EA Forum Bot Site
EA Forum

Comment Permalink
Dawn Drescher2
2
0

Why would that happen? If the domain is different, Chrome wouldn’t fill in any information from another domain. For me it just redirects to a run-of-the-mill domain squatting type website on yet another domain. Could be that it checked some of my browser settings and decided that the risk was too high that I’m a security researcher, and so redirected to an innocuous website. I haven’t tried hard to fool it.

Reply
See in context
by Will Bradshaw
1 min read 6

67

Community80,000 Hours
Frontpage

Just what the title says: 8000hours.org is a malicious scam/phishing site. If you mean to go to 80000hours.org and come across something strange/confusing, be aware and take care to keep yourself safe. (EDIT: And maybe think twice about going to the scam site yourself; one user contacted me to say that their browser had autocompleted information into its fields.)

I've accidentally gone to this site instead of 80000hours.org a few times over the past year, and each time it's been a different scam, so it seems to change hands/tactics frequently. Some of them were convincing enough that I'm worried they'd catch an unwary user.

I've notified 80K about this; this post isn't meant to be a complaint or criticism about them, just to make others aware of the danger. That said, people from other orgs reading this might do well to think about what other domains close to their own someone might use to prey on their users, and what they might do to pre-emptively prevent this.

67

0
0

Reactions

0
0
Comments6
Sorted by
New & upvoted
Click to highlight new comments since:
Stone16
3
3

And for the love of god, DO NOT GO TO THAT WEBSITE BECAUSE YOU'RE CURIOUS. CHROME WILL AUTOFILL INTO THE SITE BEFORE YOU CAN REACT AND I HAVE NO IDEA WHAT OR HOW MUCH.

This should be standard advice for any phishing warning, unless it's on a forum where everyone already has tons of cybersecurity experience. Do not click it, do not type it in, don't click any 80k link for a while without inspecting it first. This will probably target other links too, ASAP, so just make sure to check every link that you're clicking.

Reply
peterhartree4
1
0

(If you want to visit the domain but not have it saved in your Chrome omnibar, just open an Incognito window.)

Reply
Dawn Drescher2
2
0

Why would that happen? If the domain is different, Chrome wouldn’t fill in any information from another domain. For me it just redirects to a run-of-the-mill domain squatting type website on yet another domain. Could be that it checked some of my browser settings and decided that the risk was too high that I’m a security researcher, and so redirected to an innocuous website. I haven’t tried hard to fool it.

Reply
Will Bradshaw2
0
0

For me it just redirects to a run-of-the-mill domain squatting type website on yet another domain.

Yeah, it's changed to point to something a lot less directly malicious since I last checked this morning. (But, well, no reason to think it won't change again tomorrow.)

Reply
Lorenzo Buonanno🔸11
4
0

I recommend people install Ublock Origin.

It blocks a lot of spammy/scammy websites, including the one that 8000hours redirects me to.

Reply
peterhartree8
2
0

Thanks for the heads up.

From memory: I tried to register this domain 4-5 years ago, but it was already taken. 80,000 Hours does own 800000hours.org, 80000hours.com, and several other variations.

Reply
Guy Raveh4
0
0

And their express aim is decimating people's capability to work 🙃

Reply
More from Will Bradshaw
View more
Curated and popular this week
Relevant opportunities
View more