Stolen Youtube Channels used to promote bitcoin scams

[Tan3l6]

But WTF happens when 2FA will be "hacked" universally ... maybe by quantum computing?

Only reducing the amount of attempts taken to insert the verification code will also mean reduced attempts avaliable to be taken by the legit account owners.

[TetraSky]

 but, This just in, dumb person downloads a fake software from an unsolicited "offer" and gets their credential stolen. More at 11.

 

Seriously, it's unfortunate for them but, they only have themselves to blame for that one.

Never trust anything on the internet especially if it sounds too good to be true. Do your research before downloading anything and if you're still not sure, there's a god damn VM/sandbox in Windows 10 now that you can use exactly for situations like that.

[Sauron]

As usual social engineering is more effective than tech exploits

[Sauron]

23 minutes ago, Tan3l6 said:

But WTF happens when 2FA will be "hacked" universally ... maybe by quantum computing?

Uh what?

25 minutes ago, Tan3l6 said:

Only reducing the amount of attempts taken to insert the verification code will also mean reduced attempts avaliable to be taken by the legit account owners.

10 attempts or so are plenty for the legitimate owner but not nearly enough to brute force. And if the owner messes up one too many times they can still restart the process with a new code. 2FA is specifically immune to brute force attacks.

[Tan3l6]

2 minutes ago, Sauron said:

Uh what?

10 attempts or so are plenty for the legitimate owner but not nearly enough to brute force. And if the owner messes up one too many times they can still restart the process with a new code. 2FA is specifically immune to brute force attacks.

You tell me? I know not of uh.

10 attempts and after that IP block or what? Actually that might do it?

[Bitter]

Both screen shotted emails from 'gamegloom' are from gmail or yahoo email accounts, what company legit advertiser uses a yahoo or gmail account for business? No legit company on the internet. Maybe a mom and pop candle store in vermont or a food truck in san jose. Not a company offering $800 for a 30 second ad spot. How was that not the first tip off? I mean it's not hard for a company to look 1000 times more professional by getting an email address to match their domain name. I get emails from "apple" all the time that my apple ID is locked or from banks or the IRS or FBI, all of them have something in common. Some shitty ass email address. HUGE CLUE. Seriously?!

[Touch My Hamm]

I used to talk with smaller companies about cyber security. What most people dont know is that most "hacks" are people being tricked. Most computer systems are very secure and it would take alot of time and money to crack into someones server/systems. Where they could convince Kevin from finance department to open a pdf that would give them control into his computer where they could then grab more and more information and use it. We do hear about companies being actually cracked into but they are usually running something that is out of date or has a known flaw that wasnt updated. 

 

There was a time when this one company would send out a phishing email to their own company and make it pretty obvious and if you clicked the link it signed you up for a mandatory course that would take up a day or two of their work. Listening to the people complaining about being signed up was pretty humorous. 

[Sauron]

1 hour ago, Tan3l6 said:

10 attempts and after that IP block or what? Actually that might do it?

10 attempts and after that the code you received on your phone becomes invalid and you need to be sent a new one. Not very complicated.

[mr moose]

On 12/31/2019 at 4:41 AM, EverydayTV said:

 

Got my email today  

 

 

 

That just screams scam to me, broken grammar and semi fragmented sentences are enough to make me ignore all unsolicited mail.

 

 

[LeSheen]

On 12/30/2019 at 6:47 PM, EverydayTV said:

Their registered domain info, not sure if this will help. 

Never trust .ru domains or @yahoo mails. A respectable company would use its own domain to send mails...

[WereCatf]

On 12/31/2019 at 5:28 PM, Tan3l6 said:

But WTF happens when 2FA will be "hacked" universally ... maybe by quantum computing?

That's not how 2FA works, you cannot magically compute the requested verification-code unless you have access to the systems generating the codes and in that case you already have full access anyways.

[EverydayTV]

On 1/1/2020 at 2:14 PM, mr moose said:

 

That just screams scam to me, broken grammar and semi fragmented sentences are enough to make me ignore all unsolicited mail.

 

 

That's our email not the scammers, Their email address was a company domain email. 

[vorticalbox]

On 12/29/2019 at 7:28 PM, RorzNZ said:

Why would you download and run something that’s obviously a scam? 

Because it didn't look like a scam to the person.

[Guest]

1 minute ago, vorticalbox said:

Because it didn't look like a scam to the person.

there's a screenshot of it in the thread. It obviously looks like a scam. Most people understand nothing is free - not to mention this 'Gamegloom' technology supposedly rivals Google's tech. 

 

This type of scam has been around for a very long time!

 

On 1/1/2020 at 5:05 AM, Bitter said:

Both screen shotted emails from 'gamegloom' are from gmail or yahoo email accounts, what company legit advertiser uses a yahoo or gmail account for business? No legit company on the internet. Maybe a mom and pop candle store in vermont or a food truck in san jose. Not a company offering $800 for a 30 second ad spot. How was that not the first tip off? I mean it's not hard for a company to look 1000 times more professional by getting an email address to match their domain name. I get emails from "apple" all the time that my apple ID is locked or from banks or the IRS or FBI, all of them have something in common. Some shitty ass email address. HUGE CLUE. Seriously?!

Regarding this though so many do. I work with physiotherapy, acupuncture, chiro clinics and other stuff that doesn't work - so many have emails that use gmail, yahoo, iCloud and even QQ. It just is unprofessional. Like its $5 etc now for a website and a domain, why?

