Hey @arcange, thanks for helping warn others! You got automatically picked up by @guard as one of your links is actually a direct link to the phishing site. As explained here, we're hoping to get people to use non-clickable links (e.g., badwebsite(dot)com to warn people and avoid accidents. Please consider editing your post and doing this in the future! Thanks!
That's a a great initiative to have @guard looking at links into posts. Better two warning tools than none.
I didn't mentioned the malicious websites in any link on my post. I guess @guard was alerted by the title (which in non-clickable). Or maybe it has been triggered by the title of my previous scam alerts (which do not content any malicious URL)
Some links that you think may not be clickable (specifically, removing the www, or http://), actually are: as some browsers / extensions can make them clickable anyway to "help" the user. Accidents happen, especially on mobile when trying to scroll... and suddenly the wrong link is clicked :(
We've had users report they were compromised exactly this way, clicking the wrong link in a warning post.
@anyx is right, I initially tried to click the link before I read your post. and it wouldn't click..good thinking my friend!! Question, where is the best place to get steem power delegations other than lasing it from steemit. Theirs seems a bit pricey for a 90 day lease. Trying to get my reputation up a bit more so my upvotes will be worth more. I do a lot of curation, upvotes and resteems for @familyprotection so i would like to have access to much much more steempower. Resteeming this article.
Sirs @anyx and @arcange Thank you both and I also have a phishing site to report, steemil (DOT) com (Sorry didntmean to trigger the antiphishing bot but I had to TALK about steemil with an L not a T o with an l instea of a t, its VERY powerful as a short name like that with such a close resemblance to steemit, and maybe on a phone keyboard or in another languages key setups its easy to confusethe t for a lowercase L? Anyway the steemi . com LOOKS JUST LIKE steemit.com because your BRAIn will MAKE UP for the lack of a crossed T and cross the t FOR you! The lack of space under the letter I completes the optical illusion!
It si a POWERFUl mis spelling of the name steemit, and when you have a name like steemil runnning around, it sucks. And I believe my friend @steem4depoor got hacked with THIS phishing scam, and has to use abackup account @steemgh now since account recovery from @steemit still hasn't gotten back to him according to him, and they seem backed up at the moment, maybe they did freze it thought because the attacler has nit powered down his steempower yet?
Anywaythat steemil . Com phishing site looks just like stem its very advanced and would easily fool noob,
THE ONLY way I see to solve this is to start PRESSURING the new users to ONLY USING POSTING KEYS and Active keys to withdraw, but that Posting keys should be the ONLY thing you use when you login to a new browser etc.
If users are just entering in their owner key to steemconnect its hard to avoid but for steemil and other sites, we should encoruage people to just NEVER login to ANY steemconnect page UNLESS they get there through their OWN entering in of the steemconect url!
Sometimes I think we should have an Optional Service to allow a big experienced company to hold Oner keys, and allow custoers to have posting and active keys OR no keys at all and just login with username and password and 2FA, it would eba fuck lot easier if wehad our own 2FA, maybe have insurance on oru accounts if we pay a small fee, man I think new uesre shiuldnt be hndling keys, I think we should havea third party service , but I don't k ow if Post Rewards would fund something like that?
I hope 2FA is included in HF21 or something :D
Anyway man, Thank you for all your work and I hope the damage done by scammers and KNOWN accounst associated wiuth phishing are somehow removed or have comments removed from the front end, so that people have the safety they deserve, AND it won't hurt OTHERpeoepls freedoms! It canbe an Opt In system to auo remove and BLACKLIST know scammer content form YOUR own brower, likethrough @armandocat ;s Steemit Plus crhome extension, we could EASILY just have a Blocked user black list, and intead of making a new uer manually go an block all the known black lited accounst we could have the extensin just remove them all automatical to make using steem a lot safer? Anyway sorry if I am rambling I am getting tired but I just have so many thoughts about ll of this stuff, its such a cray problem to deal with all the spheres of privacy blockchain secuity freeom all at once here!
