Sallybeth23 reveals - How my steemit account was stolen, abused and later recovered

in #steemit7 years ago (edited)

64447_475102539209535_2117186031_n (1).jpg

The first indication that something was wrong was when I found myself unable to login to my account. My password was apparently incorrect suddenly.
I had my blog page on screen from the previous session but noticed to the top right of the screen, instead of my icon, just the log in sign. As I hit refresh on the page I suddenly saw all the posts on my blog not made by me but with my name as author to them. Every few minutes another was appearing.
The instant realization that someone had stolen my account and was now plastering their viral messages all over it hit me with a sickening blow.
I could not think what I had done to allow this to happen. How had my password been stolen to give someone access like this?

The post they were repeatedly reposting on my blog was the first clue of course. I realized it was a post I had briefly visited whilst cruising through the new posts section earlier that morning. Nonetheless at this point I still couldn't see how they had got me.

I set recovery in progress by going to the steemit menu - the three lines in the top right of the screen

26226080_Unknown.JPG

and clicking on stolen accounts recovery.

26226128_Unknown.JPG

I put in my last working password and my email address and was directed to wait for an email with recovery news.

I waited. Every few minutes I checked my email for a message from steemit. I waited. Minutes turned into hours and still nothing in my email.

I thought I would contact a couple of my steemit friends and followers that I talk to on Discord to warn them what had happened to my account. They said they would find out what they could. And find out they did And actually solved the mystery for me as to how the theft had happened.

Earlier that day I had clicked on a post entitled something like - At last I found a glitch in Steemit.

There was a link on the page to take the reader to more information - I had clicked on it .

At the moment I clicked on that link a sign in for returning users appeared. This was the series of events I was reminded of when my dear friend from steemph @immarojas sent me the following picture to reveal my error.

IMG_4508.PNG

As you can see in the top left corner of the screen it clearly states non secure site. I didn't notice. I didnt think to look even. I just saw what I often see during days in and out of steemit which is the familiar box for signing in.
Had I stopped to scrutinize the page there would have been more than one sketchy looking aspect which would have alerted me but I wasn't looking for such things.

Importantly as pointed out by my new dear friend @drakos and I quote - The https isn't always the best indicator, phishing websites can have a valid SSL certificate. Instead, you need to look at the FULL URL you're visiting including the https, like https://steemit.com. Phishing sites will often trick you into something like https://steeemit.com.

Then I made another glaring mistake in my personal security. I signed in using my main password rather than my private posting key which while giving me full access to my account would only give a hacker access to post on the account and not access to do things in my wallet.

So at this point I was no longer on steemits website and handing over my main steemit password !!!!

Of course they had me!

They had woven their web and I had walked straight into it.

26225760_Unknown.JPG

As the hours passed and still no email on recovery I watched as the dollars disappeared , my voting power went ever downward and my followers started to decrease in numbers. My surfer girl icon got changed for a cat of the hackers choosing and contaminated posts were continuously being added to my blog. The only plus point was that my steem power could not be easily disappeared. I watched in agony as the hacker proceed to first attempt to power down my steem and then seemingly give up and cancel the power down. At the end of the day I still had not heard from steemit recovery.
I was gutted!
By the next morning I felt entitled to ask how much longer this was likely to take without seeming like a nag. I knew other accounts had been stolen along with mine and that I might have to be patient. So I got into steem.chat and spoke with the steemabuse volunteers hoping for some reassuring news. As I was pressing for contact to a higher power from whom to beg a quick recovery, thankfully @drakos told me to contact @andrarchy for immediate help with stolen account recovery.
Within minutes of me contacting @andrarchy the email arrived and my account was recovered.

It was all over as suddenly as it began. It took me some hours to clean up the mess left from the hacker in my blog and there are still a bunch of resteems on my blog from him that I cannot delete. This is the scar left to tell the tale but I am grateful to be scarred yet alive still in the community. I am weakened by the theft of my cash but hopefully in the coming days my posts will generate enough to cover the loss and I shall feel totally recouped voting wise. I only have the strength to comment right now around the community - please excuse me for not upvoting your posts for the next few days.

So to sum up, if you are new here like me take care of your account. Do not sign in with your primary password and always be vigilant that posts don't lead you away from steemit to insecure sites. There are constantly elements at work that would strive to upset our community but at the same time be reassured that the block chain here is protecting your crypto like nowhere else can right now.

Be safe.

Steem on!

Have a beautiful day.

In the interests of protecting the most number of people here PLEASE RESTEEM this post.

Sort:  

I'm glad that you managed to recover your account. Hope you'll quickly go back on track. I'll share your story with a few of my followers to spread the word around. Hold on and good luck!

Thank you very much, I so appreciate your support xx

So sorry this happened to you. Just a reminder of how careful we should be with our passwords and to stay vigilant. Glad you were able to make it back and provide us with this informative post. I'll be resteeming it to help others.

thank you very much for your kind comment and for the resteem. I am so relieved to be back.

Wow, that is super scary and frustrating! Hopefully you will be back on track quickly.

thanks for your kind comment

That's so awful!! I saw the posts they were posting and knew right away it couldn't be you! I'm glad you're back! :)

Thanks very much @jamisa it was a terribly long and painful 36 hours 😂

please resteem this to help protect the community.

Welcome back @sallybeth23 resteemed and upvoted :-)

Thanks very much @shasta that is much appreciated.

This post received a 2.11% upvote from @randowhale thanks to @sallybeth23! To learn more, check out @randowhale 101 - Everything You Need to Know!

The https isn't always the best indicator, phishing websites can have a valid SSL certificate. Instead, you need to look at the FULL URL you're visiting including the https, like https://steemit.com. Phishing sites will often trick you into something like https://steeemit.com.

Oh thank you @drakos you are still saving my life! ;)
That is invaluable information that I am now editing in to the post above.

damn they can also try steemitt.com ?

Opps, I thought the same that she would have entered her master key in that, but at the same time I was really confused as to how can someone with a good reputation can do that, that was really confusing for me , but anyhow its a pleasure to have you again :)

I have a good reputation from my hard work here but I was still a little naive of the dangerous world I live in haha I have grown up fast in the last few days.
Thanks for your support.

haha thats good to hear ;D

So happy this was resolved :D

Every one please upvote and resteem this post to let all Steemians know how to avoid this fate themselves!

Thanks for the resteem and kind comment @icedrum