Call to Action: Help us w/ these Phishers, Please
These phucks will not stop until they stop getting money or get caught. We don't have the time or manpower to do it all. There are so many things to do and watch and document. We thank you for your help.
1. Educate when you see a message
- If you see a link to one of these sites or a fake Token Sale address, comment on it in #general or on Twitter or on Reddit or wherever. Warn people QUICKLY & LOUDLY.
"There are scammers that are DMing, posting links, posting comments, and trying to get you to navigate to fake URLs. DO NOT CLICK IT!" (Yes. People still don't know this. I don't know where they are, obviously not here on reddit).
Remind people: "If it's to good to be true, it probably is."
⚠ PSA! Do NOT click the link or listen to the scammer! That is a phishing site. Always check your URL and/or consider getting a Ledger or TREZOR hardware wallet.
If you have a moment, please report the recent malicious site
myetherwallet[.]su
as phishing to Google via https://safebrowsing.google.com/safebrowsing/report_phish/ and https://safebrowsing.google.com/safebrowsing/report_badware/. If you have IE, do the same via Tools -> Report as Malicious Site so they can't trick anymore people.
2. Educate before you see a message
This is too much for one post so help spread the word: Private keys are private. Use hardware wallets. Use cold storage. Go offline. Check URLs.
Getting a Ledger or Trezor Hardware Wallet is even better.
You can sign transactions offline so your key never touches a phishing site!
Install EAL to block malicious / phishing sites: https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn
Install MetaMask to block malicious / phishing sites & interact with MEW: https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn
Never enter your private keys, passwords, sensitive data on a website that you were sent via message
ONLY unlock your wallet when you want to send a transaction. Check your balance via https://etherscan.io/ or https://ethplorer.io/
Do not trust messages or addresses or URLs sent via private message. Always verify information w/ a secondary source.
Guide on How to Prevent Loss & Theft.
Protips: How not to get scammed (needs cleanup and to be more generic)
3. Report the absolute living daylights out of the malicious URLs
What to do if you see a malicious site or post in the future
Report: https://etherscamdb.info/
PR in malicious domains: https://github.com/409H/EtherAddressLookup/blob/master/blacklists/domains.json
Add malicious non-URLs here: https://github.com/MyEtherWallet/ethereum-lists
Report to Google: https://safebrowsing.google.com/safebrowsing/report_phish/
Report to Google: https://safebrowsing.google.com/safebrowsing/report_badware/
If have IE / Edge, report there: https://support.microsoft.com/en-us/help/930167/how-to-report-a-phishing-web-site
Report any Google Adwords Campaigns here: https://support.google.com/adsense/troubleshooter/1190500?hl=en & https://support.google.com/adwords/answer/176378?hl=en
Spam with fake private keys: https://gist.github.com/kvhnuke/f2e69fd552827a35e8b1a885e5587c1c
Notify host regarding malicious website / DMCA / copyright violation / trademark violation
Notify registrar regarding malicious website / DMCA / copyright violation / trademark violation
Notify SSL Cert Issuer of misuse of cert / malicious / phishing website
Screenshot site / tweets / messages & website & code
Add UA-ID to Spreadsheet & DuckDuckGo Google UA-ID for other sites
Google keywords and see if other sites and repeat above
Help grow / maintain / track here: https://docs.google.com/spreadsheets/d/1ErQGI2elbzVAapLBYzDePV7jqpiDnsJoSlmAlQ9_zno/edit?usp=sharing
Great reporting template / idea of what reporting is like: https://twitter.com/myetherwallet/status/886888683609051136 (if you type this up and send it to me, i'll add it so we don't have to retype later)
I am writing to you today to report a malicious website on your service:
insert_domain_here
. This website is posing as the legitimate sitemyetherwallet.com
. The operators of this malicious phishing website site (insert_domain_here_again
) have added code that steals the private keys of unsuspecting users, sends them insecurely to their own servers in order to steal the users' money. Please stop providing your service to (insert_domain_here_again
) immediately to prevent further theft and protect users. Thank you.
To find their host, whois their info and find the abuse contact
4. Make, share, warn, & help eduate. Things like "how to avoid phishing / badware" a la https://www.google.com/safebrowsing/static/faq.html#q1
Shamelessly steal from the pros:
Other References:
6. Only if you are careful and you really really really are game:
You can use this to spam with fake private keys. OR help develop it more! OR just donate to that developer! (address on the link) https://github.com/MrLuit/MyEtherWalletWhitehat
Help others find whois info, track domains, track emails.
Help us build things, faster. https://github.com/MyEtherWallet/ https://github.com/409H/EtherAddressLookup
Thank you for everything. We literally wouldn't be in this shit situation without you supporting us. ?Kidding—it's all part of this crazy wild adventure called the future. We'll figure it out, but it's better together.