SymBiotics (U.S. domestic)

That much detail should not be public knowledge though...I mean, JoeShmo shouldn't know I'm ordering with a source...Am I missing something? I would never post publicly that I am ordering...would post my experience after the fact, like TA, communication, etc...but no one should know I'm about to sent BTC to an addy?!?!
 
That much detail should not be public knowledge though...I mean, JoeShmo shouldn't know I'm ordering with a source...Am I missing something? I would never post publicly that I am ordering...would post my experience after the fact, like TA, communication, etc...but no one should know I'm about to sent BTC to an addy?!?!
Yes, you are missing the fact the scammer has acess to your email, and is watching every email you get and every conversation you have.

That is how this works. Without access to your email address it doesn't work.

Many times after you send $, they will even change your password to your own email so you can't even get back into it to see what the fuck happened.

So let me break it down like this.

MESO_USER's password on BOP is ILOVEMESO.

BOP gets compromised and a hacker sees MESO_USER email is MESO_USER@protonmail.com and password is ILOVEMESO

Scammer goes to meso_user@protonmail.com and logs in, because Meso_USer didn't take proper precautions and used the same password for their email as BOP, and they are not using 2FA.

Scammer waits, and watches....

The rest is as above.
 
Yes, you are missing the fact the scammer has acess to your email, and is watching every email you get and every conversation you have.

That is how this works. Without access to your email address it doesn't work.

Many times after you send $, they will even change your password to your own email so you can't even get back into it to see what the fuck happened.
Oh shit...wow, that's fuckin scary!
 
How exactly did you get scammed though ? In my 12 yrs of doing this not once did a source initiate a discussion. It just doesn’t work that way.

That wasn’t a red flag?

The scammer email looks nothing like the real email. I’m completely baffled how this scam is working.

I didn't get scammed. That's not what happened to me. I'm assuming he brute forced my password somehow, so my email address tied to my Meso account and gained access to my email that way. I have not ordered from any source on Meso.

I tagged Millard as soon as I saw the hacker put peoples personal information out on Dragon Ordinace's thread. The hacker replied to my post tagging Millard and said it was too late.

I then commented on how the hacker was using Iron Vett's account to post. That's when he gained access to my account.
 
Looking back now, it doesn't surprise me that he was able to gain access to my account. I've been complacent and used fairly simple passwords for some shit. Unfortunately, I had done that with my proton account as well. I didn't think it would ever happen to me (which is stupid). I used to be a lot more careful about shit.

That's on me for being lazy and complacent. Lesson learned.
 
I brought up the shit that happened on SST with people, just to get the information out there that scammers were intercepting payments from customers by accessing their emails. It got to where it was happening every day to people on SST because they weren't paying attention.
 
I didn't get scammed. That's not what happened to me. I'm assuming he brute forced my password somehow, so my email address tied to my Meso account and gained access to my email that way. I have not ordered from any source on Meso.

I tagged Millard as soon as I saw the hacker put peoples personal information out on Dragon Ordinace's thread. The hacker replied to my post tagging Millard and said it was too late.

I then commented on how the hacker was using Iron Vett's account to post. That's when he gained access to my account.
Did you use that same password on any other forum? (ie. SST or BOP)
 
Did you use that same password on any other forum? (ie. SST or BOP)

Nope. Here and SST are the only two forums I belong to. I'm assuming I was just collateral damage. Haven't had an issue with anything until I got involved this morning trying to get the shit removed from the forums.
 
Yes, you are missing the fact the scammer has acess to your email, and is watching every email you get and every conversation you have.

That is how this works. Without access to your email address it doesn't work.

Many times after you send $, they will even change your password to your own email so you can't even get back into it to see what the fuck happened.

So let me break it down like this.

MESO_USER's password on BOP is ILOVEMESO.

BOP gets compromised and a hacker sees MESO_USER email is MESO_USER@protonmail.com and password is ILOVEMESO

Scammer goes to meso_user@protonmail.com and logs in, because Meso_USer didn't take proper precautions and used the same password for their email as BOP, and they are not using 2FA.

Scammer waits, and watches....

The rest is as above.
Would it be smart to delete any proton mail accounts and start over?
 
I don't know if this helps, but I know on SST for awhile, people were getting their btc stolen because a scammer would use a sources email address but the .com part was something like .corn (.coRn) and people weren't paying attention.

Also, I've seen scammers send emails through protonmail or tutanota asking for you to verify your account. If you aren't paying attention and you click the link, they get your information and can intercept your emails between you and the source and get you to send funds to the wrong wallet.
I’ll clarify what was happening and still happening on sst. People open phishing links, then they get scammed because the people behind the phishing links just switch BTC addresses around. Shit like that has been happening for years on end, but of course a lot of people on sst had no clue phishing emails even existed and so they thought/think someone in particular is targeting them.

IMPORTANT: VERIFY TUTANOTA EMAIL BEFORE ACCOUNT SHUTDOWN
SST forum noob- “Oh fuck I better click this link and sign in before tuta shuts my account down!!!”

Edit- looks like @Serono took the time to explain this properly. Thnk u, I don’t have the patience to explain in detail like that lol.

But the most important thing to remember besides checking the senders email, is to never open any links sent to you. Majority of the time this is how your email gets compromised in the first place. You open a phishing email, click a link and then you get prompted to sign in again. When you sign in again, your giving the scammer your PW.
 
Last edited:
I would like to hear more from the victim above, BUT, normally it works like this.

The victims email is already compromised by the scammer.

The scammer sits and watches the conversations, the victim is having. They wait until they are about to close a deal in most cases.

Then say Symbiotics sends the victim an email with a BTC address, the scammer steps in, and 1. deletes it before the victim sees it, and sends another email with their btc address, typically from a SPOOFED email that appears just like the sources(symbiotics@securenym.com for example) or 2. sends an email to the effect of "hey use this BTC address instead" and trys to change it at the last min.

In this case it appears they just changed their DISPLAY name, to look like Symbiotics, which is pretty lazy, and means the victim wasn't paying much attention and only looked at the name on their main INBOX screen, and not verify the email address once in the email chain.



That is typically how it works.
Thanks for the explanation. I thought people were getting emails.

I've always used 2FA. Been using the dark web for years and if you don't 2FA you get hacked. 100% of the time that is true over there
 
But the most important thing to remember besides checking the senders email, is to never open any links sent to you. Majority of the time this is how your email gets compromised in the first place. You open a phishing email, click a link and then you get prompted to sign in again. When you sign in again, your giving the scammer your PW.

That is one way for sure, but I am pretty confident that is not what is happening here. I have talked to a few members who were compromised and there is a leak somewhere.

One member made an account here, then made a fresh protonmail account to email me, and within 24hrs that protonmail was compromised and he was almost scammed(we caught it luckily)

As for the phishing thing. You should never click any link(without inspecting it) on any forum, or in your email, period. I don't care if a well known member posts a link here that says "check out these tits", don't click it, unless you vet it first.

But PROTONMAIL makes it pretty easy to know if an email is from them. The yellow star will be highlighted from any email originating from Protonmail.
 
I brought up the shit that happened on SST with people, just to get the information out there that scammers were intercepting payments from customers by accessing their emails. It got to where it was happening every day to people on SST because they weren't paying attention.
Those dumbasses click phishing links, then when I see them post about it I always comment “PLEASE VERIFY TUTANOTA ACCOUNT” lmao
 
Back
Top