"Watch Place Time" - BEWARE

[seattleal]

I received an email from gmail acc't "watchplacetime"

Same message sequence as previous bogus attempts -

Email expressing interest and asking if still available-

Then email including phrases "Buying the watch for my birthday", "I am ready to proceed with payment and shipping" and "Btw Will you be interested in trades, See below for my collections" with a link to a thread in the
forum WHICH IS ACTUALLY AN ATTEMPT TO GRAB LOGIN AND PASSWORD.

Second time I've received messages like this in response to a listing; last time began with a pm.

Be careful!!!

[Martin]

Thank you for this piece of information

[SeeDweller]

Quote:

Originally Posted by Martin

Thank you for this piece of information

Wow, that’s awful!

So don’t click on any link that someone sends you in a correspondence. Makes sense!

It’s so disappointing, because when I interact with someone else regarding a sale or purchase, I ask them to contact me directly on my email!
Indeed… I really want to do a FaceTime call at the minimum. I want to see a face, and talk to someone directly.

So sad that people fake personal interest, and then have malicious intent. It sure screws it up for everybody. Damn.


Sent from my iPhone using Tapatalk

[77T]

Quote:

Originally Posted by seattleal

"Btw Will you be interested in trades, See below for my collections" with a link to a thread in the forum WHICH IS ACTUALLY AN ATTEMPT TO GRAB LOGIN AND PASSWORD.

Second time I've received messages like this in response to a listing; last time began with a pm.

Be careful!!!

Certainly agree with that final triple exclamatory admonition. Did you already have 2FA activated before these two attempts hit you?

But let me address the boldface text I quoted above it. The link was unlikely landing you in this forum.

Instead it was very likely a mirrored site looking like rolexforums.com - but actually on a Malware-as-a-Service (MaaS) site. So the criminals just sit in the middle on that virtual server to scrape credentials when the victim presumed he was on a legitimate service. MaaS enterprises host and then rent malware to their customers on a subscription basis. Makes hacking inexpensive and easier for criminals - like a “Hacking for Dummies” book.

Now there is a worse risk if you did click that link - and if it actually landed you on the true rolexforums.com. That risk is this: the ruse has already loaded a keystroke logger on your system. It will watch what you do on all websites and act like a bot. That - or - may act as an extension in your browser.

So if you clicked, time to do some housekeeping…just sharing all that in the spirit of communication and community. New members coming across this may not know.

BTW, did you scan the url of the fake site? Adding that IP address to your report that you send the Mods could be helpful.


Sent from my iPhone using Tapatalk Pro

[swaini3]

Good info 77T and I hope everyone reads it.... and get 2FA activated