CommunitiesEcosystem
Search
Login
Signup
Write a post
Switch dark

Phishing: Attacks and Recovery

83
6 years ago
in#security



Always be very careful about what you click on and where you put your password. There have been a lot of malicious links on STEEM platforms lately that lead to fake Steemit websites. These fake websites look identical or very similar to the real Steemit and ask you to login. When you do, they steal your password.

When they have your password they proceed to take all of your STEEM and SBD. If you have a lot of SP, they may delegate it to their own scam accounts. A lot of good Steemers have lost their investment because of one wrong click.

What Does Phishing Look Like?

Looks a lot like Steemit. The only way to tell is by looking at the URL.

Immediately after clicking on the malicious link it will ask you to login. The real Steemit doesn't do that.

Phishing via Mobile Apps

Always independently search information about an app before installing it. Fake apps for both Dtube and Busy have recently surfaced as phishing scams. Never put your password (aka master key) into any app.

Legitimate apps will only ask for your Private Posting Key, not your password!

Report Phishing

Now there are more ways than ever to report phishing when you find it.

  1. Submit the Abuse Form http://steemcleaners.com/reports/new
  2. Contact us on Discord https://discord.gg/YR2Wy5A

What Happens When You Get Hacked?

The hackers usually change your password as soon as they can and steal all your money. Depending on which group of hackers is responsible, the account will then be abandoned or used to spread comments with more phishing links in them.

When your account starts spreading phishing comments, it will be flagged by the Steemcleaners team and other members of the community. Where possible, your reputation will be reduced to 0 or -1 in order to automatically hide the phishing comments.

Restoring Your Account

If you are a victim of phishing then you will need to restore access to your account by going to this URL and filling out the form:

https://steemit.com/recover_account_step_1

You will need to provide your account name and your version of the password (master key). Using the email that you signed up with is recommended.

After you submit the form, Steemit staff will review the application and start the roll-back process. Once they're done, you will receive an email. It is your job to check your email diligently. The process can take 24 hours or longer on average.

Your Recovery Process

You will need to edit the phishing links that the hackers posted through your comments. For this, you will need to edit each comment to change the text to something else. We recommend a message that you've been hacked.


This is what you press to Edit comments.

Do NOT use the Delete function on comments that have been flagged. When you use the Delete function on a flagged comment, we are no longer able to lift that flag.


Don't use the Delete function on flagged comments!

If the flag is one that was used to reduce your reptutation to 0 or -1, then you will be stuck with that reputation until you receive enough organic upvotes to recover what you had before.

When you're done then let us and other folks who flagged you know that you recovered! The @mack-bot @guard and @spaminator accounts are all part of the @steemcleaners family.

What Can Go Wrong?

A. You may have trouble editing your comments. If that happens, you will need to use direct links. A direct link is a link to your comment alone, not to how it appears in a post.


This is an example of a directly-linked comment.

To create a direct link like this, follow these easy steps:

  1. Go to your Comments tab
  2. Right click on any comment you want to edit and copy its URL
  3. Paste the URL into a new browser window but don't press go!
  4. Edit the URL to remove everything after the category and before your username
  5. Click on the shorter URL and edit away!

You start with this:
https://steemit.com/category/@authorsname/title-of-post#@yourusername/re-title-of-post-20180317t021312626z

And end with this:
https://steemit.com/category/@yourusername/re-title-of-post-20180317t021312626z

B. The comments may be too old to unflag. Remember, we can only remove flags up to 12 hours before a post is cheduled to pay out. Depending on when you notice you've been hacked, get your account back and are recovered, it may be too late to remove the flags. Update: Comments that are past payout may be edited now and should be to mitigate the spread of malicious URLs.

All Clear!

Once your account is fully recovered you are back to business as usual once again!

securitysteemcleanersphishinghackingaccount
6 years ago
steemcleaners83
via steemit
$ 63.92
452
H2
H3
H4
3 columns
2 columns
1 column
16 Comments