[mr moose]

4 hours ago, EverydayTV said:

That's our email not the scammers, Their email address was a company domain email. 

Hang on, the screen shot you posted is an email you wrote not an email you received?

[RonnieOP]

On 12/29/2019 at 2:39 PM, Donator_HD said:

Its a bussines mail, Roth Wellden cant know about scam.

Thats not a very good argument at all.

 

If a random company ive never heard of emails me idc if its a business or not im not installing random software.

 

He shouldve known this was a scam since this scam has been around for years now. My grandma could tell you it was a scam from the start lol.

[Kisai]

On 12/31/2019 at 8:05 AM, Bitter said:

Both screen shotted emails from 'gamegloom' are from gmail or yahoo email accounts, what company legit advertiser uses a yahoo or gmail account for business? No legit company on the internet. 

Plenty of people operate their business using gmail or yahoo, or even their home ISP email account that they got 20 years ago.

 

[Kisai]

On 1/15/2020 at 10:02 AM, RorzNZ said:

 

Regarding this though so many do. I work with physiotherapy, acupuncture, chiro clinics and other stuff that doesn't work - so many have emails that use gmail, yahoo, iCloud and even QQ. It just is unprofessional. Like its $5 etc now for a website and a domain, why?

 

You have never paid for hosting obviously. It's not $5. The costs are potentially unlimited. One DDoS can burn your bandwidth to the ground, make a hosted or VPS burn to the ground, and then you have to contend with potential hacking of your webhost. Don't add to the crappy wordpress easy-to-hack environment.

 

It's not worth it for sole-proprietorships to own their own domains, or they can register their domain but forward it to their @gmail.

 

[Guest]

29 minutes ago, Kisai said:

 

You have never paid for hosting obviously. It's not $5. The costs are potentially unlimited. One DDoS can burn your bandwidth to the ground, make a hosted or VPS burn to the ground, and then you have to contend with potential hacking of your webhost. Don't add to the crappy wordpress easy-to-hack environment.

 

It's not worth it for sole-proprietorships to own their own domains, or they can register their domain but forward it to their @gmail.

 

I know exactly how much these companies make and how much they can afford to spend thank you. .  

[Kisai]

2 hours ago, RorzNZ said:

I know exactly how much these companies make and how much they can afford to spend thank you. .  

 

That is JUST the domain.

[RonnieOP]

16 hours ago, Kisai said:

 

That is JUST the domain.

$36 for two years. $1.5 a month. If thats a crazy expense for a business then thats a crap business. And if they cant afford that how can they afford how can they afford to pay a youtuber $800? 

 

 

[Guest]

17 hours ago, Kisai said:

 

 

That is JUST the domain.

I know how much they make because I pay them. They can afford this easily. 

[Kisai]

1 hour ago, RonnieOP said:

$36 for two years. $1.5 a month. If thats a crazy expense for a business then thats a crap business. And if they cant afford that how can they afford how can they afford to pay a youtuber $800? 

 

 

I said that was JUST the domain, that's the minimum you'd have without even having email or a website. Go actually look at how much it costs to to pay someone to maintain a server.

The answer to "how much resources can I use is" is "not enough to run the worst wordpress site"

 

Godaddy doesn't even offer email anymore, it's been outsourced to Microsoft.

 

So you're already at 12.39/mo just to have one email address and the worst hosting package.

 

How much does it cost to pay someone to build and maintain a website with any CMS? WIX Arena suggests between $500 and $2000 for the website alone, and only with that service. WIX is $14.00 USD/mo for the minimally usable hosting package. Still no email.

 

If someone is seriously trying to operate a business online, they might have a domain and a website, or they might just operate entirely out of their gmail account if they aren't operating a service that is online. Lots of local businesses do not have websites, but they have a presence in search engines because they paid for yellow-pages services at some point.

 

[Bitter]

4 hours ago, Kisai said:

I said that was JUST the domain, that's the minimum you'd have without even having email or a website. Go actually look at how much it costs to to pay someone to maintain a server.

The answer to "how much resources can I use is" is "not enough to run the worst wordpress site"

 

Godaddy doesn't even offer email anymore, it's been outsourced to Microsoft.

 

So you're already at 12.39/mo just to have one email address and the worst hosting package.

 

How much does it cost to pay someone to build and maintain a website with any CMS? WIX Arena suggests between $500 and $2000 for the website alone, and only with that service. WIX is $14.00 USD/mo for the minimally usable hosting package. Still no email.

 

If someone is seriously trying to operate a business online, they might have a domain and a website, or they might just operate entirely out of their gmail account if they aren't operating a service that is online. Lots of local businesses do not have websites, but they have a presence in search engines because they paid for yellow-pages services at some point.

 

https://gsuite.google.com/pricing.html

$6 a month for them to have an @businessname email address, but of course someone looking to scam would never bother because why spend money to steal money and why possibly leave a way to trace back to the scammer. If you're a legitimate online based business reaching out to prospective clients, especially as this company presents itself as being in the marketing business, they would never use a free anonymous email like @yahoo.com if they wanted to present with a modicum of professionalism. Not to mention the fact that the email wasn't even gamegloom@yahoo.com or gamegloom@gmail.com, they couldn't even be assed to bother with that small FREE bit of show to look at least a little professional? If I get an email saying they're from Chase bank sent from CharterOneFishingTrips@gmail.com do you think I should believe them?

[oeci]

It's 2020 and apparently people still execute .exe files that were sent to them by e-mail. Oh wait, that's wrong people even download the malware themselves by following a link sent to them by e-mail, that's even better