recovery scam sites

avetinja
avetinja younger associate
edited November 1 in Scam Busters

Hi,

Here are some recovery scam sites ( offering fake money recovery / fake charge-back to victims of scams also known as 'reloading scam', 'advance fee fraud', 'recovery room scam' ):

[*urls removed by @Flexx*]  

Thanks.

Comments

  • Flexx
    Flexx mod
    edited October 22

    Since these are bulk websites, @Alexandru_BD can send them internally to the malware research team for analysis.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Hello @avetinja and thank you very much for reporting these here.

    I have forwarded the list to our security researchers for investigation.

    Much appreciated! 👍️

    Premium Security & Bitdefender Endpoint Security Tools user

  • avetinja
    avetinja younger associate
    edited October 22

    There is no malware there. Its a scam site, they don't work like that.

    I have been tracking them for some time, here:

    https://www.scamwatcher.com/scam/view/411233

  • avetinja
    avetinja younger associate

    you can see that most of domains have been created recently and all on NAMECHEAP. owner is hidden.

    and they follow the same pattern, etc..

  • Yes, thanks for pointing this out. 👍️

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx mod
    edited November 1

    As checked, apart from one, all other websites have now been blocked by Bitdefender.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • avetinja
    avetinja younger associate

    that one is peculiar, but I won't ask why.

    these scammers have mostly moved to whatsapp, telegram, gmail, etc…

    Dunno if there is any point in collecting phone numbers and email adressess as there is too many of them.

  • Bitdefender is always there to protect you. You can use Bitdefender Scamio on WhatsApp Messenger and Facebook Messenger, and it may introduce support for other social apps in the future. More information can be found in the link provided below.

    https://www.bitdefender.com/en-us/consumer/scamio

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • avetinja
    avetinja younger associate
    edited November 1

    here is one scammer on whatsapp:

    [*url removed by @Flexx*]  

  • Flexx
    Flexx mod
    edited October 24

    Bitdefender Scamio can only check for links shared within social apps for phishing or malicious content, and not for WhatsApp accounts of users or businesses. If you believe a user or business is a spammer or scammer, you can report them to WhatsApp by following the procedure in the link provided below.

    https://faq.whatsapp.com/1142481766359885/?cms_platform=web

    https://faq.whatsapp.com/2286952358121083

    https://faq.whatsapp.com/573786218075805

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • avetinja
    avetinja younger associate

    its tedious, they usually want proofs, etc.. you know…

    what about telegram, gmail ?

  • avetinja
    avetinja younger associate
    edited October 28

    another one:

    [*url removed by @Flexx*]  

  • Flexx
    Flexx mod
    edited October 28

    For Telegram support, kindly visit https://telegram.org/support

    For Gmail, kindly submit the phishing page through their online portal https://safebrowsing.google.com/safebrowsing/report_phish/

    If you believe that a website or file is not detected by Bitdefender as malicious or phishing, kindly report it to our malware research team using the forum provided at the link below:

    https://www.bitdefender.com/consumer/support/answer/29358/

    If the website or file is indeed malicious or phishing, detection will be added within a maximum of 72 hours. However, if no detection is available even after 72 hours, please consider the website or file as safe, as determined by our malware researchers, and no detection will be created for them.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • @avetinja you can report the fraudulent urls in plain text like you did in your first post, to expose websites known to scam people, but please avoid posting active links to such fraudulent pages in the community, for obvious reasons. 🙂

    Thanks,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • avetinja
    avetinja younger associate
    edited November 1

    here is another one:

    [*url removed by @Flexx*]  

  • Despite being told to stop posting links on the forum, you are continuously doing so. You have already been provided the information to send spam links directly to the malware research team. Posting links on the forum will not forward them to the malware research team. Repeating this behavior will lead to a ban of your forum account without any prior notice. I hope you understand.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • avetinja
    avetinja younger associate
    edited November 4

    it was said to use plain text instead of direct link so I did just that.

    I won't use this forum anymore. hope you understand.

    you are selfish, too paranoid, and don't deserve my time.

  • avetinja
    avetinja younger associate
    edited November 4

    oh, BTW [*url removed by @Flexx*] is a SCAM site, just like all others.

  • Flanksy
    Flanksy ✭✭✭

    Good day everyone,

    Upon checking on Virus total, the website looks to be clean with no AV vendors flagging it and the screenshot below for reference however, while checking it at the same time, the website looks to be down as well

    Best Regards,

    Flanksy✌️

    The guardians of the digital realm

    Bitdefender Premium Security, Digital Identity Protection user

    Bitdefender Gravityzone user

  • Flanksy
    Flanksy ✭✭✭

    Hiya @avetinja,

    I understand that @Alexandru_BD said previously that it is possible to use plain text instead of direct link, but what @Flexx is trying to say is not that being selfish or not understanding you, but its more of an advice and precaution that has been on this forum for a while now as some users will tend to copy or click the link which none of us want to accidentally infect or let other users fall victim to an attack or a clickbait RAT in example.

    And yes, he is also right on the part where if you want the Bitdefender support and lab teams to get the links which you seem malicious is by the link which was previously given by @Flexx somewhere further up and they will also be in touch with you more faster compared to it being here as I am also one of them who are sending my own discovery to the Bitdefender Labs team with the link provided. I'm not picking anyone's side over here but just trying to explain and to clear the air.

    Here is the link below to get to the Bitdefender Labs team to submit your links if you can't find it or if you are not sure where is it.

    Report a False Positive or False Negative detection to Bitdefender Labs

    Best Regards,

    Flanksy✌️

    The guardians of the digital realm

    Bitdefender Premium Security, Digital Identity Protection user

    Bitdefender Gravityzone user

  • Thank you, @Flanksy, for checking the link on VirusTotal and providing a brief explanation related to my comment.

    My intention was not to disturb you, but as @Alexandru_BD mentioned, you can post the URL in plain text. However, there’s a catch: while live links are clickable and can directly affect users, anyone interested in checking those links can simply copy and paste them from plain text into their browser. This is why you were provided with the website to share your suspicious links directly with Bitdefender’s malware researchers.

    Another point to consider is that posting links on the forum won’t ensure they are addressed by anyone. While you may share suspicious links here, it's important to know that there are no members from Bitdefender's malware researchers on the forum, and the links you post may remain unanswered. While the admins on the forum are Bitdefender staff members, they also have to follow the protocols set by the company. I am sharing this information because I have been through similar situations in the past.

    Once again, my intention was not to disturb you.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • @avetinja we're good here? I'm sure no one meant any disrespect to you and as you can see, we are all trying to help each other here and raise awareness of these scammers and their tactics. It's just that we can't go around posting active links to sites that are suspected to be malicious in any way, shape or form. What we can do here is post them as plain text and also report them to Bitdefender Labs for verification.

    So, by all means, you can continue to post on this forum, but kindly follow our recommended guidelines, since these are meant to protect our members here and to ensure a pleasant and safe environment, where everyone is welcome and all viewpoints are respected.

    Thank you

    Premium Security & Bitdefender Endpoint Security Tools user

  • avetinja
    avetinja younger associate

    ok, sure, sorry for overreacting.

  • Don't worry, it's all good and we're happy to have you here. 😉

    Premium Security & Bitdefender Endpoint Security Tools user