Protonmail warning message

@Biskobro It is the best thing to do. Super useful example and advice. If everyone who received the spear phish email would go and get another email regardless if its Tutanota or Proton we all would be safer. There are so many topics we can talk about :)

I have many Proron users that never had an issue. I also got contacted by people asking hi did I get their email and when I tell them LOOK AT THE ORIGINATING EMAIL - they don’t get it.

One person even posted in my thread that he or she is more than sure its coming from me. I think it’s a scam/shills disease because we had some vendors that got blacklisted and those vendors have the emails of you guys, so if you used your email with Vendor that got blacklisted please create another email if you want to have a piece of mind and definitely crate anew one if you got a scammer email.

I feel so terrible that instead of selling and helping I have to worry if  thousands of people would be kind to themselves and use common sense and all precautions to make sure they dare stay safe online.

If someone can’t tell the difference between email name that could be changed daily and email Address (Originating Email Address) that is unique once created and commonly impossible to mirror and use an identical email by an average computer junkie (it can be done, but not to scam some drugs or relatively small amount of money.)

Be safe ya all and email me for any questions.

~ Dante

 
milex said:
Hi,

I'm just wondering if the admin who posted the warning message about protonmail being unsafe to use could elaborate more please?

As a web developer, the issue outlined in the warning makes very little sense. I have a feeling that the admin who issued the message may be the victim of a "man-in-the-browser" attack (MITB). This is caused by malware running on the users local machine, most likely created by someone targeting DBG.

Protonmail uses end-to-end encryption, so the concept of emails being intercepted by a scammer is impossible unless a man-in-the-browser attack is being used or vendors have had their protonmail passwords phished and accounts compromised, but this seems extremely unlikely on a wide scale.

Another possibility could be a data breach and leak of protonmail accounts and passwords, but this would have been widely reported on in the tech community, plus protonmail uses bcrypt to hash user passwords, so passwords being leaked in plain text would be next to impossible even if a data breach had occurred.

I'd recommend using Malwarebytes to scan for MITB malware on your machine.
Click to expand...
Proton has been sending spam so I signed up for tutanota. Takes 24-48 hours to get confirmed. 

 
I had same emails last month too. I think 4 total. I deleted them immediately as I am somewhat familiar with these types of phishing emails. I did change my PW.

 
I still don't understand how I'm getting emails from vends/scammers I didn't even contact at all.. In this case I got a message from Ola.. Many people still assume he is/was the reason for this, but this can't be true.. So if he would be the one with a compromised account, how could the scammer have my address if there never was any contact. It just doesn't make sense for me, but maybe I'm missing something.

And I don't want to spread rumours or so, but if if I remember correctly, this shit started just a few days before a formerly reputable and well known vend got thrown out..

Another point is, that after getting the first few scam mails, I immediately changed addresses and then only shared the new one with two vends. One of them was EM. And well, a few hours later  - more phishing mails..

This and the way he reacted to this thread here makes him very suspicious to me.

So could one of you guys check when they've received the very first email of this kind and confirm if they've ever had contact to the vend mentioned above? Or are there people who never had contact to this guy and got these messages anyway.

As you might notice, this is still bugging me out 😄

 
Last edited by a moderator:
aenima1336 said:
I still don't understand how I'm getting emails from vends/scammers I didn't even contact at all.. In this case I got a message from Ola.. Many people still assume he is/was the reason for this, but this can't be true.. So if he would be the one with a compromised account, how could the scammer have my address if there never was any contact. It just doesn't make sense for me, but maybe I'm missing something.

And I don't want to spread rumours or so, but if if I remember correctly, this shit started just a few days before a formerly reputable and well known vend got thrown out..

Another point is, that after getting the first few scam mails, I immediately changed addresses and then only shared the new one with two vends. One of them was EM. And well, a few hours later  - more phishing mails..

This and the way he reacted to this thread here makes him very suspicious to me.

So could one of you guys check when they've received the very first email of this kind and confirm if they've ever had contact to the vend mentioned above? Or are there people who never had contact to this guy and got these messages anyway?

