometric, self-custodial solution that removes traditional vulnerabilities and gives you total control over your digital access.

With sAxess, you become the key.

And hackers can’t steal what they can’t replicate.

@Torkelrogstad: Brand new scam technique just dropped: #github bots trying to phish you into downloading #Malware .

Within a minute of creating an issue mentioning the words "seed derivation" and "xpriv", a shady-looking link was posted by a bot.

Stay vigilant, folks! #phishing #Hacked

#PeckShieldAlert
A #phishingscam address labeled "Fake_Phishing442897," which stole $55.4M in #DAI from a whale's account, has swapped 250K $DAI for 102.6 $ETH & transferred them to a new address 0x2751...fC12
The #phishing address currently holds ~$40.5m worth of cryptos, including ~15.18K $ETH , ~2.8M $DAI & ~327.3 $stETH

🔴 ALERTE URGENTE : Le PHISHING par "Autorité Fiscale" revient !

Voici comment protéger votre Crypto.

L'arnaque est de retour : Les escrocs ciblent les détenteurs de crypto en se faisant passer pour des organismes officiels (impôts, banques centrales) ou même des agents de la Banque de France/ACPR (source : actualité du 28/11/2025).
Leur but ? Vous faire paniquer et cliquer sur un lien frauduleux pour "déclarer" ou "régulariser" des transactions crypto. C'est du Phishing pur, visant à voler vos identifiants ou vos fonds.

🛡️ Votre Ligne de Défense IMMÉDIATE :

1. Vérifiez le Domaine : Les organismes officiels n'envoient JAMAIS de SMS ou d'e-mails pour des actions urgentes avec des liens courts. Les adresses légitimes se terminent toujours par un domaine officiel (ex : gouv.fr ou banque-france.fr).

2. Jamais d'Urgence : Toute communication qui exige une action "immédiate" pour éviter une "pénalité" est un drapeau rouge géant. Prenez toujours le temps de vérifier.

3. Accès Direct : Si vous recevez une alerte, n'utilisez pas le lien fourni. Allez directement sur le site officiel (ex: Binance.com ou le portail des impôts) en le tapant vous-même dans votre navigateur.

Protégez-vous : le coût d'un clic est souvent le prix de tout votre portefeuille.
#CryptoSecurite #AlerteScam #Phishing

Según la empresa de seguridad Web3 Scam Sniffer, más de US$127 millones en #Criptomonedas fueron robados a inversores en el tercer trimestre de 2024, con aproximadamente US$46 millones perdidos en septiembre por ataques de phishing.

En los ataques de phishing, los estafadores engañan a los inversores para que vinculen sus billeteras cripto, como #MetaMask , a servicios fraudulentos. La vinculación de las billeteras cripto a sitios web de #phishing permite a los estafadores retirar #criptomonedas de los usuarios sin más autenticación.