CommunitiesEcosystem
Search
Login
Signup
Write a post
Switch dark

Protect Your ASS... I Mean Assets

56
6 years ago
in#steemit

There's a virus going around Steemit and it's not just stealing your password...

Untitled design (3).jpg

I don't like when people tell me what to do. I don't even like when my best friends do it. Dare I say, I don't even like when I'm asked not to do something when I know I have every right to as a grown ass adult.

Call me stubborn or whatever— I'm a Gemini on the Taurus cusp. That means I don't usually give a shit and I'm obstinate about it to boot. Further, I take a certain degree of pride in the fact that I'm a firecracker. I only make noise unless you're handling me wrong while I'm lit, then I'll probably take your fingers with me when I go off. Hey, I don't hide it. You've been warned.

So I was a bit shitty when I got a comment today by the wonderful @simplymike asking me not to hide my links with Google analytics because it's a link shortener.

Hide? B^tch holdup?! (lol)

tee-hee

Of course, my snazzy ass is thinking, "Can't you pick on someone your own size?" Then I realized, "Oh shit, we ARE the same size... doh!" Well, close. Her rep is 56.11 and mine is 52.11— how is this so? I was off Steemit for a whole year so how am I shyly behind her in rep after a month of activity?

It turns out, she was hacked. Hacked bad. I mean, bad bad. The reason she wanted me to ditch the shortener is there's a lot of funky spam accounts going around using short-links and raising hell around here. I knew about that, but I wasn't aware of what happened to her or how bad the Steemit phishing situation has gotten in the past few weeks.

Sigh

Begin tantrum sequence... "I need my analytics!" "I like my analytics!" (...my brain yelling to itself)

And I have a right to use them on the blockchain. Boss up.

Alas, all that being true— I can't be a total douchebag. I should at least consider the appeal because I would want the same if it were my appeal. "Fine," I think... stomping away like an angry toddler.

"Right now I should be posting, commenting, and engaging my readers. I just won a Curie and I left an armful of comments ignored on my post." Blah blah blah.

Why does this disturb me?

I almost got phished a few weeks ago too. I'm just a clever little nerd sometimes so I dodged the bullet. I could have the sentiment that I'm not responsible for people dealing with technologies they're not educated about. Simultaneously, the entire Steemit marketing pitch is kind of shady. It sucked me in too. Look how addicted I am. (smiles)

If I wasn't the benevolent filthy capitalist I am, and if I were not as clever as I am, I would be food here.

That translates to, pretty much all the other planktons and minnows are food here.

Okay sitting ducks, listen up!

I disclaim, I'm not telling you how to live your life or implying that you're an idiot with the following information.

What is Phishing?... In Plain English

Phishing is when a LINK is a BIG LIAR— basically. A link looks safe, but it's not. It could be a link similar to one like Steemit's, or it could be another link that takes you to a site that looks like Steemit or another app— like Steemconnect. Phishing happens on lots of sites as well, so you're never safe unless you're educated: even on Facebook, Twitter, etc.

These sites will usually hook you with a concerning message or huge opportunity.

Then they take all your money, infect you with viruses, and make you look like a fool.

It's sort of like a toxic relationship— except from a web page.

Oh shit! How can I avoid getting phished?

  1. You will be safer if you NEVER login to Steemit with your Owner Key, Master Password, or Active Key unless you are making transactions in your wallet on Steemit or a safe network. Once you've done making said transactions, you would be safer to log out and login again using only your Posting Key.

  2. You will be safer if you NEVER click on a link anywhere on the web — and especially on Steemit — without verifying its safe. If you don't know how to do that, you're safer if you don't click.

  3. Always check the address bar. Then check it again. And again. Make sure the link is spelled right. Make sure the site is using https. Look for the green lock symbol.

But, but, how do I check if a link is safe???

Ah, young grasshopper.

  1. On most computers, you can hover a link to see its destination. It will show up on the bottom left side of your browser. Or you can right-click and copy the link destination, and paste it into a note to read it.

