SymBiotics (U.S. domestic)

Can you give us anymore information? Did you click on any links? Were you emailing a source? Anything that can help.

I don't know if this helps, but I know on SST for awhile, people were getting their btc stolen because a scammer would use a sources email address but the .com part was something like .corn (.coRn) and people weren't paying attention.

Also, I've seen scammers send emails through protonmail or tutanota asking for you to verify your account. If you aren't paying attention and you click the link, they get your information and can intercept your emails between you and the source and get you to send funds to the wrong wallet.
 
You’re profile was made 3 days ago!? Wtf
How? Does this guy just randomly email you, Claiming to be a source? That’s not suspicious to you

Nah, I fucked up using a shitty password for both my Meso account and protonmail account. I have so many passwords I use for everything, I guess I didn't think about it.
 
Hey guys...I'm new to this board, but not to the game. Symbiotic a has been nothing but first class in answering questions with complete candor. Yes...I have ordered from him. But I'll let my post count build up before I give my experience. And that's just out of respect for the board and you guys that have been around for a while. The info on Meso is a highwater mark that is hard to surpass!
 
I didn't contact them as to what was being done and in what matter. Just posted that part on the facebook page and they replied. I then deleted my post on their page. I posted the information for you guys or Millard to do with what they want.
ProtonMail wouldn’t give a flying fuck about something as dumb as this. Nor would they waste their time contacting US law enforcement over it..
 
PLEASE READ:

Emails from me will say SymBiotics as my display name and my address is symbiotics@protonmail.com. I am uncertain if multiple people can use the same display name; but today a person tried to take money from a customer by using my email address as the display name.
This person's display name in protonmail was typed exactly as my actual email address is written; but the email address was tntline@protonmail.com.
This person is attempting to steal.

Apparently, a person can choose any name or name format for the display name.

My only email address is symbiotics@protonmail.com. Please ensure that the email address is correct because the display name can be manipulated to make one think that the message originated from my email.

I am working on some other things at the moment; and I will answer the questions from today a little later. I felt compelled to share this while I had a moment.


Question for you. There is a "locked lock" icon next to the sender in proton mail. Was this ICON next to the sender when tntline would send emails? Or was it an open lock?

I Would set up a signature on protonmail first and foremost having them change their passwords and setup 2FA. These scams work because the CUSTOMERS email is compromised. Everyone should immediately change their passwords, and enable 2fa. As well as go to SETTINGS>Security>Session management (right corner) and make sure there are no malicious log ins, and if so revoke them.

Next remind people to verify the email address they are communicating with, as well as things like any other red flags. ie changing btc addresses, unlocked lock icon, etc, etc.

For the last 2 months my signature has been as follows in an attempt to wan people of this stuff. I started to notice a sharp increase in compromised emails, as well as the pattern of people re-using forum passwords, on their emails.

Attention:

If you ever get an email from someone claiming to be me, using an email other than this email, it is not me. I only use xxxx@xxxxx

There has been some scams going on within protonmail lately. I recommend all clients who aren't already doing so, to activate 2FA in your protonmail settings(SETTINGS> Security> turn on 2factor authorization)
This will make it virtually impossible to compromise your account.

Download the AUTHY app, and use it for 2factor.

Additionally change your password, and use something you don't use on forums.

If you get scammed because of your own stupidity you are on your own.

Thanks,
S

These scammers/hackings really make a strong case for using PGP for all communication. This kind of scam can't work if both parties are encrypting their own messages.

S-
 
Yep, I'd gotten lazy when it comes to make sure my security is right online and it came back to bite me in the ass.
How exactly did you get scammed though ? In my 12 yrs of doing this not once did a source initiate a discussion. It just doesn’t work that way.

That wasn’t a red flag?

The scammer email looks nothing like the real email. I’m completely baffled how this scam is working.
 
How exactly did you get scammed though ? In my 12 yrs of doing this not once did a source initiate a discussion. It just doesn’t work that way.

That wasn’t a red flag?

The scammer email looks nothing like the real email. I’m completely baffled how this scam is working.

I would like to hear more from the victim above, BUT, normally it works like this.

The victims email is already compromised by the scammer.

The scammer sits and watches the conversations, the victim is having. They wait until they are about to close a deal in most cases.

Then say Symbiotics sends the victim an email with a BTC address, the scammer steps in, and 1. deletes it before the victim sees it, and sends another email with their btc address, typically from a SPOOFED email that appears just like the sources(symbiotics@securenym.com for example) or 2. sends an email to the effect of "hey use this BTC address instead" and trys to change it at the last min.

In this case it appears they just changed their DISPLAY name, to look like Symbiotics, which is pretty lazy, and means the victim wasn't paying much attention and only looked at the name on their main INBOX screen, and not verify the email address once in the email chain.



That is typically how it works.
 
Back
Top