[UPDATED February 1, 2015 --See below!] TDS is hearing from lots of folks who have recently seen this scam or who have already been duped by it. If you have a SnapChat account, or know someone who does, read on…
Have you received a note in your Snapchat account to view old Snapz by visiting scleak.com?
Lots of people are seeing this and then click the link and log in hoping to see old Snapz or are curious enough to investigate. However, it is a scam that steals your login credentials and then sends a notice out to all your contacts asking them to do the same. TDS is not entirely certain what the scammers will do with your login credentials but it could potentially be embarrassing. If you use the same login credentials at other websites or financial institutions, it can be much more serious.
If you get a message in Snapchat from a friend telling you to go to this website to see old Snapchat pictures (or any other website), don't fall for it. The friend's account was hacked and it is the malicious software that is sending the message. Apparently, SCLeak.com is the 3rd such Snapchat hacking site. The hackers keep making new ones once word spreads about the website to avoid.
A WHOIS lookup about scleak.com shows that it was registered on January 8, 2015 with a proxy service (WHOISGuard in Panama) to protect the identity of the real site owners. This step alone demonstrates a level of sophistication and willingness to spend some money on perpetrating the scam.
Our advice to victims is to immediately change your password to your Snapchat account. If you use that same password elsewhere, like Instagram, Facebook, Twitter or financial accounts, change your password as well! Then inform your friends that your Snapchat account may have been hacked and used to contact them.
Also, if your Snapchat account has been compromised and you may be locked out, visit Snapchat’s support here: https://support.snapchat.com/ca/abuse
Check out more on this at:
The scammers using scleak.com have started using a new domain and the same scam targetting Snapchat account holders. The scam pretends to show old Snapz by inviting users to log into a website using their login credentials but there are no old snapz. The site steals the login credentials of Snapchat users and misuses accounts. The new contact site is called "scprv.com" and the domain was registered in Kuala Lumpu, Malaysia on Jan 24th. (Visit the WHOIS data.) TDS does not recommend visiting the site in case it contains malware.
UPDATE February 1:
The scammers perpetrating this scam are relentless! We just learned that they posted yet another new scam website yesterday, Jan. 31st. The website is schatfx.com. Stay away from it.