Silk Road forums
Discussion => Silk Road discussion => Topic started by: Joosy on December 25, 2012, 08:57 am
-
Just a heads up for anyone that happens to use wikipedia to link to SR, also a general heads up to be careful of the actual link to SR. Cleverly set up website "http://silkroadv5p5cbl6.onion" is posted on the SR wikipedia page, username password and pin information posted on the page will be sent to whoever set up the page to steal yo shit.
-
Just a heads up for anyone that happens to use wikipedia to link to SR, also a general heads up to be careful of the actual link to SR. Cleverly set up website "http://silkroadv5p5cbl6.onion" is posted on the SR wikipedia page, username password and pin information posted on the page will be sent to whoever set up the page to steal yo shit.
These mofos never give up, do they? I wonder how many people will fall for it this time?
NC
-
I just fell for it, my account info got changed >:( . I had a thousand bucks from a previous scammer in resolution , now this ... fml ... is there anyway to recover it or am I fucked?
-
I just fell for it, my account info got changed >:( . I had a thousand bucks from a previous scammer in resolution , now this ... fml ... is there anyway to recover it or am I fucked?
You're fucked.
-
I just fell for it, my account info got changed >:( . I had a thousand bucks from a previous scammer in resolution , now this ... fml ... is there anyway to recover it or am I fucked?
Unfortunately, BlarghRawr is correct. Once you have given the sobs your PIN, along with your userid and password, they have all they need to clean out your account.
I'm not trying to rub it in or anything, but did not the fact that the Silk Road site doesn't ask for your PIN at login, give you a clue that something was up?
NC
-
So this copy cat site would require you to put in your pin before it would allow you to login?
-
how can anyone fall for this? seriously!
all you have to remember is - vb5piz3r
if you can't remember that you need to lay off the drugs
-
Well the thing is the money I had on that account is still in the resolution process, I have 5 days until i wouldv'e gotten the refund. Do I still have a chance of getting my account or money back since the money is still in resolution? I contacted SR support already.... But honestly I didn't think much of it... I was a little drunk and high from celebrating christmas eve with the family.
-
Well the thing is the money I had on that account is still in the resolution process, I have 5 days until i wouldv'e gotten the refund. Do I still have a chance of getting my account or money back since the money is still in resolution? I contacted SR support already.... But honestly I didn't think much of it... I was a little drunk and high from celebrating christmas eve with the family.
Maybe, if you got phished after you made your forum account and your forum-account has the same name as your buyer account.... You can try to convince them, at least. That's worth something, I hope.
-
And for my next trick...
-
To remember the SR link i just write on a txt copy of a Dante Alighieri's book "vb5piz3r" so that i write silkroad before,then copy it and then i write the domain.I write it because it is the hard part to remember,and it doesn't prove for a LE who find it that i'm make business with this website.
-
wow i must say bar the passphrase its a pretty legit looking phishing site
-
seems like the link to Download GPG4Win on the wikipage is infected with something... Suspicious.Cloud.7.EP is the "threat", according to my A-V program. I got this when I tried download through that link.
Since it got blocked by my AV-app I went straight to the gpg4win.org page and downloaded it directly... that file was NOT infected with anything..so looks like the wikipage sure is f*cked
-
mind posting the link to the page u found the fake link plz?
I had a look and its the real link to sr found here
https://en.wikipedia.org/wiki/Silk_road_website
http://silkroadvb5piz3r.onion
-
HA nice. so simple and yet so effective.
cant believe people fall for this shit time after time. i'd of thought a more simple way to not lose your BTC is to not keep them on the website and in a seperate wallet, just in case you are compromised. i personally only ever store my btc on the website for a matter of minutes before they are spent.
-
i'm not a very tech savvy person but i'm gonna try to improve my understanding, so this might seem like a dumb question...
if you create an account and store some sort of trojan file or virus as an attachment to a message on the inbox and name it as something of interest to a scammer, make it something related to PI or passwords etc. Then they access your account through information entered on their phishing site, and they download or opened the attachment? What would happen?
-
omfg i am so angry.
i never leave coins in my account, i just get them in before i make an order.
but what i just lost is 50 transaction stats with 0$ refund rate and a whole lot of connections :(
all of you people making fun of people for falling for this, i bet you fell for marketing scams like Christmas and spent a lot of money on pointless gifts because you felt socially obliged and that if you didn't give in to pagan consumerism you would be immoral.
-
Lets give the scammer some work for his money. I've submitted 10 false users, passwords and pins.
-
good idea, i lost a small drug empire. i'm going to give this fucker 500 fake logins.
-
omfg i am so angry.
i never leave coins in my account, i just get them in before i make an order.
but what i just lost is 50 transaction stats with 0$ refund rate and a whole lot of connections :(
all of you people making fun of people for falling for this, i bet you fell for marketing scams like Christmas and spent a lot of money on pointless gifts because you felt socially obliged and that if you didn't give in to pagan consumerism you would be immoral.
I know you feel bad about losing your account, but its pretty douchey to have a hissy fit and direct your anger at people who buy Christmas presents. How are they to blame? Shouldn't you be mad at the phishers?