As you might notice, this is still bugging me out 😄
Click to expand...
I second that with the EM being very suspicious. Thats one thing that got him banned ,that and being completely rude to Staff and Admin.With the right amount of bitcoin any one of us could have that done ,the dnm hackers boards are REAL SHIT and you can hire someone or buy the software to do it yourself.. I'm very familiar with the dnm world 

 
If I understand things correctly. The reasons are unclear but Protonmail seems to have an unknown problem. It's been stated that any Email provider you plan to use precautions need to be taken.

I plan to switch to tutanota Email provider these days 2-FA using Authy or any Authenticator apps and not SMS is essential.

I wonder if part of the problem is that people know that protonmail and tutanota are one of the preferred ways of sending Bitcoin Addresses.

 
Last edited by a moderator:
Just posting this for people still worried about all those crazy emails.....

I got a ton of those "Lock and Load" emails with attachments...I just deleted them. I also changed my email and haven't had any issues even within the same email domain. There are so many possibilities, but what if a vendor was "caught" (thinking of the short-running star, sweet girl who fell off the planet) and wasn't erasing things that should be erased...Also, there are some vendors who may share contact information since they rely on each other for supplies sometimes.

The best thing to do is stop using the email that was compromised, choose your vendors wisely and use time-destroy temp files when giving your mailing address. Then no worries!

I personally like to try out new vendors.....I was stocked and took a long break, but I'm running low. New vendors aren't super busy so it might be a risk, but customer service tends to be top notch and I've had 99.9% success with "starters". Some go down in a short time...some flourish...the reliable ones have been here for years (or will be) and they are trustworthy if they aren't filled up!

 
There have been a lot of theories, but from what I have gathered, this goes beyond our forum and vendors. It is more likely that the members passed it on to the vendors. Obviously some people opened those emails and were deceived into thinking they were legitimate.

Someone who tried to trace the bitcoin chain found that it led to a bitcoin laundering place that makes them untraceable and something about the scam originating in China. We don't know what was hacked. It could be something to do with us purchasing bitcoins and nothing whatsoever to do with vendor lists. I'm thinking that they have some way to search for keywords in emails that indicate some payment is going to be made.

Way too sophisticated for me to understand. I agree with whatever poster said that they targeted Protonmail as a favorite for clandestine activities. Just keep checking those email addresses and thank goodness that there is this one flaw in their scam.

 
@PeaceMaker  @2earls I wish I read your post. I am one of the idiots that clicked on some update and was locked out of my account. They were awesome. They deleted my account and gave me a $44.00 credit.

Thanks for your help even though I received too late!

Good meeting you

Heavenlee

 
Last edited by a moderator:
Just to update this thread, I want members to know that this is still happening every once in awhile, but not with the former frequency. 

There was one incident where our safety measure of checking the email address for a mistake wouldn't have worked, it came from the exact same email address. This was a bit scary. After hearing about it I wrote to the vendor email in question and I also received a scammer reply. When I didn't respond to it, they tried emailing me again to get me to order. That particular email is no longer listed here.

The only other tip I can give is that the responses from the scammer are always going to be short and impersonal and REMEMBER they hijack the conversation thread so it may start out normally with your vendor chatting as usual, it's the one you get after asking for payment info that will be where they sneak in. They push bitcoin for payment  (obviously a  red flag if it's a Mexican vendor as they don't take them with the exception of Leslie).

And lastly if bitcoin is your normal payment method with your vendor you can always try to get a confirmation like checking the wallet # by reading the first half of numbers and having the vendor read the second half  (along with something that indicates it's really them). Tell them a nickname or whatever you can think of; code word, whatever. Especially if it's a large purchase a little extra precaution could save a lot.

 
@2earls i was told to reach out to u but cant figure out how to sent a pm. Any help would be appreciated 

 
Is there anyone fluent in the darkweb?  There are places where email addresses like this are sold so it would be fairly easy to check for compromised vendor addresses.

