Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

someone ping Derek there’s a Carla impersonator using nostr plebs NIP-05 to try to scam plebs nostr:note1yn0xlxrmf9kkmq8e7kpn84za3ry6rlnutmfqmde6urcfhkhhdzxqx7esgc

Reply to this note

Please Login to reply.

Discussion

Avatar
NEW1 1y ago

yeah i got a dm too

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

Can you tag him? Damus won’t let me ):

Avatar
NEW1 1y ago

Hey nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424 just a heads up tag for sleepy

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

Just got a dm from him, it appears it’s just the username, Carla owns the real one… but it still threw me off, as well as that banner 🀣

clients should label these as β€œspam” or β€œscam”

Avatar
minestr.app 1y ago

I don't think there's any effective way of determining it's spam. Maybe WoT?

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

if it’s using a NIP-05 that belongs to another pleb that’s the owner, should be easy.

One nsec/npub owns it

any other that adds it to their profile as a username or whatever would be labeled spam

Avatar
minestr.app 1y ago

Oh yeah, trying to use a nip05 someone else has registered won't validate, at least it shouldn't (the client should verify it against the users' pubkey used in the app). Adding a spam label would add another level of awareness πŸ‘

Avatar
minestr.app 1y ago

But this won't stop them from registering a similar nip05, which is what I was referring to when I mentioned address as a service websites.

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

nostr:npub18m76awca3y37hkvuneavuw6pjj4525fw90necxmadrvjg0sdy6qsngq955 tagging broken per usual /:

Avatar
Vanessa 1y ago

Hmmm nostr:npub1zafcms4xya5ap9zr7xxr0jlrtrattwlesytn2s42030lzu0dwlzqpd26k5 I haven’t had this happen

Avatar
sudocarlos 1y ago

Yea it's broken right now

Avatar
elsat 1y ago

Is tagging broken 100% of the time?

Are you on latest testflight?

Which iOS?

Avatar
sudocarlos 1y ago

Ignore, user error (i was not following an account that i thought i was)

Avatar
minestr.app 1y ago

These nostr address as a service sites are useful, but perhaps it should be by request only. Otherwise it's very easy for scammers to get a nip05 anyway.

Avatar
Rene 1y ago

I also got the dm. But this profile is not nip5 verified, it shows a disclaimer in the cover image telling to check nip5, therefore shows that the profile is a malicious impersonation. Some plebs may fall for that, unfortunately

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

What client are you using ? I didn’t get a disclaimer

Avatar
Rene 1y ago

I'm using amethyst. It shows that, but the profile is not really nip5 verified were it should appear.

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

Oh that’s the banner image

would be nice if the pages that used nip-05s in their usernames that belong to another owner should have a disclaimer saying it’s a β€œscam” or β€œspam”

Avatar
Rene 1y ago

Yes, it's the banner image. But do you see the nostrplebs verified checkmark on the fake profile?

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

nope, but new users don’t know about verified checkmarks on owned NIP-05’s

Avatar
semisol 1y ago

there’s none

they set their username field to the NIP-05 so it appears confusingly similar to an actual NIP-05 on some clients

Avatar
HoloKat 1y ago

Nip5 is not verification

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 1y ago

who’s gonna tell client devs 🀣

Avatar
HoloKat 1y ago

This is why we can’t use nip5 for any kind of verification

Avatar
semisol 1y ago

this is because they set their username field to β€œCARLA@nostrplebs.com” and not NIP-05

this confusingly leads to it appearing like a NIP-05 even though it is not