The ongoing phishing scam makes new victims every day. We can't stop the scammers, but we can make people aware. I'm counting on you to do just that!
Source
Alert
Okay, my friends, listen up! We’ve got to act.
If you’ve been following me for a while, you know I was the victim of a phishing attack a couple of weeks ago. Fortunately, I was able to get my account and reputation back, but that was not the end of the story.
The truth is that the phishing scam is still going on, and new victims are made every day.
SteemIt Inc. doesn’t seem to care, so there are accounts that can keep sending hundreds of stolen SBD to Bittrex as we speak. There is nothing that can be done if SteemIt Inc. looks the other way. (FYI, Bittrex has been contacted to see if something can be done from their end.)
Awareness
So, our hands are tied when it comes to stopping the scam from happening. That means that all that is left for us to do is to bring AWARENESS to the people.
We need to make sure no more people fall victim, by educating them.
To give you an idea of the scale of the phishing scam: there are currently 66 domains that are known to be phishing sites. 66!
Source
Smart
Maybe you’ve noticed that @anyx has built a bot to detect comments that link to one of the known sites. When @guard detects such a link, a comment is posted to warn people.
But the scammers are smart... They’ve changed their tactics, and are now posting comments without the actual link, so they stay under the radar of the @guard bot.
Not to mention all the wallet messages that are being spread...
What To Do
If you happen to run into one of such phishing comments, it is important to report it as fast as you can. Head over to the ‘phishing’ room on the @steemcleaners’ Discord channel and leave a link to the account’s comment profile. They’ll take care of it then.
Security
I know I’ve been repeating myself, but it is simply too important:
- NEVER use your master password, owner key or private active key to log into a site - not even SteemIt.
- Don’t click promotion links in comments or wallet messages. They can be a phishing link, but they can also bring you to a site that infects your computer with a virus. (See this post)
- Never give your credentials to an external website unless you are absolutely sure it is a verified one.
Source
IMPORTANT: if you have fallen victim, but have managed to get your account back, make sure to edit all phishing comments sent out through your account.
I see too many people that leave those comments in place. You should realize you’re endangering others if you don’t make those comments harmless. You can use the mass comment replace script to make that job a little easier. You can read more about it in the guide I wrote
Contest
People need to be warned. Need to be educated. And I’m counting on you to do so.
Write a post about the phishing scam that is going on. Make your followers aware. Tell them how to protect themselves.
That’s it.
So I want a post from you that contains this information:
- What is phishing (or what's going on on SteemIt)?
How can people protect their account?
Add a link to this post as a reference to get more information.
Please do your research so you won’t give people wrong information.
Once you’ve posted your article, leave a link to your post in the comments section below.
Source
Why do I ask for a link?
If everyone would just write a comment on this post, the message would not be spread.
If you write your own (short) post, the message will reach not only my followers, but your followers too.
Imagine 50 people writing a short post about it. We’ll be reaching the followers of all 50... That’s a whole lot of people...
The word needs to get out...
You can find a lot of info about what’s going on in some of my older post, but there are more people that are writing about it. Pay them a visit and educate yourself first, then pass on the knowledge to your followers. Check out the blogs of people like for example @arcange and @guiltyparties to find information.
You can also find a whole lot of useful information in this post by @guiltyparties: Phishing Messages + FAQ
Another interesting post on the topic:
Don’t get hacked - How to be Smart! by @themarkymark
And my own posts:
Got Hacked? Here's How To Get Your Account And Reputation Score Back!
Quick Tip #3: Always Use Your PRIVATE POSTING KEY To Log In!!
Prizes
7 days from now, after post-payout, I’ll reward the best 3 posts.*
1st place: 10 SBD
2nd place: 6 SBD
3rd place: 4 SBD
5th place will be rewarded with 2 @steembasicincome shares, sponsored by @fullcoverbetting
I’m counting on you to spread the word. We nééd to make sure no other people become a victim.
If you don’t want to write a post, please be sure to resteem one of the posts I linked to above. Your followers nééd to be educated.
