-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
To put a drastic stop to vendors getting phished on Alphabay,
we now enforce mandatory two-factor authentication (2FA) for
all vendors on the marketplace. In addition, the encrypted
message (on login) will include an authentication code, and a
warning message with the list of official links. Since the list of
links is bundled together with the auth code in the PGP message,
it is unforgeable by any phishing proxy page.
Vendors who got a free waiver but didn't put a PGP key in their
profile will be prompted to enter one on their next login, and
2FA will be enforced. In addition, when a new user registers
and sets a PGP key in the registration form, 2FA will automatically
be enabled, with the same unforgeable list of official links in the
PGP message.
We will see how this goes in the near future, but we expect the
phishing to stop fairly quickly.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJW5UioAAoJEOAZpE/dncxmTeYH/AkuKKgWuKVsSe2QRVXLhHWF
PxMXt2UW0KlxG0IfjUc5Vy4FxQ3hy3MBzegKKD4wWdJzn381an4oqt3j++/WkZ7+
lBq5aWAGKm+iXdrOCAGBu1xbUyfBqNHhsMKkQ9mvPev116ci8HFKf1/1SOFXq75T
lqbA87Unqxf34j59TJ1suSZF8AqiyQMrjlpqvZ4v/GCJ5rsDwyIYHCVO4yizOD9c
WGmfI6xgipFAKba4XbtYoPDrQuMosEPZstMLL6/zsiMleEgkF2WMgX0D3ic91hJa
l/4PmDU2LdKJClHJNaOd58IkEDGoozFZDOLjtjzYJJLamIR5xBHxMJDCmWRBV48=
=1jyW
-----END PGP SIGNATURE-----