What if I told ya Stellar Staking Marathon is a SCAM?steemCreated with Sketch.

in hive-159906 •  16 days ago  (edited)

N.B.: This post is not for those who are already expert in recognising spoofing & phishing attacks

Today morning, I received an email from Stellar informing me that a new reward pool called Stellar Comminity Staking Marathon has been implemented into Stellar Ledger in addition to the current 1% inflation payouts. Now users have the option to claim 25% more Lumens based on their account balances.

All the details were there in their blog

A 25% rewards in a month on my total holding is huge for me, so I got very excited for it. And boy, it took me about two hours to realize that this is some scammer. But it was too hard for me to detect that.

Fortunately, I know a lot of people keep trying to scam Stellar hodlers as I used to receive several such phishing emails for availing their "new" airdrop. I ensured that all of them ended up in my spam folder. So this email was the first I received this year. And it looked very legit.

It was so legit that it became very difficult to spot any malacious act from my mobile. But 25% reward sounded so unbelievable that I couldn't trust it. So I reached to my laptop to dig in further.

I checked their official blog, website, searched google, went to CoinMarketCap to re-check the official domain for Stellar but I couldn't spot anythng suspicious.

However, two things still concerned me. One, the 25% reward and second, the time pressure that it's available for only a 30-day period starting 25th June. And if it was so, why I wasn't informed earlier.

So this became an interesting puzzle for me to solve.

Although it took about 2 hours of my time, I was ultimately able to verify that it's not legit. Of course, it shouldn't have taken this much time to me but I was too overwhelmed with the offer itself. Here I'm giving some of the screenshots for you to reveal my findings.

image.png

--> Check the address bar of this blog and verify if it is stellar.org.
Yes it is!

--> Check if there is padlock sign on the left of the domain address.
Yes it's there! So the website is secure!

--> Check the content of the blog.
It has all the past posts on official blog (all 6 pages) and this one is the latest post.

So why doubt it as something malacious?
Let's open the blog post to see if the link leads to some other domain:

image.png

No it doesn't. It opens on the same official domain.
So it must be legit

Okay, I decided that I'll stake with my Keybase wallet so that it will be safe.

But before that, I check the Stellar Acount Viewer page:

image.png

Ooops, what's this https://accountviewer.xn--stelar-6db.org domain where I need to sign in!

So there it is! You caught it!!!

I typed in the official domain https://accountviewer.stellar.org/ and found this legit pop-up as:

image.png

So it's verified that the offer was not legit and it's some phishing scam.

But the question is why did it take so much time for me to spot it. Why I couldn't do it on my mobile browser?

Well, it seems it depends on which mobile browser you are using.

When I checked it on Opera, I didn't find any way to verify this. But when I checked in Chrome, I first saw this:

Screenshot_20200626110559.jpg

But on tapping the address bar (when you do for editing it), I saw this:

Screenshot_20200626110618__01.jpg

You can easily spot the difference in address bar in the two screen shots above.

Hiding the actual domain name under a legit looking domain name is done using Unicode trick. For more explanation on it, please go through this article on The Guardian. It explains why some broswer support it while others do not.

So the best practice to be safe in such cases is to type in the domain name yourself (even if it's the exact same looking letters in the domain). That will solve the unicode problem and save you from scammers.

I know, most of you already knew it. But at times we get lazy and wanna take the shortcut - the conveninet route of clicking links. But beware that at times, little conveninece comes at huge cost!

Be safe!

P.S.:
I've reported this domain viz. xn--stelar-6db.org to CryptoScamDB vide reference no.: c04c0090-b7c8-11ea-82c5-af0d1559ca61

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Hello, a indian man by the name of Rupender Sharma IT specialist at TELUS in Abbotsford, BC Canada ripped me off.
I need your help if you can?
On june 4th and 10th - 175 ETH Stolen, 29,093 TUSD Stolen, 2402 LINK Stolen.
Do you know anyone that can trace the addresses the stolen tokens were sent to?
I will reward you $10k in Tokens or Fiat of choice for the full recovery.

I'm so sorry for your loss! But if you know about the identity and whereabouts of the person who ripped you off, you should directly register a complaint to cyber crime department in your city.

I don't see any point in giving away $10K reward for just tracing the wallets, where your funds landed. It won't get you your funds back.And you yourself can trace that from respective block explorers for all coins in your wallets.

But it will be difficult if you had downloaded your wallet to a desktop from some phishing websites like jax-x.com, jaxx.live, jaxx-wallet.com, jaxx.one, jaxx.im, l-jaxx.io, jaxx.ws or jaxxx.net. These are known phishing sites for Jaxx wallet with malware payloads.

You should tell the complete story as for how it all happened. But it will be better to get in touch with your cyber crime department for it.

Hope it helps. Best of luck!

Thanks for your response.
No cyber crime department here in Abbotsford.
I am pretty sure it was Jaxx Liberty Official site, but Where in my downloads would you suggest to look to see if a phishing website was used? If you don't mind, please.

thanks , some have suggested this company; https://www.coinfirm.com/

scammers are everywhere especially in the crypto world there is too much that's why some kind to regulation is needed to prevent users like you and me from these scammers

For now, I thought to spread awareness to more and more users to deal with it. Else, you might learn it hard way!

you are very right, It's better to listen and learn from whistleblowers than to learn it hard way

Very informative .. Thanks for sharing this ..

You are welcome! :)

Thanks for new info!