If you want to contribute to the prize pool and make this contest more attractive to join, feel free to send me a message. You can leave a message below, or contact me on Discord: simplymike#5759
I reserve the right not to pay out the prizes if there are less than 3 entries and/or the entries don’t live up to quality standards.
More Posts You Might Like
📱Earn More Steem With This New, Free Q&A Mobile App
Most SteemIt Game And Contest Hosts Are Breaking The Rules! Are You?
🏆 CONTEST: Tell Us The Story Of Your Profile Picture & WIN!!
Got Hacked? Here's How To Get Your Account And Reputation Score Back!
Manna banner taken from Mannabase.com
This post contains affiliate links to Bitsfarm and Mannabase. I will receive a compensation if you use these links to sign up
Thanks for this opportunity . It helped me really understand phishping and i think i wrote a masterpiece about it...@kamiikazer plus a link to check it out.
https://steemit.com/phishing/@kamiikazer/anti-phisphing. Hope its good enough @simplymike
https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx
https://www.google.com.ng/url?sa=t&source=web&rct=j&url=https://en.m.wikipedia.org/wiki/Phishing&ved=2ahUKEwiH9ODu7LLaAhWKY1AKHbFbCMYQFjAcegQICBAB&usg=AOvVaw0Px12Wv24epHjK1MuiArzS
https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/
These are some links that may help you have better knowledge.
Thanks for entering the contest, @kamiikazer.
You know this bee can't be everywhere! Resteeming so others can see this post.
Congratulations you have been resteemed as part of #newbieresteemday's top posts for the day! We invite you to use our tag to connect with more of our members. To learn more: Come Join Us!!! (Newbie Resteem Initiative)
Took a little bit, but I have one out for my followers.
https://steemit.com/justbecause/@bashadow/you-have-lost-control-of-your-account-what-now
;)
https://steemit.com/steemit/@omitaylor/protect-your-ass-i-mean-assets
I really liked your post, @omitaylor. Coincidence or not, I had the Insteem news site open in a tab for a couple of days. I left it open to not forget to check it out. Earlier today, I decided I should take a look at it. Your post was the first one I saw. :0)
Thanks for helping to spread awareness. I’m glad I took the risk to visit ‘your streets’ with my b^tchy ass ;0)
Here is my entry:
https://steemit.com/phishing/@bengy/friends-bots-and-steemians-phishing
Thanks for spreading the word, @bengy. I really appreciate it :0)
Sadly, even with a couple of bots thrown at it, I'm not sure anyone will read it...
That’s the struggle we minnows or red fish are fighting every day, aren’t we? Even if there’s only one person who reads it, you might have saved him from future trouble. To me, that’s worth it...
Save one, save them all..
I resteemed because it needs to be said @simplymike. I will write a post on this and share in the comments tomorrow.
https://steemit.com/@mineopoly/keys-and-laced-links
Thanks for the support, @mineopoly
And thanks for your post too! I teally appreciate you helping to spread the word.
I did mine last night and almost forgot to leave it here lol
https://steemit.com/steemit/@lynncoyle1/please-don-t-be-the-next-victim-of-a-phishing-scam
I saw it had been featured by @jaynie, and was about to ask you if you had put a link in this comment section. Apparently, you did :0)
See I'm still trying to catch up from last week! I saw your comment to @jaynie earlier today! I've been pulled away from my laptop so many times today, I am just now finishing responding to all of my 'replies'!
@simplymike Here is my entry. I was waiting to place it in my Magical Monday - https://steemit.com/steemit/@magicalmoonlight/hacked-don-t-be-a-victim
Thanks @magicalmoonlight. Great, informative post you have there. Thanks for spreading the word!
Thank you for this opportunity. I resteemed this post to reach a wide audience
Here is my entry for the contest
A must read for everyone on the steem platform or that has a blockchain wallet
https://steemit.com/teardrops/@inspiredgideon1/escaping-hackers-phishing-sites-and-links-on-the-steem-platform-and-the-internet-in-general
Thanks for your in-depth post, @inspiredgideon1. I really appreciate that you are helping to raise awareness.
Thank you very much.
