Protonmail warning message

@Biskobro It is the best thing to do. Super useful example and advice. If everyone who received the spear phish email would go and get another email regardless if its Tutanota or Proton we all would be safer. There are so many topics we can talk about :)

I have many Proron users that never had an issue. I also got contacted by people asking hi did I get their email and when I tell them LOOK AT THE ORIGINATING EMAIL - they don’t get it.

One person even posted in my thread that he or she is more than sure its coming from me. I think it’s a scam/shills disease because we had some vendors that got blacklisted and those vendors have the emails of you guys, so if you used your email with Vendor that got blacklisted please create another email if you want to have a piece of mind and definitely crate anew one if you got a scammer email.

I feel so terrible that instead of selling and helping I have to worry if  thousands of people would be kind to themselves and use common sense and all precautions to make sure they dare stay safe online.

If someone can’t tell the difference between email name that could be changed daily and email Address (Originating Email Address) that is unique once created and commonly impossible to mirror and use an identical email by an average computer junkie (it can be done, but not to scam some drugs or relatively small amount of money.)

Be safe ya all and email me for any questions.

~ Dante

 
milex said:
Hi,

I'm just wondering if the admin who posted the warning message about protonmail being unsafe to use could elaborate more please?

As a web developer, the issue outlined in the warning makes very little sense. I have a feeling that the admin who issued the message may be the victim of a "man-in-the-browser" attack (MITB). This is caused by malware running on the users local machine, most likely created by someone targeting DBG.

Protonmail uses end-to-end encryption, so the concept of emails being intercepted by a scammer is impossible unless a man-in-the-browser attack is being used or vendors have had their protonmail passwords phished and accounts compromised, but this seems extremely unlikely on a wide scale.

Another possibility could be a data breach and leak of protonmail accounts and passwords, but this would have been widely reported on in the tech community, plus protonmail uses bcrypt to hash user passwords, so passwords being leaked in plain text would be next to impossible even if a data breach had occurred.

I'd recommend using Malwarebytes to scan for MITB malware on your machine.
Click to expand...
Proton has been sending spam so I signed up for tutanota. Takes 24-48 hours to get confirmed. 

 
I had same emails last month too. I think 4 total. I deleted them immediately as I am somewhat familiar with these types of phishing emails. I did change my PW.

 
I still don't understand how I'm getting emails from vends/scammers I didn't even contact at all.. In this case I got a message from Ola.. Many people still assume he is/was the reason for this, but this can't be true.. So if he would be the one with a compromised account, how could the scammer have my address if there never was any contact. It just doesn't make sense for me, but maybe I'm missing something.

And I don't want to spread rumours or so, but if if I remember correctly, this shit started just a few days before a formerly reputable and well known vend got thrown out..

Another point is, that after getting the first few scam mails, I immediately changed addresses and then only shared the new one with two vends. One of them was EM. And well, a few hours later  - more phishing mails..

This and the way he reacted to this thread here makes him very suspicious to me.

So could one of you guys check when they've received the very first email of this kind and confirm if they've ever had contact to the vend mentioned above? Or are there people who never had contact to this guy and got these messages anyway.

As you might notice, this is still bugging me out 😄

 
Last edited by a moderator:
aenima1336 said:
I still don't understand how I'm getting emails from vends/scammers I didn't even contact at all.. In this case I got a message from Ola.. Many people still assume he is/was the reason for this, but this can't be true.. So if he would be the one with a compromised account, how could the scammer have my address if there never was any contact. It just doesn't make sense for me, but maybe I'm missing something.

And I don't want to spread rumours or so, but if if I remember correctly, this shit started just a few days before a formerly reputable and well known vend got thrown out..

Another point is, that after getting the first few scam mails, I immediately changed addresses and then only shared the new one with two vends. One of them was EM. And well, a few hours later  - more phishing mails..

This and the way he reacted to this thread here makes him very suspicious to me.

So could one of you guys check when they've received the very first email of this kind and confirm if they've ever had contact to the vend mentioned above? Or are there people who never had contact to this guy and got these messages anyway?

As you might notice, this is still bugging me out 😄
Click to expand...
I second that with the EM being very suspicious. Thats one thing that got him banned ,that and being completely rude to Staff and Admin.With the right amount of bitcoin any one of us could have that done ,the dnm hackers boards are REAL SHIT and you can hire someone or buy the software to do it yourself.. I'm very familiar with the dnm world 

 
If I understand things correctly. The reasons are unclear but Protonmail seems to have an unknown problem. It's been stated that any Email provider you plan to use precautions need to be taken.

I plan to switch to tutanota Email provider these days 2-FA using Authy or any Authenticator apps and not SMS is essential.

I wonder if part of the problem is that people know that protonmail and tutanota are one of the preferred ways of sending Bitcoin Addresses.

 
Last edited by a moderator:
Just posting this for people still worried about all those crazy emails.....

I got a ton of those "Lock and Load" emails with attachments...I just deleted them. I also changed my email and haven't had any issues even within the same email domain. There are so many possibilities, but what if a vendor was "caught" (thinking of the short-running star, sweet girl who fell off the planet) and wasn't erasing things that should be erased...Also, there are some vendors who may share contact information since they rely on each other for supplies sometimes.

The best thing to do is stop using the email that was compromised, choose your vendors wisely and use time-destroy temp files when giving your mailing address. Then no worries!

I personally like to try out new vendors.....I was stocked and took a long break, but I'm running low. New vendors aren't super busy so it might be a risk, but customer service tends to be top notch and I've had 99.9% success with "starters". Some go down in a short time...some flourish...the reliable ones have been here for years (or will be) and they are trustworthy if they aren't filled up!

 
There have been a lot of theories, but from what I have gathered, this goes beyond our forum and vendors. It is more likely that the members passed it on to the vendors. Obviously some people opened those emails and were deceived into thinking they were legitimate.

Someone who tried to trace the bitcoin chain found that it led to a bitcoin laundering place that makes them untraceable and something about the scam originating in China. We don't know what was hacked. It could be something to do with us purchasing bitcoins and nothing whatsoever to do with vendor lists. I'm thinking that they have some way to search for keywords in emails that indicate some payment is going to be made.

Way too sophisticated for me to understand. I agree with whatever poster said that they targeted Protonmail as a favorite for clandestine activities. Just keep checking those email addresses and thank goodness that there is this one flaw in their scam.

 
@PeaceMaker  @2earls I wish I read your post. I am one of the idiots that clicked on some update and was locked out of my account. They were awesome. They deleted my account and gave me a $44.00 credit.

Thanks for your help even though I received too late!

Good meeting you

Heavenlee

 
Last edited by a moderator:
Just to update this thread, I want members to know that this is still happening every once in awhile, but not with the former frequency. 

There was one incident where our safety measure of checking the email address for a mistake wouldn't have worked, it came from the exact same email address. This was a bit scary. After hearing about it I wrote to the vendor email in question and I also received a scammer reply. When I didn't respond to it, they tried emailing me again to get me to order. That particular email is no longer listed here.

The only other tip I can give is that the responses from the scammer are always going to be short and impersonal and REMEMBER they hijack the conversation thread so it may start out normally with your vendor chatting as usual, it's the one you get after asking for payment info that will be where they sneak in. They push bitcoin for payment  (obviously a  red flag if it's a Mexican vendor as they don't take them with the exception of Leslie).

And lastly if bitcoin is your normal payment method with your vendor you can always try to get a confirmation like checking the wallet # by reading the first half of numbers and having the vendor read the second half  (along with something that indicates it's really them). Tell them a nickname or whatever you can think of; code word, whatever. Especially if it's a large purchase a little extra precaution could save a lot.

 
@2earls i was told to reach out to u but cant figure out how to sent a pm. Any help would be appreciated 

 
Is there anyone fluent in the darkweb?  There are places where email addresses like this are sold so it would be fairly easy to check for compromised vendor addresses.

 
@Clarissa you are welcome to come visit anytime I need you and @DoomKitty @Whoopiegoldburgg222 to help me to be educated on anything pc related. Or maybe keep my husband off our router not sure yet. Sorry was hurt @Akup7ich I feel your pain I have the same thing as you shoulder and ACL surgery it is hellish. My pug knocked me down my basement stairs. I hurt everywhere but Mr. PUG is perfectly fine. And he is supposed to be my emotional support dog he is getting an F this month! Welcome @Clarissa and good to be back still in bed. 

 
I second that. If anyone can help me access the DN I’d appreciate it.

ill never leave here but maybe we can get some insight on the subject.

