Access and phishing
2026-07-17
The single most reliable way people lose money on a Tor market is phishing, not the market itself vanishing. Nexus builds its access flow around that fact. The login captcha renders the real onion address into the image, so you can hold what you typed against what the server printed and catch a lookalike before you enter a password.
The onion reprints in the page header on every load, a second place to cross-check. The mirror list is signed with a key you can verify on Dread. None of these three closes the phishing hole completely on its own. Together they raise the cost of a convincing clone enough that most attempts fall apart on inspection.
The surveyor's instruction is unchanged from every other plate in this atlas: copy an address from a verified list, never type a fifty-six character string from memory, and glance at the captcha address before the password field. Ten seconds of habit against the most common way to get robbed.