Anyway, I'm giving them a bunch of fake log ins so that they're extra busy on Christmas. I'm laughing as I see some guy trying to log in with the screen name "analwarts69"
-
guys see this as a learning lesson, bookmark your shit :-X
-
omfg i am so angry.
i never leave coins in my account, i just get them in before i make an order.
but what i just lost is 50 transaction stats with 0$ refund rate and a whole lot of connections :(
all of you people making fun of people for falling for this, i bet you fell for marketing scams like Christmas and spent a lot of money on pointless gifts because you felt socially obliged and that if you didn't give in to pagan consumerism you would be immoral.
I know you feel bad about losing your account, but its pretty douchey to have a hissy fit and direct your anger at people who buy Christmas presents. How are they to blame? Shouldn't you be mad at the phishers?
Anyway, I'm giving them a bunch of fake log ins so that they're extra busy on Christmas. I'm laughing as I see some guy trying to log in with the screen name "analwarts69"
i was just saying it isn't hard for anyone to fall for a scam, and imo christmas has BECOME a scam for corporations to profit on pagan-inspired over-consumerism. there is nothing wrong with giving meaningful gifts, people should do that all year round. but freaking out and spending money on pointless shit on a certain day seems pointless to me.
and obviously it's frustrating when you lose something like this and people make fun of you, so yeah i had a hissyfit. wasn't directed at everyone, was directed at the people being unsympathetic.
I haven't memorized the URL because i DO have it bookmarked on my normal pc, but i am on a different one atm.
-
I wont book mark, to risky to leave it on my computer for personal reason's. So after this happen, I went and put the links in my emails the right ones and login from there.
I was one of them, but laughed when I knew what happened. I never keep my funds in my SR account anyway, so he didn't get any from me SUCKER HAHAHAHA!!. You live and learn.
-
The form action is this URL:
http://www.tectite.com/hosted/001204/brentbook.com/formmail.php
There's also a reference to tectiteformid bd11a1e3463f77ee364149936a2a84d3.
Just saying in case someone finds this info useful.
Do you think brentbook.com is connected to the phisher?
-
I wont book mark, to risky to leave it on my computer for personal reason's.
Buy a USB thumb drive and copy TrueCrypt onto it, then create an encrypted file that contains TBB and your PGP software, along with a text file with URLs and strong passwords. TrueCrypt can even be set to autorun when you insert the thumb drive.
http://www.truecrypt.org/docs/?s=truecrypt-portable
I think this will be my next tutorial, because there's a big need for secure data storage in the community. Too many people rely on untrustworthy third parties to get the URL.
BTW, storing the SR URL and your password in plaintext on hosted email isn't risk free.
-
Wow. Someone spent a fuckwad of time and money before they generated with such a closely matching hash.
Really though, vb5piz3r, thats all you need to remember to stay safe in that respect.
-
just keeo logging in yourself with vb5piz3r and you will soon be able to memorise it, easier and more secure than relying on links, it's just like memorising a phone number. once you have it stored in your brain you will never forget.
-
It's sad to see some of the people getting phished. Seriously brah, if you have $1k in your SR account you should have memorized the URL by now. The box asking for the PIN is a huge flag right away. Password for logging in, PIN for finance.
-
To remember the SR link i just write on a txt copy of a Dante Alighieri's book "vb5piz3r" so that i write silkroad before,then copy it and then i write the domain.I write it because it is the hard part to remember,and it doesn't prove for a LE who find it that i'm make business with this website.
Do you people seriously struggle with remembering 5piz3r?
It's 6 characters. Just memorize it, it takes a minute and with repeated use it becomes etched into your brain. As I've said in another post - it's a simple URL not the Divine Comedy (funny you now mention Dante).
-
seems like the link to Download GPG4Win on the wikipage is infected with something... Suspicious.Cloud.7.EP is the "threat", according to my A-V program. I got this when I tried download through that link.
Since it got blocked by my AV-app I went straight to the gpg4win.org page and downloaded it directly... that file was NOT infected with anything..so looks like the wikipage sure is f*cked
Thanks for reporting this.
I wonder, what exactly is it going to take to get it through people's heads that using Wikipedia for anything related to Silk Road is a disaster in the making?
NC
-
To remember the SR link i just write on a txt copy of a Dante Alighieri's book "vb5piz3r" so that i write silkroad before,then copy it and then i write the domain.I write it because it is the hard part to remember,and it doesn't prove for a LE who find it that i'm make business with this website.
Do you people seriously struggle with remembering 5piz3r?
It's 6 characters. Just memorize it, it takes a minute and with repeated use it becomes etched into your brain. As I've said in another post - it's a simple URL not the Divine Comedy (funny you now mention Dante).
Yeah, easy as fuck to remember! 5piz3r, I pronounce it five-pyzer in my head.
-
mind posting the link to the page u found the fake link plz?