Thank you for sharing all the valuable information with us @simplymike
Here is my entry for the contest: https://steemit.com/scam/@lucygarrod/how-to-beat-the-scammers-on-steemit-step-1
Lets make Steemit safer!
xx Lucy
Thanks, @lucygarrod
That one just cracked me up :0)
I really appreciate you spreading the message. We can’t stress the use of the posting key enough. You can still be tricked, but at least your funds would be safe.
I’m glad that message is spreading, because when I first started here on SteemIt, no one told me that the ‘master password’ shouldn’t be used as your password. I had to learn the hard way.
Thanks for entering the contest, but even more for spreading the word!
They are a plague. I’ve written a chrome extension to try add a layer of protection:
https://steemit.com/utopian-io/@quochuy/steemed-phish-v0-0-28-phishing-detection-improvements
This looks like a very useful tool. I’m going to try it out instantly!
There was an issue with the blacklist service yesterday, it's fixed now.
This is great work my friend. And I want you to know I'm trying to do my part. Below is a link to the post that I made. Please keep in mind however it's a pretty simple post because like everything I do at my place, it's more aimed toward our new people. In any case thank you for raising awareness. And fighting a good fight.
https://steemit.com/stopphishing/@johndoer123/warning-friends
Thanks for your entry, @johndoer123.
It’s a simple to understand, clear message :0)
Can I ask you to add a link to this post as a reference, so if people want more info, they can find it here?
I'm doing it now. That's a good idea. I'm sorry I didn't think of it.
I've only just been pointed to this contest (thanks @conradt!), but I coincidentally posted my own post about Phishing, what it is and how to prevent it the other day. I've gone back and added a link to this post.
https://steemit.com/safety/@johngreenfield/internet-safety-phishing-attacks
Thanks again @simplymike, you're one of my favourite creators on this platform!
Thanks, @johngreenfield. You’re making me blush ;0)
Just read your article. Nice one!
Thanks for helping to spread the word!
Just keep doing what you're doing! I feel like I'm only following in your footsteps
Great initiative @simplymike!!!
Hover Look b4u Click...
That was quick, @wizardave. Congratulations on being the first contestant. I left a comment on your post.
(You do like list, don’t you?! Lol)
Cool. Yes, I do like list... 😜
Be sure to Hover Look b4u Click...
Thanks again @simplymike for this. I learnt a lot even from my own mistake and I will sure make a post out of that. This is the link to my entry: https://steemit.com/phishing/@imbigdee/the-menace-called-phishing-we-should-be-careful
Good luck to all of us.
Thanks @imbigdee
I’m sure @patrice will show up soon to remove the flags.
I really appreciate your contribution!
Hey @simplymike! here is my article:
https://steemit.com/safety/@conradt/keep-yourself-safe-from-phishing-scams-on-steemit
AWesome! Thanks, @conradt. I really appreciate you taking the time to spread the word!
No problem thanks for running the contests a great way to bring more information to Steemians about this topic!
Somehow I missed your post earlier in the week, but regardless, I found it. Did you know that a fellow steemitblogger (@fionasfavourites) just got scammed too, but thanks to @zord189 especially, and several others, she's up and running again.
Here's the quote on my profile :
Seems fitting here. I'm doing my post now, regardless of your contest or prizes. I really hate that many of those at a higher level seem to not care? about it. Except @arcange ...I see him all over the place and I wish he didn't have to be so busy. Of course scammers will be all over steemit; it's a goldmine because so many are ueducated and unsuspecting.
Good idea @simplymike!
I am now locked out of my @steemit account, but seem to be able to respond here, on Busy. Going to see how long it takes to get back on track.
That really bothers me: that busy works, but steemit doesn’t...
Keep me up to date about what happens, @fionasfavourites
This is your new mission, isn't it @simplymike? :)
Apparently - lol
Bit the mission chose me instead of the other way around... ;0/
I will. I DM-ed the Steemcleaner I've been dealing with. He tells me that the account recovery is done manually, and as this happened on Friday, there may be some delay. That said, I am also confused. What I do know is that I can post on Busy, but not do anything else like change settings. Also, my password to get in here was SteemConnect and not through Steemit, so different. And clearly only for posting. This passowrd for this and another for that has also been part of the learning curve.
