Alright, while I do not really like creating this, but I will try put my best into giving you the information regarding Verifpro, what threats it entails, and how to tackle it. In the meantime, please do not create any more posts about Verifpro. We have enough of these posts and you got all the information, so please stop, it’s enough.
UPDATE: it appears that a new advertising effort has surfaced, many also as suspicious as Verifpro, so please treat this as similar to Verifpro.
What is Verifpro?
Verifpro is a website that sells financial accounts (e.g. paypal accounts, bank accounts, et cetera) that are likely stolen. The developers advertise this website, via bot accounts that were once users, which appear on multiple websites, including SimplePlanes.
How does it have bot accounts?
The developers of Verifpro appear to have phised multiple accounts (or as WNP78 claimed, trying known email/password pairs that have been leaked from other services online) to turn them into bots, and if they have the same password as their simpleplanes.com accounts, their simpleplanes.com accounts also become compromised as a result. After these accounts were compromised, they will post a single post advertising a link that appears to lead to Verifpro. It is unknown if the compromised accounts could still be accessed by the users, but I think they might be unable to.
How do I stop stop my account from getting compromised?
- Prevention is always the best. If you encounter a suspicious link, do not attempt to access said link. If you encounter it on a website, report it to relevant authorities; they might take down said link.
- If your password is of the same name as your username, is the same as any other website, is short, or is generally considered unsecure, please change your password immediately, so when another of your accounts gets compromised, your account in which you changed your password is safe. This could also allow you to post warnings to users of another site about your compromised accounts.
- Should your account be compromised, contact support, so they can help you with this issue. On simpleplanes.com, the contact page is this one.
Conclusion
While life is unfortunate, we should not fall for scams that can endanger your life. Panicking that some hacker can magically break into accounts at any time will not solve the problem. Instead, we should put our efforts into researching and eventually tackling such scams. I know you may have fallen into this misconception once, and I must admit that I have fallen into this too, but if something unfortunate like this happens, keep calm, research, and try to prevent it.
.
Also...
.
ONLY YOU
Can stop the scams!
Thank you:
- PlaneFlightX for additional information about how accounts get compromised and how to stop that.
- temporaryplanetester for additional information regarding how accounts get comprmised and the scale of this operation.
- WNP78 for information about a method of compromising accounts.
The link Verifpro’s adbots advertise leads to Verifpro’s telegram channel, where the buyers get to purchase the financial accounts (usually PayPal accounts). So, this is quite understandable why they advertise such things.
They also seem to be able to repeat the post if the original gets deleted, as I've seen u/SimpleAreospace do it.
The link also doesn't seem to do anything to your account (tried accessing it and even sending account info from @verifprotesttarget1), but it's still better to avoid it just to be sure.
@FirstFish83828, I have checked my email address twice into the haveibeenpwned.com thingy, and both attempts resulted in a “no pwnage found!” message. How nice, my sense of security has paid off.
God, that looks like a scam
Might I suggest haveIbeenpwned.com? it checks if your email has been hacked, compromised, and pasted. It also sees if your website (if you have any) have been hacked, compromised, and pasted. Best part? Idk, I just find it useful.
@DatRoadTrainGuy19 I don't see the issue lmao
@OwO bro, that is just horrible, please just... Dont use that url ever again
@Bellcat nah, im gonna use it
@OwO, I know this is a joke, but may I urge you to not use the URL of Verifpro for your rickroll?
Verifpro.net - Buy PayPal account | Ebay | Stripe | Crypto https://verifpro.net
Verifpro.net – Platform that offers for selling of Bank Accounts, Documents, and Phone Numbers. To register on various resources, as well as to carry out...
@Bellcat I see
@Noname918181, if you have been compromised but still can access your account, then it appears that the password is unchanged. Usually, when an account has been compromised, passwords and emails were changed to prevent their previous owners from accessing it. Due to the rarity, I might need more evidence before editing this forum post to accommodate it.
@BaconAircraft even better, just dont set a password in the first place!
From my experience I could still access my account even after being hacked, I don't know if this applies to the others however
Can't steal my password if I can't even remember it myself. Checkmate, phishermen.
whar da mods post at
where emergency announcement at
|._. |
--[ ]
.. ||…………Do something
shit this things really scares me
dont make forum posts about verifpro anymore !!!!!!!!! (except me)
There is a special circle in hell for those who hack accounts and steal personal info just to promote their shady scammy websites.
Fair, i feel we should have enough so that everyone knows but hot too many, because then its just telling everyone something they already know @Bellcat
@Dathcha, no, thank you. It is hard to describe it in detail, but the main reason why I included this discouraging text here is to prevent more to clog up the forums.
Very informative, good job. However I disagree with stopping making posts about the threat, as the more attention brought to it, the less likely a user is to somehow miss the warning forums and click the link
@temporaryplanetester lol
It would be good to spread this post to other bigger forums (like assettocorsa.net) as they have also been attacked
Very informative. Thank you for addressing this in detail.
@Dragoranos server log suddenly fills with requests to login as you with the password "ludicrous"