Phishing from Storj Forum?

I posted a question and 2 minutes later I recieved a message from a user named Oliver (most likely a bot).

They suggest I visit a link to open a support chat. Sounds dodgy. Esp when I visit user and they are 2 days old!



Thanks for the heads up on this. Was a Nigerian IP address. I have removed and blocked the account. Please let us know if you see anything like this in the future.


Please note that we currently do NOT offer any support by Live Chat, and also legit Storj team members will have the Storjling batch on their forum avatar


The horrific grammar (“we got your request”) and “Kindly” is a dead giveaway. Nobody talks like that :slight_smile:


Wonder if new users could be banned from sending messages?
Would help mitigate this.


It’s disabled. The user must gain at least a Trust Level 1 to send PMs.

1 Like

In this case Oliver was a “basic user” with a 1-day old account. Cannot imagine why a new user would need to direct message people.

It seems to me trust level 1 isn’t sufficient. I’d say someone should at least have posted 5x before being able to send a PM. That way any suspect messages could be detected in public before being able to send shady messages in private.

I’m moderating another discourse forum, and literally an hour ago I noticed a new spammy noncontributing comment from a user with a number of reasonably looking posts during their month-old history.

At first I actually thought that this last comment was a result of leaked/taken over account. But at closer look, all the messages the user ever posted was slightly rephrased comments from the same threads.

Spam bots get quite good at building trust.


I guess we can thank AI for that. Nothing will be perfect, but it’ll definitely help.


If it becomes an ongoing issue we can look into tightening it up, but this forum is used for support so we don’t want to inhibit new users too much in the event they want to contact us via PM to ask questions. But if it becomes more than a one off situation we can look at our options. Bots and Spammers are par for the course with any forum and it is always a balance between making it easy for normal users to communicate vs restricting bad actors.


Fair enough. It just worried me that when they do it in PM there’s only a single person who can catch them on it. It only takes that person being a little too trusting to become a target. If they’re going to target people, I’d rather they do it in the open for all of us to catch and report.


as mentioned before, admins have the Storjling label and storj logo in their avatar, so it is easy to tell if someone who is not a Storj Team member pretends to be a support person.

New users who seek support may not be aware of the label and logo. Scammers use this approach specifically because it works: users eager to solve their problem will ignore all sorts of red flags, including likely clearly spammy URLs.,

Perhaps as an additional measure it’s possible to filter URLs posted, including in PMs, with some security software, or at least reject newly registered domains? Just to protect users.


There is only so much we can do, as @Knowledge already mentioned we will make adjustments when necessary.


There is no such an option as far as I know. I can only increase required level for PMs to the Trust Level 2 (Member).

If this behavior continues as a trend, this would be a good measure.
If a new person is stressed about a problem they might miss red flags like @arrogantrabbit said.

Better that they should tag a legitimate Community Lead or wait for a trusted Community member.

This type of scam is so prevalent in Telegram groups when someone asks for help they are waiting like vultures to scam the new people, so we must keep it out of here obviously.


Used quite commonly in the UK, actually :slight_smile: