Stolen Youtube Channels used to promote bitcoin scams

[Kisai]

1 hour ago, Bitter said:

https://gsuite.google.com/pricing.html

$6 a month for them to have an @businessname email address, but of course someone looking to scam would never bother because why spend money to steal money and why possibly leave a way to trace back to the scammer. If you're a legitimate online based business reaching out to prospective clients, especially as this company presents itself as being in the marketing business, they would never use a free anonymous email like @yahoo.com if they wanted to present with a modicum of professionalism. Not to mention the fact that the email wasn't even gamegloom@yahoo.com or gamegloom@gmail.com, they couldn't even be assed to bother with that small FREE bit of show to look at least a little professional? If I get an email saying they're from Chase bank sent from CharterOneFishingTrips@gmail.com do you think I should believe them?

 

Some of you in the thread aren't understanding why a "legitimate" business might be using free email, and trying to go "well you're only a legitimate business if you have a domain", AS IF THAT EVER MATTERED. Cloudflare made it incredibly easy to register a domain, point it to them, and instantly you have a SSL protected website with a hidden origin. Someone could easily register chasebankfreedomtospendyourmoney.com and the person only sees the "chasebank" part and it's marked safe because Cloudflare provided a SSL certificate. 

 

I didn't even mention getting EV certificates which is another $120/yr cost at todays prices. Google screwed us all by forcing HTTPS or get de-ranked in the search engine, because now all a criminal has to do is get a free certificate via Cloudflare or letsencrypt, register a look-a-like fake bank name and phish because people up to that point were trained that sites marked secure were legit. They're not.

 

The version of this scam that I saw ripped off a "legit" site, made a few trivial changes to put their product name in, and then contacted youtubers presenting themselves with that fake version of a legit website. How exactly did having a domain not prevent them from getting screwed huh?

 

Here's a three month old version of the scam:

You'd have to be completely out-of-the-loop to know this wasn't a scam. Download RAM, surrrre.

 

Here's a more recent one:

 

This latter one takes advantage of the fact that gmail hides the email address and just puts the name in.

 

 

 

To me, this looks like a scam because it looks like a form template missing all the carriage returns. And look, the website itself has a SSL icon. 

 

The site is also still up.

 

The site itself is hosted or protected by something called ddos-guard.net

 

[RonnieOP]

4 minutes ago, Kisai said:

 

Some of you in the thread aren't understanding why a "legitimate" business might be using free email, and trying to go "well you're only a legitimate business if you have a domain", AS IF THAT EVER MATTERED. Cloudflare made it incredibly easy to register a domain, point it to them, and instantly you have a SSL protected website with a hidden origin. Someone could easily register chasebankfreedomtospendyourmoney.com and the person only sees the "chasebank" part and it's marked safe because Cloudflare provided a SSL certificate. 

 

I didn't even mention getting EV certificates which is another $120/yr cost at todays prices. Google screwed us all by forcing HTTPS or get de-ranked in the search engine, because now all a criminal has to do is get a free certificate via Cloudflare or letsencrypt, register a look-a-like fake bank name and phish because people up to that point were trained that sites marked secure were legit. They're not.

 

The version of this scam that I saw ripped off a "legit" site, made a few trivial changes to put their product name in, and then contacted youtubers presenting themselves with that fake version of a legit website. How exactly did having a domain not prevent them from getting screwed huh?

 

Here's a three month old version of the scam:

You'd have to be completely out-of-the-loop to know this wasn't a scam. Download RAM, surrrre.

 

Here's a more recent one:

 

This latter one takes advantage of the fact that gmail hides the email address and just puts the name in.

 

 

 

To me, this looks like a scam because it looks like a form template missing all the carriage returns. And look, the website itself has a SSL icon. 

 

The site is also still up.

 

The site itself is hosted or protected by something called ddos-guard.net

 

Nobody is denying why a small local company would use a free email. Although even the smallest of local companies around me make a website and get the free domain email. Its not expensive or hard at all. Alot of times when you get business internet they offer you a dirt cheap option for a website and email. But yeah some very small businesses use free emails.

 

But what small local companies are reaching out to youtubers and offerring $800 for a sponsor spot? If they are trying to reach a global market to advertise to they obv need a website. And with the website you would get the email (most the time).

 

The local baker who caters events out of her home kitchen. Yeah no issue seeing them have a yahoo email. No legit business paying close to a grand per youtuber is going to be using a yahoo email address.

 

It costs next to nothing to get a domain/website/email etc. 

 

[kirashi]

4 minutes ago, Kisai said:

Cloudflare made it incredibly easy to register a domain, point it to them, and instantly you have a SSL protected website with a hidden origin. Someone could easily register chasebankfreedomtospendyourmoney.com and the person only sees the "chasebank" part and it's marked safe because Cloudflare provided a SSL certificate. 

--SNIP--

"Secured" domains mean nothing when it comes to email deliverability & trackability - email headers & MX Records are what you want, as these provide a trackable trail of every mailserver IP address that has touched the email as it bounces around the web. Combine that with properly setup DKIM & SPF records, and you can track almost every email sent back to at least the service provider level. That being said.... (read my reply below)....

 

8 minutes ago, Kisai said:

This latter one takes advantage of the fact that gmail hides the email address and just puts the name in.

--SNIP--

You hit the nail right on the head in that many email clients / webapps either make obtaining the true sender email from the email headers near impossible, or straight up don't educate the user on what constitutes a safe vs. unsafe email. This leads people into a false sense of security unless they know what to look for in an email header, let alone even know to hover over links before clicking on them.

 

What we really need is a complete overhaul to the way email currently works, requiring PGP signing of every message that can be traced back to some form of government ID, or at the very least, a given computer's motherboard signature. But this will never happen as it requires far to large a change across too many existing software, hardware, and infrastructure networks to be a feasible change.