So, if I understand correctly: nothing special happened, but suddenly you couldn’t log in to SteemIt anymore with your posting key, not your private key? And you can log into busy with your posting key? Have you tried mspsteem.com
It would seem so. No, I don't know mspsteem.com - tell me more?
It’s another interface for steemit. But maybe you better wait and follow the advice of steemcleaners...
I'm sorry to hear that, but I'm glad you're at least on Busy. Doesn't make sense though, does it! Hope you get it straightened out soon ;)
Thanks, Lynn, me too!
This post has received a 2.66 % upvote from @booster thanks to: @simplymike.
You got a 9.40% upvote from @upmewhale courtesy of @simplymike!
Earn 100% earning payout by delegating SP to @upmewhale. Visit http://www.upmewhale.com for details!
This is a timely awareness campaign, @simplymike. Word needs to go out there, and i am glad you started it.
I am re-steeming this post, and, whereas i have my own reservations about using bots, this is one of those few times when i am compelled to use them.
So i am sending some small bid to , i don't even know which bot, but will quickly find out, to help in pulling this post up more.
In whole part because this caution needs to go out there. And maybe this is the quickest way.
In the same vein, i am making a personal appeal to all to resteem this post and support it in every way. Anybody out there with some good SP? This post needs to climb up, and an upvote can give it some traction.
The contest you include, is of course as encouraging and incentivising as it gets. A creative way to catch attention!! You can count on me to be part of it, so long as my schedules permit.
At any rate, rest assured many will owe you for this!
@mirrors
Thanks for the support, @mirrors!
I did know it was bad, but I only realized how bad this thing was when I hung out at the steemcleaners Discord channel a couple of days ago.
I’m trying to track down people that fell victim, tell them to edit the phishing comments, but that sounds easier than it is :0(
Anyway, I couldn’t think of a better way to get the word out in as many directions as possible than to make it a contest. I hope I will get at least a couple contestants. Every article that is written about it is a victory, since it will reach more people than just my followers.
I wish I had hundreds of Dollars to spare to get it up to trending, but I don’t - lol. Guess I’ll have to be creative to get the word out about this. ;0)
Thanks very much for always updating us on such important issue.
i'm really grateful. @simplymike.
You’re welcome.
It’s important to get the word out, because new people are falling victim every day...
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by simplymike from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.
These messages have become a tad silly, I am going to read your post on what to do to help stop this wave of abuse @simplymike
Thanks, @joanstewart.
The more people know how to protect themselves, the less people will fall victim.
This is an awesome way to spread awareness through the community! They are definitely getting smarter. I have had a few comments that I was tempted to click on myself. Luckily, the bots and others who are raising awareness quickly flagged them down and wrote a warning comment. If it wasn't for the awareness, I would have been a victim by now and we need more awareness on Steemit. It is rather pathetic and incredibly sad that people would even do this to someone but all we can do is warn people.
True. After spending some time in the Steemcleaners Discord channel I learned that only STINC has the power to do something, like close the accounts that are sending the stolen money to Bitttrex.
It’s a shame they simply don’t care...
So there’s nothing we can do to stop it. Making people aware is the only thing we can do. I do hope someone catches the bait and writes a post. I would be satisfied with just one entry, so it will spread further than just my followers and the Discord groups I’m a member of...
P.S.: of course it would be awesome if there was more than one entry ;0)
Release the Kraken! You got a 50.00% upvote from @seakraken courtesy of @simplymike!
This post was resteemed and upvoted by @anupbose and @apukb for Upvote and Resteem to 1,777+and 1015+ Followers Send 0.100 SBD or STEEM to @anupbose with URL in the Memo thanks to @simplymike for using my service.
Great information @simplymike!
I did not even know about the @steemcleaners Discord channel but directly joined.
Also, I missed your "Got Hacked? This 'Mass Comment Replacer' Script Will Help You To Recover Quickly" post. Thanks to this one I got it bookmarked now :)
Great work - I'll resteem if you don't mind - this message must be spread!
