Scamming alert! Please be careful!

Hi everyone,
just wanted to highlight a case of a potential new scam and warn others, hopefully before it’s too late

The scammer this time was a newly created account with the username Tindie_Support and an apparent (fake) name of Amelia Lorenzo.

The scammer was pretending to be a legitimate member of the tindie support team. Their account was created minutes before the first message and contained details that the payments weren’t going through due to an update on tindie and that I would need to verify my account first.

The account would be verified at the scammer’s site, where it was asking for payment details of the bank of paypal. Of course, the website was created only days ago too (see whois report). Of course, most links were dead on the website.

If you get similar messages, please be aware that this guy is only after your payment details and will most definitely abuse them. The so-called support chat is the only I was able to confront this guy. Currently, the scammer has set up 404’s everywhere on the website, most likely until the suspicion wears off. Chances are high that they will continue.

I’ve reported this case to tindie, but it’s not difficult setting up new accounts, so the username and method may change.

Please see attached photos for proof:

LOL who is unsmart enough to click on this link rolleyes

Too sad that not even scammers take their time anymore to do a quality job

Just received a similar one but at least they tried to obfuscate the link

image1366×768 36.9 KB

The “Complete Verification” link leads to this domain

image875×768 28.7 KB

Reported to the actual Tindie support

Got the same message too.
When you hover on the “Complete verification” link, it starts with “emails.tindie.com”. Hovering the links is always the first and most simple process of discovering a scam, but this “emails.tindie.com” that is only there to track clicks, may mislead many people.

Apparently, they have also started at Lectronz:

The URL leads to the same site: ordrsreceivessell. They have multiple hacked accounts and heck, from the looks of it, support@lectronz may also be hacked since this account was used to send the mail, although it is specifically asking to reply to an even more fishy mail address (also most likely hacked). I hope there wasn’t a data leakage.

Bildschirmfoto 2024-12-19 um 14.04.29865×634 116 KB

I’ve helped the scammer temporarily cease action by filling in junk in the support chat to prevent further attempts at other users, leading them to temporarily set all URLs to 404 pages. Typing in the wrong URL leads to a redirect to google.

Please be aware, this scammer has a lot of time and therefore will continue their operations. Tindie sellers and buyers, stay alert!

See, the scammer has created new accounts and is happily within our midst
Hey, the link is dead, would you mind fixing the link please @NotifysSystem

@tindie can you please remove this scammer again? This time he’s pretending to be NotifysSystem. Please also delete that scammer’s post since it contains fairly fishy links

Haha, hey, can you please try to stop scamming people?
Much appreciated!

I’m sorry to hear your previous attempt failed…for the third time unfortunately

Oh really? I’m not stupid either
Check again :)))))))) lol

Hey, you speak english? What a surprise
Do you know that what you’re doing is illegal?

Why though, I’m pretty happy actually, thanks for your concern. What about yourself, scammer?

I got the account verification one too. It looked off to me and the link went outside the Tindie domain. Reported it to Tindie support.

In general, always inspect any links to see if they make sense. If the link goes outside the organization, it is probably some sort of phishing scam.

By the way, the animated gif on the phishing message goes outside the domain and can be used to track whether people are reading the message and harvest ip addresses. Is there any way to turn off external links like that in the forum SW? I do that in my email reader so scammers don’t see that I am reading their email.

Phil

Probably the safest and simplest way is to have a good VPN always on when browsing the web. Of course it can’t protect against phishing, but at least your IP stays safe.
But definitely, the security needs to be improved so that tindie will remain a safe place in the future as well

I got this too! for me it was from https://discuss.tindie.com/u/notifictindie

image838×813 75.4 KB

image1150×836 59.1 KB

Edit:
Due to Tindie’s daft idea to use email.tindie.com for all email links I almost fell for it too…
Seriously only use email tracker links for official/automated emails where users cant make arbitrary links or make it so the emails.tindie.com link gives an alert that you are leaving tindie affiliated sites and not to inherently trust them…

Since lectronz.com is mentionned in this thread, I can confirm that Lectronz has recieved these scam attempts, through the “Message Seller” tool that allows any customer to send a message to sellers.

I also strongly believe that that the individuals behind these phishing attempts are the same on Lectronz and Tindie, given the overlapping audience.

Lectronz added a prominent note in the “Message Seller” emails reminding sellers not to share sensitive information (such as passwords, bank details, or personal data) in response to these messages.

Screenshot 2025-01-13 at 1.25.53 PM811×559 36.5 KB

This is by no means enough of a measurement against scamming. The hacker is all too familiar with the way tindie and lectronz work, but just too lazy to make a fully functioning website. I am rigorous when it comes to mails, but I can almost guarantee that some users have already fallen victim for this scam.
Perhaps links can be checked more rigorously by both tindie and lectronz before they even make it to the users. And an option to report a person directly via a button in the footer can help take down these scams faster.
Either way, from the looks of it, the scammer isn’t going to give up. Every time this guy is caught, he temporarily puts down the scamming-domain only to resume it a few hours later. Since I’m always using VPN and know how to identify scams, this doesn’t affect me much, but this certainly requires the attention of the authorities, which we as normal users are not able to do.

I would strongly urge tindie and lectronz to file a report of scamming to ensure the safety of their users and to retain the trust before things get out of hand.

@omzlo Currently, I cannot say if the overlapping audience is the same or if it was a target against me for taking on the scammer head-on. However, it is likely that this has continued happening even after the deletion of these fake accounts and will continue happening judging by the activity of this thread