WARNING: Be careful for Active Phishing Scams on Steemit

in #steemit7 years ago (edited)

traveling on a student budget (6).jpg

18 hours ago our hard earned Steem Dollars have been stolen out our wallet by a very insensitive hacker. We had know idea that there were hackers active here on #Steemit and that something like this could happen to us. That's why we want to share our story to warn you guys to be very careful for these phishing scams!

What are Phishing Scams?

Phishing is a type of online scam where criminals send an email (or in our case a message on Facebook) that appears to be from a legitimate company asking you to provide sensitive information (in this case steemit username and password). This is usually done by including a link that supposedly takes you to the company’s website where you are asked to fill in your details – but the website is obviously fake (but very clever and professional) and the information you provide goes straight to the crooks behind the scam.

From our point of view, phishing scams are a threat to us as users of steemit, and investors who invest in Steemit or people who want to invest in this platform in the future. It's sad it can happen and it's unfair for users that are putting in hard work and dedication to build relationships and their reputation.

Contact on Facebook

We are active in a lot of Steemit Facebook groups to promote our posts and to help others. It's a great way of building relationships and to get your posts noticed by a bigger audience but like we experienced now, it has a down side as well.

Our hacker, named "Max Less" noticed my post(s) and contacted me with the message that he 'noticed my work and that I might wanted to check out his offer on his site which was for a limited time only', something like that.. Immediately after I found out he hacked us I rapported him on Facebook so I can't see his account anymore (which he most likely has deleted by now..).

Don't visit this website: steemautobot.trade !!!

Okay so I visited his site called steemautobot.trade and joined for the 'free 30 upvote for days'. I had to log in with my steemit account details, didn't think twice about it. It looked trust-worthy because of a 'steemconnect' log-in. We heard about Steemconnect but we are still fairly knew and haven't looked into those things. Neither did I ever expected or even think about the possiblity to get hacked on Steemit because it's so well secured.

How do you know if your account has been hacked?

You will get a comment on your latest post from @buillonstackers, which looks like this:

Schermafbeelding 2018-05-07 om 23.08.28.png

If it wasn't for @bullionstackers, I wouldn't have known it so fast but know I was able to immediately take action and submitted a request for account recovery. I'm forever grateful because 12 hours after submitting I got an e-mail to recover the account.

Check your wallet

After reading the comment, I immediately checked my wallet and very sadly, our hard earned Steem Dollars were transferred to another account. Please be aware of this account!!!

Schermafbeelding 2018-05-07 om 22.16.44.png

These were our first earned Steem Dollars so it's a bit painful but mainly it feels unfair!

Our advice for you if you've been hacked

This has helped us to keep our account and reputation:

Conclusion

  • Don't ever trust people you haven't made a connection with and don't ever log in with your steemit username and password into a website you don't know or haven't heard from.
  • First do some research and ask people you trust or ask help in Discord Channels if you can trust that person and/or website.
  • Follow and check @bullionstackers account to be updated about Phishers/Hackers accounts!

I can't blame anyone but myself for trusting the website and logging in with my details. In retrospect, it was just stupid. But I still think that if I would have known there were Phishers and Hackers active on Steemit, I would definitely be more careful and aware and then this probably would not have happened. That's why I hope this post will make you more aware to be careful for Phishing Scams so this won't happen to you! Hopefully it was helpful and gave it some more insight on this topic! If so; please RESTEEM this post to share with as many as people possible!

Sort:  

This Post is Supported by @author-fund
( This account will send some fund to help you get back on your feet )

@author-fund is another Account by @bullionstackers
Another Community Project
Please click to Read

Author-Fund Intro Post, Please Read
Author Fund Fundation - vol. 1 Awareness ( Eng / Bahasa )

I love what you’re doing for this community! Your support means so much! Keep doing what you’re doing. I am following you and will definitely share/promote your projects in the future!

I'm sorry to hear you lost funds! At least you reclaimed your STEEM account.

I inspected the website, which actually looks semi-professional, minus the spelling errors. The crooks made it fairly convincing.

Here is what you have to look out for.
When you click on their sign up button they take you to their fake STEEM Connect website. I took a screenshot, as this is the first one I have seen. The URL should not look like this:

Always make sure you use the real https://steemconnect.com/
You can learn more about STEEM Connect on the official @steemitblog. It is a very useful tool in the Steemit ecosystem.
https://steemit.com/steemit/@steemitblog/steemconnect-2-0-easy-fast-efficient-access-to-the-steem-blockchain

This is so helpful!! Thank you so much for your support. I am now more then aware of it :) Learned it the hard way haha. The only thing I saw on the fake website was ‘get upvotes for 30 days for free’... Very naive and impulsive action! @steemitblog is a great resource, thanks a lot!

You're doing the right thing letting everyone know. I have given you what I can :)

Thanks a lot for your support! Appreciate it :)

Your Post Has Been Featured on @Resteemable!
Feature any Steemit post using resteemit.com!
How It Works:
1. Take Any Steemit URL
2. Erase https://
3. Type re
Get Featured Instantly & Featured Posts are voted every 2.4hrs
Join the Curation Team Here | Vote Resteemable for Witness

how can we trust you after reading such kind of post huh ?

Hey @ansolas! @resteemable is a trusted account! How you can test if it’s safe: Do what he says so put “re” in front of steemit in your url and you’ll be entering steemconnect.com where you can log in to donate 0.1 SBD for example. If a site redirects you to steemconnect.com for a payment or donation you know it’s safe! Any other site is NOT safe!

Thanks @madeforseaside :) We dont take any personal info and we dont store any tokens, cookies or anything else. All we do on resteemit is resteem posts instantly and add post URLs to lists for upvoting. Steem on, everyone!

Look at richardmans account he has scammed all sorts of people. At least he didn't spam everyone from your account. People down vote the hacked account for spamming and it ruins your reputation score

Yes I noticed he hacked more people. He doesn’t look for people on Steemit but through Facebook so he won’t spam anyone else from my account. How can you down vote an account? Well if it does ruin my reputation score there is unfortunately not much I can do about!

If he makes no posts or comments you can't vote him down

Okay thank you for letting me know!