Of course I don’t mind. The entire idea was to get this message seen by as many people as possible. :0)
Glad I could show you the way to the Discord channel of @steemcleaners. I hope you’ll never need it ..,
Take a look at these 2 links, same company. First one is the actual reporting of phishing site link and the second is one explaining their services. Looks like the reporting is free and then they offer other services that are paid.
https://toolbar.netcraft.com/report_url
https://www.netcraft.com/anti-phishing/phishing-site-takedown/
This might be a way to help protect some people. Haven't had time to research it, but maybe if you take a look into them you might have a solution to help protect some people.
Thanks, @thedarkhorse. I’ll look into them
Hope people become aware of the phishing scams. You already know I plan on taking a break from writing. One contest winner post to write and I’m done until I am inspired by something again. I did resteem and hope to get more exposure on this.
You’re relieved from this job, @beeyou ;0)
Thanks for resteeming!
Well I'll miss you during your break. I am so happy however that I got every opportunity that I did get to speak with you. Please just don't disappear. Because we do need good people like you here. Thank you so much for everything that you've done for me. All my love to you until we meet again. And may our creator bless you and all of yours.
I will pray for you to be inspired.
Good info! Question though: You say not to use your Private Active Key to log into Steemit, but don't you need that in order to access your wallet and make transactions?
Yes, of course. But for your daily logins, you use your posting key. When you make a transaction of some sort, you’ll be asked for your private key. Then
You can use it, of course :0)
Thanks a lot for the post @simplymike!
Albeit using Steemit for a couple of months now, I am also still really confused between the different keys, as so far I remember only to have been asked for the Private one. At the same time my email adress is getting more spams, and crap stuff wich seems to be sent by my own email including dodgy links!
What with steemconnect for instance, it's the private key required if I recall correctly or? What about stuff like steemauto and steemdunk? They seem legit but how can you spot sites that could be scam? One discovers every day platforms where keys are asked and for people who are not into the technical side, it is complicated to make the part!
Do you know if there's any post that explains this (so about the various keys) in 5 years old language?
A big shame indeed that STINC isn't showing more care, friends of me who wanted to register really got cold feet because of the opacity of the company.
Thank you again!
For daily posting on SteemIt, you use the private posting key. For transactions through Steemconnect, you need the private active key. If someone gets his hands on your private posting key, he can post and comment with your account, but your funds will be safe.
It’s important to NEVER use your master password (which was the first one you received to get into your account)
I think there’s a pretty good explanation about the keys in the FAQ:
https://steemit.com/faq.html#What_are_my_different_keys_for
And a part about account security:
https://steemit.com/faq.html#How_can_I_keep_my_Steem_account_secure
As for which sites and apps to trust, that’s a difficult one. I always look up what’s written on SteemIt about it, and how trustful the author is (10 articles about an app by people with a reputation score of 25 are not really trustworthy, but if people like @yabapmatt write an official release post about a site or an app, there’s more chance it is to trust - unless one of them got his account hacked, of course. This is why you can never rely on just one source.)
It’s important to pay good attention. For example, one of the phising sites that is used is autosteem (dot) info (do NOT go there). There is/was also an ‘official’ site that was called autosteem, but it was autosteem (dot) .ca. So the domain extension is different.
In my experience, there’s no ‘real’ way to tell if the site doesn’t use Steemconnect (if the site uses Steemconnect, always check the URL!!)
Somebody please correct me if I’m saying something wrong here. I’m not an expert, everything I know I have learned from experience.
Ok, seems I wasn't really getting that each key had really such different roles, hence they are called "permissions".
Since the beginning I was logging in Steemit.com and a few others like steemauto.com with my password.
So now, I made a new password and copied all the keys. I logged out from Steemit.com and the other apps. I quickly looked if Chrome saved a password but it said none.
Then logged in again but this time with the Private Posting Key. Until now I think I do correct? :D And if I need to transfer or other operations then I use the Private Active key! I think I am getting there.
My last question is, is there any difference (besides that they are different) between the password and the owner key? As they seem to both give the same permissions (everything).
They are like, if any problem, to retrieve everything or some sort?
About the other apps, yeah better paying real attention indeed. Gonna triple check now!
Thank you again!