WARNING! The comment below by @ackza leads to a known phishing site that could steal your account.
Do not open links from users you do not trust. Do not provide your private keys to any third party websites.
Sorry didn't men to trigger the anti phishing botbut I forgotto buta spacebetween the steemil . Com like THAT, and I shouldn't have put that there b ui HAD to TALK about the probllem because no one elsewas and I made sure not to actually make it a clickable URL and I made the entir epost ABOUT how it was a known phishig site, I deletd that commenttho and made sure to reporst without the phishinglink as a LINK buti didn't know that would regitser, sorry, didn't mean for the false alarm.
Just want to make sure people don't think my account is hacked or something, sorry false alarm everyone
I don't know if this is legit or not but I have gotten this notice in my wallet with a donation/transfer of .001 sbd into my account twice now with this promotion tag attached. I haven't used the service because I don't know if something like this is trustworthy.
Hello Friend , Promote your new post . Your post will be more popular and you will find new friends . We provide "Resteem upvote and promo " service . Resteem to 14.000+ Follower , Min 45+ Upvote , Hottopic Upvote . Send 1 SBD or 2 STEEM to @hottopic ( URL as memo ) Service Active
thanks for the information I stayed away for a post from another user never follow strange links, I'm really glad that there are people who are aware of scammers, who want to hurt users grateful brother
Thank you @arcange for this useful info. I would just add that it is not just www.steemitfollowup(dot)ml, but also www.steemitfollowup(dot)cf, like at this post of mine:
Hey @arcange, thanks for helping warn others! You got automatically picked up by @guard as one of your links is actually a direct link to the phishing site. As explained here, we're hoping to get people to use non-clickable links (e.g.,
badwebsite(dot)com
to warn people and avoid accidents. Please consider editing your post and doing this in the future! Thanks!Hey @anyx,
That's a a great initiative to have @guard looking at links into posts. Better two warning tools than none.
I didn't mentioned the malicious websites in any link on my post. I guess @guard was alerted by the title (which in non-clickable). Or maybe it has been triggered by the title of my previous scam alerts (which do not content any malicious URL)
Some links that you think may not be clickable (specifically, removing the www, or http://), actually are: as some browsers / extensions can make them clickable anyway to "help" the user. Accidents happen, especially on mobile when trying to scroll... and suddenly the wrong link is clicked :(
We've had users report they were compromised exactly this way, clicking the wrong link in a warning post.
Yep, this I fully understand.
But if you look at my post content, except in the title, there is no "wrong link".
I would be glad to know what exactly triggered @guard (you can provide me with the answer on steem.chat). Just my 2 cents to improve it.
@anyx is right, I initially tried to click the link before I read your post. and it wouldn't click..good thinking my friend!! Question, where is the best place to get steem power delegations other than lasing it from steemit. Theirs seems a bit pricey for a 90 day lease. Trying to get my reputation up a bit more so my upvotes will be worth more. I do a lot of curation, upvotes and resteems for @familyprotection so i would like to have access to much much more steempower. Resteeming this article.
Sirs @anyx and @arcange Thank you both and I also have a phishing site to report, steemil (DOT) com (Sorry didntmean to trigger the antiphishing bot but I had to TALK about steemil with an L not a T o with an l instea of a t, its VERY powerful as a short name like that with such a close resemblance to steemit, and maybe on a phone keyboard or in another languages key setups its easy to confusethe t for a lowercase L? Anyway the steemi . com LOOKS JUST LIKE steemit.com because your BRAIn will MAKE UP for the lack of a crossed T and cross the t FOR you! The lack of space under the letter I completes the optical illusion!
It si a POWERFUl mis spelling of the name steemit, and when you have a name like steemil runnning around, it sucks. And I believe my friend @steem4depoor got hacked with THIS phishing scam, and has to use abackup account @steemgh now since account recovery from @steemit still hasn't gotten back to him according to him, and they seem backed up at the moment, maybe they did freze it thought because the attacler has nit powered down his steempower yet?
