-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Welcome fellow redditors!
We are here today to ask the community for some help. Our
login page at TradeRoute is undergoing a complete rework
to make it more secure and one of our bigger concerns is
phishing. Although our market is growing quickly it is still
not big enough to catch the attention of phishers so luckily
no user has been phished yet on TradeRoute, but we know
that this is not a matter of if, it is a matter of when.
We are sure that we will face this problem soon and we want
to prepare beforehand.
Yes I know that some of you argue that people should be
wary about any links they see out there and if someone gets
phished it is his/her fault. I am not of this opinion
Although it is obvious that everyone should be as careful
as posible during his activities at the dark web there is
nothing inherently bad about the markets being more secure.
If we can keep users safe even when they make mistakes then
we are definitely succeeding at our business. I do not know
whether this is the best thing to do but it is our philosophy
and we are going to stick to it until someone proves us wrong.
In short, we have sorted out the most basic and evident phishing
schemes. I am talking about those that make up a fake login page
and request your login info. Those are easy, we have already
figured out how to protect people from that. The problem are the
more sophisticated phishing sites that work just like a proxy to
the real TradeRoute page, performing a man in the middle attack.
The issue is that we haven't been able to find any examples of them
to study how they work. We can just make conjetures and this is not
ideal.
That is why we want to ask you for any phishing links you may have
or at least tell us where to find them. The only links that I
could find were very simple and lame, we would ideally study those
that act as a proxy to the real market. We do not care about which
market they are focused on.
Best regards!
The TradeRoute team
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJYnFNRAAoJEG1uaxOEo4CAcc8H/05QASWzeCImw2SZSQZEkOic
D7dwxbtgj76m6c4JPi/t+FAgoKs596+McRaEkict+lkDjxL268OYnHnz1ydNzG4K
y7maQRl/DjNcx4ZNW3wSrjomOwt9hnxp07X2wZROSTXPCr97MVjqVBesyV3Iz8rc
jbF4EOgvap/Ogks6RaFIP36p9fQNOAOJTEgYfftGlP2lptOeMhNJIfJV5cosfuJ+
qUWFgMTUs1gGIhVAepLmfytqM/L5aUwmjQ6qvyqSx757HcwEdRoLHF6mptojePVd
YYPBqgG0utBYNqz1B7R6zzNGMApteAb6mUQpeAAaQVoiBfo0YTyqAc37Gh2b1d4=
=a5/p
-----END PGP SIGNATURE-----
Why do you send people PMs on other markets (reports on Dream and Alphabay) asking them to sign up to TradeRoute?
Do you think that's ok?
Do you think that might make it easier for phishers to start sending out PMs including their phishing links in the future? "oh, I know TradeRoute sends out invites via PM, so this must be legit"