I think you’ve done great! If only everyone was such a quick learner :0)
I honestly don’t know if there is a difference between the master password and the owner key. I asked steemcleaners. As soon as I know, I’ll let you know
Haha luckily I came accross your post!
Still, as far as I understood, using the Posting Key instead of the Owner Key or Password is to lower the chances of these last two being used, thus exposed to theft.
But when you log in with your Posting Key, you can see the Owner Key, in the permission tab.... so a hacker who'd get in just with the Posting Key could just take it? Again I think I miss something...
Thank you for all this clarification!
You are more than welcome :0)
Its tine to fork steem and create a new platfprm with a rsponsiblle team of developers and moderators.
They have left this platform to its own devices and let many fallicies fester. I have friends who tried to recover pages and the support team never even reached back out.
It's indeed a shame that the developers have abandoned the platform.
But I don't know how to fork it ;0)
I think (I could yet be proven wrong) that the use of the password storage on Google and other browsers can improve personal security a lot. I never enter my password myself - and since my devices are connected, all of my computers (three at the moment) have the benefit of me physically entering my passwords once!
If I were to follow a link for Steemit now (unlikely since I have it bookmarked and almost always open on at least one machine) the auto-password tool wouldn't fill the incorrect page.
Great advice though - especially @wizardave's advice to Hover, Look b4u Click. So true!!!
I saw a new scam recently on my regular inbox - it pretended to be a returned e-mail, except if you've ever received a real one of those (and who hasn't?) it had some definite red flags about it... but it still opened my eyes to the one of the new ways of trying to find victims.
Good point @viking-ventures!
Facebook is notorious for such phishers... I remember seeing one where I clicked on the link and it was asking me to log in again - red flag!
I don't mind being a bit of a guinea pig on those because I have a good sense of where the danger points really are. But people are blissfully unaware of how much junk they are picking up! I cleaned up a laptop last summer which had a staggering number of infections on it. My husband regularly salvages old computers from the dump and the story is usually the same... :p
I assume you’re right, as long as there isn’t someone who has hacked himself into your computer ;0)
But maybe you have a point there, about the password tool not filling in the details on the wrong website. I never thought if that. When working on my pc, I have my keys in a text file which is on a external hard drive which I disconnect after I logged in, but what you’re saying makes more sense. Silly that I never thought of that... :0)
Due to circumstances, I’ve been working on my phone for the last 6 weeks, and I’ve come to the point that when I need to give any of my keys, I simply switch to my tablet.
I only just found out I can preview the link on my phone - lol - didn't know that up until 2 days ago.
There are loads of email scams, there have been for many years. I never click a link in an email. I go the the bookmarked site in my browser to log in.
That's why we have communities like this - so that we can trade ideas - even the ones we think are so obvious that we never thought of it!
Important passwords, info, I write down in a particular notebook as well.
I've heard it said that by the time someone has possession of your machine, it doesn't matter what else you've done (other than having another copy somewhere...)
I do have an old-fashioned notebook with important passwords myself. And a copy on an external backup drive. And I assume a lot will be in the cloud (Oh no, never thought of that before)
Having a hard drive physically in another area is another good option. I'm not too keen on the cloud though, but that's because both my dad and my husband have taught me a (hopefully) healthy level of paranoia.
Me neither. But I just realized I have set up some processes to automatically save docs in the cloud... should check on that
It’s a .txt-file, so probably worried about nothing - lol
Hey Mike!
frankly i think there should be a solution at the core of steemit.
Steemcleanres is merely a patch on an open wound at about everything it tries to 'fix'. Yet a fix is only a fix if it ever gets FIXED. Steemcleaners is more like bureaucracy. BLA BLA BLA waste tie do nothing that realy fixes things, keep people busy, come back for help. We help you, just keep wasting your time. kinda thing. So i hope this changes before the beta tag expires.
Now fighting phishing ain't easy, so for now steamcleaners is at least something.
The people at steemcleaners do what they can. They can push a tissue to your arm to stop the bleeding, but they can’t fix the wound.
They know which accounts belong to the scammers, tracked them down. But only SteemIt Inc. Can take action and close these accounts, or get access to the email addresses or phone numbers.
