MESO-Rx

Anabolic Steroids

Phishing Warning: Fake Emails Claiming to Be From MESO-Rx

MESO-Rx Administrator

MESO-Rx Administrator

Administrator
Staff member
10+ Year Member
20+ Year Member
Dear Members,

We are aware of a phishing attack targeting our community. Fraudulent emails are being sent from amairu@seznam.cz, falsely claiming to be forum direct messages from Qingdao Sigma Chemical Co., Ltd (QSC). These emails are not legitimate and aim to steal your ProtonMail and MESO-Rx credentials.

Key Points About the Phishing Email:
  • The email pretends to be a confidential message sent via Thinksteroids.
  • It contains masked URLs that redirect to a fake ProtonMail login page.
  • The attackers appear to be exploiting recent discussions in the Underground subforum about QSC’s email issues to deceive members.

What You Should Do:​

  1. Do not click on any links in suspicious emails.
  2. Do not enter your login credentials for ProtonMail or MESO-Rx unless you are on a trusted and verified website.
  3. Verify legitimate emails by checking the sender address. MESO-Rx emails will always come from an official domain (e.g., @thinksteroids.com).
  4. Verify URLs before interacting with them by hovering over links to ensure they lead to .

Example of the Phishing Email:​

"You have just received a confidential email via Thinksteroids (https://thinksteroids.com/ ). Drugbuyersguide encrypts emails automatically end-to-end, including all attachments. You can reach your encrypted mailbox and also reply with an encrypted email with the following link:

Show encrypted email

Or paste this link into your browser:

https://mail.thinksteroids.com/#mail/LxuR-SA----2k5JNWdYnd06p3deX_uzu9g

This is NOT a legitimate link.

How to Report:​

If you receive one of these phishing emails, report it to us at phishing@thinksteroids.com so we can investigate and mitigate further risks.

We are actively monitoring the situation and working to ensure the safety of our community.

Stay vigilant,
MESO-Rx Administration
 
MESO-Rx Administrator said:
Dear Members,

We are aware of a phishing attack targeting our community. Fraudulent emails are being sent from amairu@seznam.cz, falsely claiming to be forum direct messages from Qingdao Sigma Chemical Co., Ltd (QSC). These emails are not legitimate and aim to steal your ProtonMail and MESO-Rx credentials.

Key Points About the Phishing Email:
  • The email pretends to be a confidential message sent via Thinksteroids.
  • It contains masked URLs that redirect to a fake ProtonMail login page.
  • The attackers appear to be exploiting recent discussions in the Underground subforum about QSC’s email issues to deceive members.

What You Should Do:​

  1. Do not click on any links in suspicious emails.
  2. Do not enter your login credentials for ProtonMail or MESO-Rx unless you are on a trusted and verified website.
  3. Verify legitimate emails by checking the sender address. MESO-Rx emails will always come from an official domain (e.g., @thinksteroids.com).
  4. Verify URLs before interacting with them by hovering over links to ensure they lead to .

Example of the Phishing Email:​

"You have just received a confidential email via Thinksteroids (https://thinksteroids.com/ ). Drugbuyersguide encrypts emails automatically end-to-end, including all attachments. You can reach your encrypted mailbox and also reply with an encrypted email with the following link:

Show encrypted email

Or paste this link into your browser:

https://mail.thinksteroids.com/#mail/LxuR-SA----2k5JNWdYnd06p3deX_uzu9g

This is NOT a legitimate link.

How to Report:​

If you receive one of these phishing emails, report it to us at phishing@thinksteroids.com so we can investigate and mitigate further risks.

We are actively monitoring the situation and working to ensure the safety of our community.

Stay vigilant,
MESO-Rx Administration
Click to expand...

Thank you for sharing about this situation. ✅

Have you identified or narrowed down the ways the phishing scammer may be obtaining (or guessing) members emails?
 
PiscesMoon said:
Have you identified or narrowed down the ways the phishing scammer may be obtaining (or guessing) members emails?
Click to expand...

narta said:
How did they get a list of emails of the forum users?
Click to expand...

We’re writing to update you on the phishing emails reported by a small number of members on our forum. While our investigation is ongoing, there is no evidence to suggest that the MESO-Rx forum database has been compromised or that attackers obtained a list of member email addresses from our platform.

Given the high use of ProtonMail addresses among our forum members and the attackers’ attempt to steal ProtonMail credentials, we believe this phishing attempt likely relied on a Username-to-Email Pattern Matching method.

Attackers may have guessed email addresses by combining publicly visible usernames with common email domains such as @gmail.com or @protonmail.com.

This happens because many users create email addresses that match their usernames for simplicity (e.g., username@gmail.com or username@protonmail.com).

This method does not require access to our database but takes advantage of patterns where usernames are similar to email addresses.

MESO-Rx is taking proactive steps out of an abundance of caution to ensure the continued security of our platform.

We'll do a more thorough investigation and share additional updates as more information becomes available or if we uncover anything relevant.
 
You must log in or register to reply here.

Similar threads

superbolix
Superbolix: Your New Source
2 3 4
Replies
79
Views
10K
Leprechaun22
L
Primal_Pharma
  • Sticky
MESO-Rx Sponsor Primal Pharma - US Domestic
785 786 787
Replies
16K
Views
790K
Ghoul
Ghoul
russianboy12
GG-Pharma (USA) Domestic
28 29 30
Replies
582
Views
46K
russianboy12
russianboy12
A
WARNING GenericAsia shipping box showing oil leak on the outside
Replies
4
Views
747
B Ware
B Ware
Olympian Pharmaceutical
olympianpharma.ltd - US Domestic
2 3 4
Replies
77
Views
6K
MissedArmDay66
M

Sponsors

Latest posts

Back
Top