 
@Clarissa you are welcome to come visit anytime I need you and @DoomKitty @Whoopiegoldburgg222 to help me to be educated on anything pc related. Or maybe keep my husband off our router not sure yet. Sorry was hurt @Akup7ich I feel your pain I have the same thing as you shoulder and ACL surgery it is hellish. My pug knocked me down my basement stairs. I hurt everywhere but Mr. PUG is perfectly fine. And he is supposed to be my emotional support dog he is getting an F this month! Welcome @Clarissa and good to be back still in bed. 

 
I second that. If anyone can help me access the DN I’d appreciate it.

ill never leave here but maybe we can get some insight on the subject.

 
It's unknown who opened the first link. It could have been a customer or a vendor and once that person contacted someone else then it moved along the trails of contacts. Several people have tried to trace it without success, both using the "fake" email addresses and the bit coin addresses.

We may never know how it started, but what is important is that it continues to go on. At a slower pace, but there are still reports of Mexican vendors asking for bitcoin payment and I still get the obvious phishing emails from time to time. 

Just keep checking that your payment info emails are coming from your vendors correct address. That will keep you safe 99% of the time. If you get an email that doesn't match, try to make conversation with the vendor. These scammers can't talk much other than to say "we are having a problem with the usual payment method ".

 
Anyone else get a email from proton support saying within the next week there will be a NEW upgraded version of proton and you will be directed there to sign in to the NEW proton mail . Then it says if you rather the older version you have to go to old proton ..... and sign in ... Is this for mobile proton users to??? Lmk if you're receiving the same email please so another proton scam doesn't happen . I'm pretty sure it's the real deal but let's all know for sure for the safety our community...

Regards

 
@Biskobro I have received the same email. I know it's legit because it's starred in my inbox. However, I like the way proton looks right now so I probably won't go to the upgraded version. 

 
Yeah I received this email as well just a little earlier. Hopefully it’s nothing serious like a scam or anything like that and is just a legit message for an upgrade. I’ll stay with how proton is now anyway. 

 
You must log in or register to reply here.
Drugbuyersguide Shoutbox
  1. xenxra @ xenxra: maybe
  2. rosetrip33 @ rosetrip33: Hey anyone there
  3. LatsDoodis @ LatsDoodis: @Dr-Octagon “I got a hoe named reel to reel, she got a buddy named SP12 now you know the deal… Mo’ money, mo’ money for the bank roll / Stick to the script, don’t slip in the ’94”
  4. xenxra @ xenxra: or i guess you could just DM them on here
  5. xenxra @ xenxra: @robert1975 prob just shoot admin a msg with contact button at bottom of site
  6. rockychoc @ rockychoc: @xnxra hahahaha
  7. R @ robert1975: @xenxra my username man.... my handle, username.
  8. xenxra @ xenxra: what kind of handle? there are several types of interior and exterior door handles such as pull-out handles, push-down handles, pull-up handles, trigger handles, and touch handles.
  9. R @ robert1975: Can anyone tell me how I change my handle?
  10. C @ Cruzing: Hey guys whats up?
  11. P @ peanut: Good weekend to all. Enjoy the rest of summer.
  12. BobbyDigi33 @ BobbyDigi33: Just a friendly reminder, gratitude is literally a super power we all have at our disposal. It's the antidote to depression, anger, envy, lust and other low vibratory states. Have a nice weekend and be grateful today!
  13. QuantumMatrix @ QuantumMatrix: ✌️
  14. QuantumMatrix @ QuantumMatrix: 💀
  15. CnC5 @ CnC5: Lmao 🤣
  16. Z @ zzaps94: Hey guys sorry I misunderstood what does shoutbox was, Hope you guys are all having a great day out there
  17. Dr-Octagon @ Dr-Octagon: The roland 808. Or the hamond b-3 organ
  18. LatsDoodis @ LatsDoodis: What’s the most important drum machine/kit to have changed music and why? I think maybe SP-12 or the 1200, but kinda want to say drumulator or Rhythm Maker King 2 gave us some classic shit.
  19. xenxra @ xenxra: @DocPep yes. just use temp.pm or snote
  20. Terrylolol @ Terrylolol: Hope everyone has a fantastic week!
Back
Top