And they don’t do a thing.
If you ask me, they are not even planning to do something. They just don’t care and are working on other stuff.
Steemcleaners, cheetah etc are all people who voluntarily try to make this platform a safer place, but they don’t have access to the tools to fix things.
Only STINC can.
So I agree that it’s the core that needs fixing, but until SteemIt Inc does something, we need patches to stop the bleeding.
The way it looks now is that there will never be another phase than beta...
Lets see how this goes down...
great way to bring awareness to such an important topic - I should have waited to post my IRS scam article - Great advise about removing the old comments- I bet that not a lot of people think about that - it's like leaving a set rat trap laying around... thanks for helping to bring attention to the matter
No problem. It bothers me that there are still people on the platform who
A- don’t know about this
B- don’t get the full info on how to recover their account and rep
C- don’t realize they are endangering others by leaving those messages unchanged
Every day I come across cries for help because someone has been fallen victim, got his account back but doesn’t know how to go from there.
SteemIt has hundreds of thousands of users, and I can reach only a small part of them. I was hoping that by putting up a contest it would reach some other small parts...
I recently had one of those scam comments on one of my meme post. Luckily a nice steemian posted it was a scam before any of my followers were able to click the link.
It’s a good thing protection measures have been put into place...
Congratulations @simplymike! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPThank you for the continued awareness. I'm impressed you are so passionate about it. I've also gotten a couple of steemit links via twitter inbox. I don't know, but I deleted them promptly. Better to be safe. Thanks!
I can assure you, getting locked out of your account, seeing your SBD transfered out and phishing messages being sent around in your name is pretty devastating. The hackers also started to power down, so it was an aweful race against the clock to get my account back.
While this was happening, it struck me that only few people knew what to do or where to go, so I made it my ‘mission’ to educate others about it by all means possible.
That was more than a month ago, and people still fall victim every day. There is nothing that can be done to make the scammers stop, so we need to prevent that people are tricked.
Oh my God, that's really scary. Thank God powering down takes some time.
That was the first time I was happy with the 7-day delay :0€
I will write a post later today. I have to try to think of an angle...
This is an incredibly complex issue @simplymike. No ready answers here.
STINC isn't going to "do" anything because this is a decentralized structure and part of its "selling point" is that it's censorship resistant.
The Witnesses and developers can fudge with the code and potentially tweak it to the point that — for example — if someone ends up with a rep of -3 or worse, they can't post anymore. But that could be abused, as well. Admins and moderators? That becomes a nightmare in any organization with more than maybe... 10,000(?) active people.
If we truly want to keep the "spirit" of Steemit intact, what we need is something like @quochuy's Chrome extension, except as a fully featured security app that runs inside the Steemit interface and basically throws up a red WARNING! page if anything at all unusual happens, complete with a "learning engine" that picks up the instant someone triggers some kind of flag that a link is fraudulent.
Far from perfect, but at least it would be something.
=^..^=
I saw in Steemit Condenser code an array of blacklisted domains. So they are onto something. But it won’t be efficient if they hardcode the blacklist instead of an external API because any update will require a deployment
I haven’t had the chance yet, but I will check out the extension by @quochuy tomorrow.
Resteemed although it's close to the end of its payout date, purely because of all the essential information and post links here.
I'm unfortunately totally ignorant about all things technical, but couldn't all the fundis get together to stop these scammers? @utopian.io has many experts not so?
Hello! Now logged in through Busy. Weird, but hey, I'm not complaining although can't log in through the phone app. Any how, thank you for this, and I will certainly be spreading the word..
Good morning Sir@simplymike
https://steemit.com/contest/@olivia08/awareness-from-the-ongoing-phishing-scam
Thanks, @olivia08.
No need to call me ‘sir’ - I don’t like titles, ánd I’m a girl. ;0)
Thanks for helping me spread the word.
YesYoou are wellcome
I finally got around to help spread the word ....
I hope you don't mind I used your phishing image in my topic which can be found below. I credit you and this topic .
Beware : The Ongoing Phishing Scam
Of course I don’t mind. I’m glad you’re spreading the word. Thanks for that!