Anywaythat steemil . Com phishing site looks just like stem its very advanced and would easily fool noob,
THE ONLY way I see to solve this is to start PRESSURING the new users to ONLY USING POSTING KEYS and Active keys to withdraw, but that Posting keys should be the ONLY thing you use when you login to a new browser etc.
If users are just entering in their owner key to steemconnect its hard to avoid but for steemil and other sites, we should encoruage people to just NEVER login to ANY steemconnect page UNLESS they get there through their OWN entering in of the steemconect url!
Sometimes I think we should have an Optional Service to allow a big experienced company to hold Oner keys, and allow custoers to have posting and active keys OR no keys at all and just login with username and password and 2FA, it would eba fuck lot easier if wehad our own 2FA, maybe have insurance on oru accounts if we pay a small fee, man I think new uesre shiuldnt be hndling keys, I think we should havea third party service , but I don't k ow if Post Rewards would fund something like that?
I hope 2FA is included in HF21 or something :D
Anyway man, Thank you for all your work and I hope the damage done by scammers and KNOWN accounst associated wiuth phishing are somehow removed or have comments removed from the front end, so that people have the safety they deserve, AND it won't hurt OTHERpeoepls freedoms! It canbe an Opt In system to auo remove and BLACKLIST know scammer content form YOUR own brower, likethrough @armandocat ;s Steemit Plus crhome extension, we could EASILY just have a Blocked user black list, and intead of making a new uer manually go an block all the known black lited accounst we could have the extensin just remove them all automatical to make using steem a lot safer? Anyway sorry if I am rambling I am getting tired but I just have so many thoughts about ll of this stuff, its such a cray problem to deal with all the spheres of privacy blockchain secuity freeom all at once here!
WARNING! The comment below by @ackza leads to a known phishing site that could steal your account.
Do not open links from users you do not trust. Do not provide your private keys to any third party websites.
Sorry didn't men to trigger the anti phishing botbut I forgotto buta spacebetween the steemil . Com like THAT, and I shouldn't have put that there b ui HAD to TALK about the probllem because no one elsewas and I made sure not to actually make it a clickable URL and I made the entir epost ABOUT how it was a known phishig site, I deletd that commenttho and made sure to reporst without the phishinglink as a LINK buti didn't know that would regitser, sorry, didn't mean for the false alarm.
Just want to make sure people don't think my account is hacked or something, sorry false alarm everyone
Hi, @arcange. Thank you for the heads up. I saw one and a friend sent me another. Here they are:
thank you soo much you save my life
Your all post are great,sir. so i follow you all time..
I don't know if this is legit or not but I have gotten this notice in my wallet with a donation/transfer of .001 sbd into my account twice now with this promotion tag attached. I haven't used the service because I don't know if something like this is trustworthy.
Hello Friend , Promote your new post . Your post will be more popular and you will find new friends . We provide "Resteem upvote and promo " service . Resteem to 14.000+ Follower , Min 45+ Upvote , Hottopic Upvote . Send 1 SBD or 2 STEEM to @hottopic ( URL as memo ) Service Active
Better to stay away from resteem/upvote promises. They are often fake or useless waste of money.
Nice catch on that one. These bastards are everywhere now.
thanks for the information I stayed away for a post from another user never follow strange links, I'm really glad that there are people who are aware of scammers, who want to hurt users grateful brother
Thank you. Resteemed so my Followers are aware of this also.
Thanks for spreading the news, @woodywood143
This post has added more to my knowledge base about the topic. keep it up please, looking forward to more from you.
Thank you @arcange for this useful info. I would just add that it is not just www.steemitfollowup(dot)ml, but also www.steemitfollowup(dot)cf, like at this post of mine:
https://steemit.com/money/@lighteye/the-war-us-vs-china-a-chances-of-hot-war
I suppose there will be more (dot)?? as the “business” goes on…
Hey @lighteye, thanks for notifying. I will update my WarningBot!
You are welcome, @arcange. Keep up a good work.
Reported: https://steemit.com/steemit/@arcange/phishing-site-reported-www-steemitfollowup-dot-cf