 
It's unknown who opened the first link. It could have been a customer or a vendor and once that person contacted someone else then it moved along the trails of contacts. Several people have tried to trace it without success, both using the "fake" email addresses and the bit coin addresses.

We may never know how it started, but what is important is that it continues to go on. At a slower pace, but there are still reports of Mexican vendors asking for bitcoin payment and I still get the obvious phishing emails from time to time. 

Just keep checking that your payment info emails are coming from your vendors correct address. That will keep you safe 99% of the time. If you get an email that doesn't match, try to make conversation with the vendor. These scammers can't talk much other than to say "we are having a problem with the usual payment method ".

 
Anyone else get a email from proton support saying within the next week there will be a NEW upgraded version of proton and you will be directed there to sign in to the NEW proton mail . Then it says if you rather the older version you have to go to old proton ..... and sign in ... Is this for mobile proton users to??? Lmk if you're receiving the same email please so another proton scam doesn't happen . I'm pretty sure it's the real deal but let's all know for sure for the safety our community...

Regards

 
@Biskobro I have received the same email. I know it's legit because it's starred in my inbox. However, I like the way proton looks right now so I probably won't go to the upgraded version. 

 
Yeah I received this email as well just a little earlier. Hopefully it’s nothing serious like a scam or anything like that and is just a legit message for an upgrade. I’ll stay with how proton is now anyway. 

 
You must log in or register to reply here.
Drugbuyersguide Shoutbox
  1. O @ ochemdim: Hey everyone, @Mokachin0 very generously offered me a prize for my pet. Fortunately my pups are in good health so I’d like to offer it to someone whose pet is struggling in any way. Please reach out to @Mokachin0. Take care everyone
  2. M @ Mokachin0: @CalFresh the matter we’ve emailed about is in the works finally! Will update you soon!!
  3. CalFresh @ CalFresh: From the depths of my soul I thank God for this place. I know I don't visit nearly enough but the people here are as much in my daily life as my own family and I am deeply grateful and feel profoundly blessed bc of it.
  4. M @ Mokachin0: Last thing tonight, calling all pet parents! The winner of the pet parents in need post would like to pass the gift along to a member with a greater pet need—if you have a pet need (vet bills, food/supplies, pet insurance etc.) check my thread on pets for details! (As always, verify myself with mods first before pursuing!) - thanks to @ochemdim for generously gifting this to another member in greater need! (Post-Thread 'Not new but this may help someone')
  5. J @ jimbocut: Just disappointed after so many successful orders.Gomma do this,gonna do that.zBla,bla,Bla.
  6. J @ jimbocut: I have beenwaiting over a month now and got partial shipment.Wont even answer emails anymore
  7. M @ Mokachin0: @Jayplug77 check your direct messages (verify with DBG mods first always) thanks for your words of kindness or support to the community today! (Sorry guys im a few days behind / dog emergency - just catching up now for the past week’s daily kindness thing - today’s shouts covers Tuesday Wednesday and today)
  8. M @ Mokachin0: @Clash283 check your direct messages (verify with DBG mods first always) thanks for your words of kindness or support to the community today!
  9. xenxra @ xenxra: i hardly knew her!
  10. H @ hidd: ketaminespray
  11. C @ Clash283: Night folks gotta run couple errands and read somethin cozy before passin out!
  12. C @ Clash283: What you think is what you feel, what you feel is what you attract, and what you attract is what you vibrate! Much Love! Spike.
  13. M @ Mokachin0: @Layne_Cobain check your messages (verify with mods first always) thanks for your words of kindness or support to the community today
  14. Sinnin @ Sinnin: @Clash283 Lol, well put man. I second that.
  15. C @ Clash283: Whew, good day today folks. I hope everyone else is getting along well, others here know I think as fast as a machine gun but to all the vendors that put up with my ADHD ass I thank you and feel as I still owe ya!
  16. Sinnin @ Sinnin: @MOD Hello
  17. MOD @ MOD: Hello Everyone
  18. Sinnin @ Sinnin: @Layne_Cobain I'm super happy that I found this place.
  19. L @ Layne_Cobain: What’s up @Jayplug77 glad you like it so far think you’ll find it’s a great community that’s rly more than just what it seems I.e. ppl lookin out for one another exc glad you’re aboard buddy!
  20. Stims King @ Stims King: @luquitoad Certified legit, stealth mode: ON 🕶️📦 Let’s get that blue check faster than a mag hits on an empty stomach 😂💨
Back
Top