Scamming alert! Please be careful!

Hi everyone,
just wanted to highlight a case of a potential new scam and warn others, hopefully before it’s too late

The scammer this time was a newly created account with the username Tindie_Support and an apparent (fake) name of Amelia Lorenzo.

The scammer was pretending to be a legitimate member of the tindie support team. Their account was created minutes before the first message and contained details that the payments weren’t going through due to an update on tindie and that I would need to verify my account first.

The account would be verified at the scammer’s site, where it was asking for payment details of the bank of paypal. Of course, the website was created only days ago too (see whois report). Of course, most links were dead on the website.

If you get similar messages, please be aware that this guy is only after your payment details and will most definitely abuse them. The so-called support chat is the only I was able to confront this guy. Currently, the scammer has set up 404’s everywhere on the website, most likely until the suspicion wears off. Chances are high that they will continue.

I’ve reported this case to tindie, but it’s not difficult setting up new accounts, so the username and method may change.

Please see attached photos for proof:

LOL who is unsmart enough to click on this link rolleyes

Too sad that not even scammers take their time anymore to do a quality job

Just received a similar one but at least they tried to obfuscate the link

image1366×768 36.9 KB

The “Complete Verification” link leads to this domain

image875×768 28.7 KB

Reported to the actual Tindie support

Got the same message too.
When you hover on the “Complete verification” link, it starts with “emails.tindie.com”. Hovering the links is always the first and most simple process of discovering a scam, but this “emails.tindie.com” that is only there to track clicks, may mislead many people.

Apparently, they have also started at Lectronz:

The URL leads to the same site: ordrsreceivessell. They have multiple hacked accounts and heck, from the looks of it, support@lectronz may also be hacked since this account was used to send the mail, although it is specifically asking to reply to an even more fishy mail address (also most likely hacked). I hope there wasn’t a data leakage.

Bildschirmfoto 2024-12-19 um 14.04.29865×634 116 KB

I’ve helped the scammer temporarily cease action by filling in junk in the support chat to prevent further attempts at other users, leading them to temporarily set all URLs to 404 pages. Typing in the wrong URL leads to a redirect to google.

Please be aware, this scammer has a lot of time and therefore will continue their operations. Tindie sellers and buyers, stay alert!

See, the scammer has created new accounts and is happily within our midst
Hey, the link is dead, would you mind fixing the link please @NotifysSystem

@tindie can you please remove this scammer again? This time he’s pretending to be NotifysSystem. Please also delete that scammer’s post since it contains fairly fishy links

Haha, hey, can you please try to stop scamming people?
Much appreciated!

I’m sorry to hear your previous attempt failed…for the third time unfortunately

Oh really? I’m not stupid either
Check again :)))))))) lol

Hey, you speak english? What a surprise
Do you know that what you’re doing is illegal?

Why though, I’m pretty happy actually, thanks for your concern. What about yourself, scammer?

I got the account verification one too. It looked off to me and the link went outside the Tindie domain. Reported it to Tindie support.

In general, always inspect any links to see if they make sense. If the link goes outside the organization, it is probably some sort of phishing scam.

By the way, the animated gif on the phishing message goes outside the domain and can be used to track whether people are reading the message and harvest ip addresses. Is there any way to turn off external links like that in the forum SW? I do that in my email reader so scammers don’t see that I am reading their email.

Phil

Probably the safest and simplest way is to have a good VPN always on when browsing the web. Of course it can’t protect against phishing, but at least your IP stays safe.
But definitely, the security needs to be improved so that tindie will remain a safe place in the future as well