So recently this dude tried to phish me. Unfortunately for him, that is not possible to do to me. But here is an example I ALMOST fell for because I wasn't fully paying attention, I'm not going to include screenshots because I'm using Qubes right now and if any of you use Qubes you know having to take screenshots in Dom0 and then transferring it back over to your Whonix battlestation AppVM requires typing out two full file paths on the command line and I have tab completion disabled so fuuuuck that.
Here's how it went down:
Sent by oscarmayer420_ Banned on Dec 6, 2015 at 19:11
Thought I would bring this to your attention, about the fact that some of your images may be revealing your geolocation through the use of exif data.
I'm not trying to scare you but when I noticed your ad, after scanning it that it may be leaking some extra details, ones that may be more valuable to law enforcement than they are to somebody such as myself.
I do believe that you have not properly washed the photos you are using in the ad, and I'm sure an agent with more of a budget and equipment than I do, could probably decrypt your exif data to get a close estimate on your location.
Alphabay should have this procedure when vendors sign up, but sadly they don't, I also noticed more javascript controls with this new theme, after they added the new alt urls such as this one: [don'tclickunverifiedABlinksanywhere]://lo4wpvx3tcdbqra4(DOT)onion
If I were you I would at least change the picture on this ad, since that was the only one I could find that definitely had the exif data slightly revealed:
[phishingbullshit]://alphabayn7j2voah(DOT) onion//listing (DOT) php-id=33775
Good luck buddy
Some context: I'm very new on AlphaBay, I took actual pictures of my products in a way that makes it obviously so, there's no indication anywhere on my profile that I'm a pretty smart cookie necessarily. I have like 6-7 sales, easy target right? My reply:
Sent by SeedofChaos Vendor on Dec 6, 2015 at 20:08
what's your usual success rate on that ? not a bad attempt at all.
I then added one Mr. /u/Trappy_Pandora to the conversation.
Sent by Trappy Public Relations on Dec 6, 2015 at 21:45
WOW that actually had me going until he posted links.
Admin is added by Sir Trappy the Bold.
Sent by Trappy Public Relations on Dec 6, 2015 at 21:48
@admin please ban phisher.
Now, seems simple right? But I suspect that I was scoped out by a different, more established account previous to that (though it could have been a legitimate user, just the timing suggests otherwise. The transcript is as follows:
Sent by poorteddybear New Member on Dec 6, 2015 at 09:08
Hey man, just wanted to let you know that at least on your 5-MeO-MiPT listing, most of your shipping methods are set at $0.00. I didn't think that was intentional and just wanted to save you some trouble,
Cheers
Innocent enough. I check the listing. Sure enough, I hadn't set the listing's prices correctly. I fixed that, messaged them back:
Sent by SeedofChaos Vendor on Dec 6, 2015 at 09:10
Oh, weird. Yeah there's no way to manage them in batches or all at once here so I have to manually enter it every time. Kind of annoying but whatever. Thanks for looking out.
Again, could be unrelated, but I'm not stupid and I know how these folks play their games. To people losing money on the site: would you have caught this? This isn't even as good as it could be by a real pro, but I had copied his link and was about to open it in a new tab, when all of a sudden I really saw the address and it felt wrong, so instead, I copied just the listing id number, pasted it onto the end of my currrent mirror's URL, and sure enough, it wasn't a current listing or at least not one of mine.
The Phish is Real.
Further speculation:
Also, the reason I nearly fell for it additionally is because i normally use the mirror that has "alphabay" in the link. At a cursory, distracted glance, I sort of assumed it was it. I'm not sure if he knew I used that mirror or not (I have sent several listing URLs for private listings to other users, which could have been yet additional scoping out attempts to figure out what mirror I'm on).
I guarantee you that most of you losing money are falling for shit like this.
[removed]