I had a look and its the real link to sr found here
https://en.wikipedia.org/wiki/Silk_road_website
http://silkroadvb5piz3r.onion
What's happening, is that the editors of Silk Road keep changing the URL back to the correct one, as soon as a phishing link is reported. During the the phishing link is up and active, many people are fooled into using it, and thus get themselves burned. I went to the site last night, ( http://en.wikipedia.org/wiki/Silk_Road_(marketplace) and the phishing link was there. Upon checking again, there is now no link to the Silk Road site.
The fact of the matter is simple -- NO ONE should be using Wikepedia to lookup Silk Road URL information, PERIOD.
NC
-
New people are told to go to Wiki by the videos on YouTube.
Well that is how I got here, lol.
-
The fact of the matter is simple -- NO ONE should be using Wikepedia to lookup Silk Road URL information, PERIOD.
It shouldn't even be there, imo. As shouldn't any videos on Youtube explaining how to get there.
-
everyone go and just write a ton a fake usernames and passwords
-
everyone go and just write a ton a fake usernames and passwords
That actually doesn't sound too bad. Someone should whip up a quick program that automatically fills it the username, password, and PIN with random letters/numbers. Shouldn't be hard at all. You could even use a program that's made for automated processes like this.
I would help out, but honestly if you fall for this then good... no one deserves to be phished (except for SR scammers and LE), but if it happens then it's a good lesson.
-
so glad iv seen this warning! i dont use wiki link anyway and i feel really bad for anyone who has fell for this! fucking robbing bastards!Its like they save this shit for xmas or sumat!!! Iv just give em
username: suckmydick
Password: youfuckingcocksucking
pin: wankersIhopeyou
Captcha: Die
lol i hope they personally review every person who tries this!!
-
That actually doesn't sound too bad. Someone should whip up a quick program that automatically fills it the username, password, and PIN with random letters/numbers. Shouldn't be hard at all. You could even use a program that's made for automated processes like this.
Usernames composed of random strings would be too obvious. There are "random [funny|cool] username generators" though. You could pull usernames from those lists. You would also want to vary the strength of the passwords.
-
how can anyone fall for this? seriously!
all you have to remember is - vb5piz3r
if you can't remember that you need to lay off the drugs
Well said.
-
I've always used it and it's the real url. I think because you posted this and someone took it down and I'm a new computer I couldn't find the url, but I should've made a bookmark right away because what you said is possible
-
New people are told to go to Wiki by the videos on YouTube.
Well that is how I got here, lol.
Let me be honest, YouTube is the very LAST place I would go for information on illegal Darknet sites. There is such a thing as due diligence/research, after all.
If you want to survive, let alone prosper here, you have to pay your dues by learning the ropes. People that are in a hurry and fail to learn what they need to know are the primary victims of two groups: scammers and law enforcement. With the former you stand to lose only lose your money; with the latter, you stand to lose your freedom.
NC
-
New people are told to go to Wiki by the videos on YouTube.
Well that is how I got here, lol.
Let me be honest, YouTube is the very LAST place I would go for information on illegal Darknet sites. There is such a thing as due diligence/research, after all.
If you want to survive, let alone prosper here, you have to pay your dues by learning the ropes. People that are in a hurry and fail to learn what they need to know are the primary victims of two groups: scammers and law enforcement. With the former you stand to lose only lose your money; with the latter, you stand to lose your freedom.
NC
Nicely said NC
-
i've noticed recently that eveytime i log on i have to put my credentials in a few times before it get in, even though i know im using the correct details.
i save all my links, bookmarks PGP keys on a truecrypt hard drive and run tor from the encrypted HDD
when i first started using SR i used to enter wrong password a couple of times on purpose incase its a dodgey link, if i put wrong password in and the site still lets me enter then i know its a jipp(not sure if this would help being safe but its what i do just in case).
-
i've noticed recently that eveytime i log on i have to put my credentials in a few times before it get in, even though i know im using the correct details.
i save all my links, bookmarks PGP keys on a truecrypt hard drive and run tor from the encrypted HDD
when i first started using SR i used to enter wrong password a couple of times on purpose incase its a dodgey link, if i put wrong password in and the site still lets me enter then i know its a jipp(not sure if this would help being safe but its what i do just in case).
That won't protect you. A troll/the shitbag posted a thread about his plans for the next phishing site and the fucker even said that it would test the credentials on SR first before letting someone in/denying them. Bad news, man. You just need to keep your own records of what the link is and that's really all you can do.
-
everyone go and just write a ton a fake usernames and passwords
Someone good at scripting should be able to quickly produce a script to fill in the fake form. You could use a dictionary of common baby names to use as user names.
-
I didn't fall for the phish, but I did learn the hard way that when I update the Tor Browser Bundle, I lose all of my bookmarks. When this happened recently, I had to go find and then bookmark again all the sites I normally use.
Now that I know about this, next time I will export my bookmarks before updating TBB. Afterwards I can import them back in and I won't have to look up the sites or risk accidentally ending up at a phishing site.
-
everyone go and just write a ton a fake usernames and passwords
Exactly what I just did. I logged in like 20 times with bs info. Fuck this scumbag.
-
Had to give them a good one . . .
username : dpr
passphrase : youracunt
pin : 12 21 2012
NCK