News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Are my understandings about phishing links correct? : DarkNetMarkets | Torhoo darknet markets

1. If I have genuine market address which I have used successfully many times and it is saved in my bookmarks - it cannot change to a fishing link? So when accessing it I don't need to compare the address in capcha?

2. If for some reason I somehow open a phishing link trying to access market which doesnt have internal wallet:

- I should be able to understand straight away that this is a phishing link because it won't have my order history.
- The only thing phishers will get is access to my account in the real market link and they won't be able to do any harm to me assuming that I always encrypt all the messages. I will just delete this account and create a new one.
/u/ImpactMarket
2 points
2 days ago
If you’ve bookmarked the marketplace URL and always access it through that bookmark, you’re pretty much safe. A lot of DNM these days use anti phishing captchas where you need to fill in the missing characters by comparing the URL. This setup helps verify you’re on the legit site because phishing sites using proxy based setups usually can’t bypass these image based captchas. So yeah, always compare your URL carefully. On the other hand, if you manually encrypt your messages or sensitive info before sending, you’re good. But if you don’t, just know that on many markets your messages and order info might be shown in clear text (even if it’s encrypted on the backend). So if someone gains access to your account say through credential leak they can read everything, and if they know your withdrawal pin, they could empty your balance too.

Hope this clears up some doubts. Stay sharp.
/u/DaemonArc 🍼
1 points
2 days ago
examine the site carefully and if the IP address on the real site differs from the IP address there by even a small letter or number, it is a trap.the site may look exactly the same, but the IP address or anything specific to the site cannot be exactly the same
/u/brandson225 📢
1 points
2 days ago
But if I already used the address before successfully many times (im absolutely sure its legit) and I always access it from my saved bookmarks how can it change to a phishing link?
/u/DaemonArc 🍼
1 points
2 days ago
As I said, an e-mail SMS comes to you, maybe it will have the exact same name as the site, but if there is a URL search, even one letter there is different from the actual site, this is a phishing attack. In order for a person to be able to do this, he must have your e-mail name or cell phone number.
/u/Samsungenter
1 points
2 days ago
I think phishing site can show You your order history. It can get this data from real market site, bcs you gave them all data they needed to login when you was loging to phishing site.
/u/brandson225 📢
1 points
2 days ago
So it as soon as I login it can instantly copy all the information about my order history and messages?
/u/Samsungenter
1 points
2 days ago
TBH I dont know. But i think phishing site can send your login informations right to real site, and show you data that they recieved from real site in real time. They can be "man in the middle", that can see and change any data that flow betwen you and real site. But I am not sure about it.
/u/dogshot96 🍼
1 points
2 days ago*
1. If I have genuine market address which I have used successfully many times and it is saved in my bookmarks - it cannot change to a fishing link? So when accessing it I don't need to compare the address in capcha?

For this, I'm unsure - I'd like to think not, but I don't know how onion links are generated.


- I should be able to understand straight away that this is a phishing link because it won't have my order history.

Not true. Reverse-proxy phishing navigates this, by forwarding your request to the target site (the legitimate site). You input your username and password into the phishing site, it feeds that information to the real site, then sends the content from the real site back to you as the response (as if you're using the real site). So in that case, all of your orders etc. will appear.

I got done like this a good 10 years back on Nucleus - showed my correct balance & everything. Made a deposit. Never got it. Phished.

You can't be too careful. Check the PGP fingerprint every chance you can.
/u/Katabolt11
1 points
2 days ago
I would suggest to check the PGP everytime with "mirrors.txt", it only takes a minute
/u/Crypto4Chickens
1 points
2 days ago
For the rest, I saw responses, but if they get access to your account, they can:

Wait until you place an order
Cancel the order and withdraw funds
Change the password and change the order address
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo