You are viewing a single comment's thread from:

RE: ILoveWWW Phishing Attack on STEEM

in #phishing7 years ago (edited)

You could just use another account as "cold storage"

Steemconnect doesn't always ask for the active authority, that depends on the permissions the app you use requests.

Sort:  

I actually thought about that after I hit post. lol It's not a bad idea, really.

So it's up to the app? Meaning that busy (or similar) could change the code to allow you to sign in with only your priv posting key?

Dtube does that. It's not really a solution since the phishing sites all replicate Steemit, they don't care about the other frontends. And most users just use Steemit. Part of the problem is there's intermittent unannounced work on Steemit and the site starts glitching out. When that happens people get used to being logged out, forms not loading and other crap. So when they click on a phishing link and get 'logged out' its business as usual.

No, no, of course not! Phishers will phish and people will continue to stay dumb to it.
My comment was a bit off topic come to think about it. lol I feel better now though, thanks for letting me have a little rant on your post. ;)