PIVX email used for phishing attack on myetherwallet


#1

Received the following email - clicked on myetherwallet.com link and lost half my savings!
Beware!!
Not impressed that my email was obtained from PIVX!!!

You have a new direct message from the PIVX team (pivx.slack.com).
@ethereum-node View in the archives
eth node 9:44 AM, July 14th
To all Ethereum Holders:

Due to the increasing number of phishing attacks and holders requests from the ETH network, we decided to implement Two-factor Authentication on all ETH wallets.

Please visit Myetherwallet.com to upgrade your wallet to the new security level.

Please be aware that you will not be able to access your funds, tokens and wallet anymore if the new security protocol is not implemented.

We are taking this measures to protect both you and our network from phishing and malicious attacks.

Thank you for your cooperation and understanding,

The Ethereum DEV team.


#2

It’s really sad to hear you were hurt, unfortunately there’s been a huge string of these phishing attacks across all slacks. I’m on 9 slacks, and only one hasn’t been hit, the smallest marketcap coin. The thing that’s really malicious is that when you receive the email, it shouldn’t be because they got it from PIVX. If you have the option turned on that slack can send you “occasional notifications” for a server, you get an email for highlights meant to call attention to server, and it’s phrased in this way that sounds fairly believable.

I don’t know any option but perhaps making the slack private, if that would work, and either way it doesn’t make up for having already being hit by a thief :frowning:


#3

you got an email notification from Slack regarding a DM that was sent to you. Slack sent you the email, not the scammer.


#4

Thanx - bloody expensive lesson - so we learn :unamused:


#5

In the course of working out another bug with Slack I informed their team of this occurrence so perhaps they will take a lesson and allow us some better administrative control…

So sorry this happened to you @biltong :disappointed:


#6

Thanx for the feedback poorboy . It’s ok - I’ve moved on. One of those thing you can do nothing about and try and forget asap :smiley:
I see there’s beem other ‘slack’ phishing attacks - not just from PIVX. Definitely a slack problem.


#7

Phishing is a type of online scam where a targeted individual is contacted by email or telephone that appears to be from a legitimate institution asking you to provide sensitive information. These messages usually redirect you to a fake website or otherwise get you to divulge private information. Legally, phishing is a cyber crime where an imitation of the website of a company is created by phishers to cheat users into providing sensitive information.


#8

Can you tell us how to make sites like https://babasupport.org/apple/iphone-error-4005/secure from these phishing attack ???