  2. On a smartphone, you can usually copy a link destination and paste it into a note to read it.

  3. On regular mobile, why the hell are you surfing the web on regular mobile? It's 2018. Smdh. I can't help you.

ADVANCED NINJA SKILLS

There's a website you can bookmark for quick link expansion: http://checkshorturl.com

Or doing it manually:

  • If a link is shortened with google shortener, bitly, or steem.link— you can add a + to the end of the URL to open a preview page. For example:

http://steem.link/omitaylor

Just add a + like so...

http://steem.link/omitaylor+

Voila! Now you can see the original url that the shortener is pointing to without visiting it directly. This will give you the needed space to research the link before clicking on it.

  • For tinyurl you would add the preview. before the url

https://tinyurl.com/omitaylor

You would change it to

https://preview.tinyurl.com/omitaylor

You can also do this on MOBILE browsers.

Observe.

Hold down the link for a long time until the options panel pops up. Select copy link.

__.jpg

Paste the link into a note!

If the link is shortened by google, bitly, or steem.link you can check it on mobile also.

Paste the link from your clipboard into your mobile browser address bar, and add a + to the end.

__1.jpg

And boom!

__5.jpg

That's your preview. Now if the link is to Steemit or another safe website, go for it.

You can also do the same on mobile for Tinyurl as I mentioned previously...

__2.jpg

There are many websites that shorten links be these are the most common ones people use. When in doubt, you're safer not to click.

Once you have an original link, if you don't recognize it and don't want to click away you can also scan it.

Google has a tool that will let you check if a link has malware.
http://google.com/safebrowsing/diagnostic?site=YOURLINKHERE

You can also wait, and check the link later from a safer browser— like at home where you (hopefully) have an anti-virus on your computer.

And remember, technology isn't wrong. Link shorteners aren't BAD nor nefarious in nature. They were originally created for link tracking and to make long ugly urls easy to remember. But with every good invention, some dickhead has to come along and abuse it for their own corrupt reasons— and ruin it for everyone. Don't demonize link shorteners. Be educated about technology instead and use these wonderful features for good as there were intended for— and blame misusers for misuse.

OMG! I saw a phishing link! What do I do?

  1. DO NOT DOWNFLAG IT unless you have significant enough voting power to do so.

  2. REPLY to the comment: DO NOT CLICK ^^^ @guard @steemcleaners

  3. Immediately go to https://steemcleaners.org/abuse-report/ and report the link

  4. Head over to Steem Cleaners on Discord (if you have it) and report the link: https://discord.gg/WfBZAaH

  5. Create a NEW comment on the post saying: There is a bad link by NAME below! It has been reported. Do not click! And upvote your comment with the highest vote for visibility. Add a really alarming image to your comment for attention.

Like this...

Or like this...

Make sure the FIRST thing you do is report it BEFORE you go on a warning spree.

As an added bonus, Steem Cleaners will reward you for finding NEW threats.

You can get .001 or more just for reporting. Some people have gotten over 1 SBD for finding new threats.

Steemcleanerss.jpg

It's nice to know that you can be rewarded for your good deeds. Report away!

Bonus: Steemd Phish Plugin

If you use Google Chrome Browser (like I do) on your laptop or regular computer, @quochuy has created a really handy and advanced plugin called Steemd Phish that will help you detect funky urls before you click.

More Info Here

I use this plugin and I vote for @quochuy as a witness. Both I believe to be trustworthy.

Here are some more links about this issue and resolutions to common problems. Spending an hour out of your life to become educated will favor your safety online and on Steemit.

@simplymikeContest to Warn About Phishing Threat

@simplymikeHow to recover after being phished

@anyxIntroducing GUARD Phishing protector bot

@wizardaveHover before you click!

@imbigdeeRecognizing Phishing comments

@simplymikeMass spam-comment eraser script

@arcangeSteemit.com Virus Threat + List of Phishing Alerts

Craving exceptional content and accountable curation? Look no further...

smg100.jpg

Header created in canva from opensource images. Gifs hosted on giphy.
❤️
Are you online every day? Do you use all of your Steem Power?

If you can spare to loan 1 SP while I build up my own,

it will keep this little Minnow swimming.

Delegations are 100% refundable.

If this post is older than 7 days, you can still upvote my latest post. Thank you!

HAVE YOU RESTEEMED YET?

steemitnewssharkschoolsteemphishing
6 years ago
omitaylor56
via steemit
$ 14.05
77
H2
H3
H4
3 columns
2 columns
1 column
67 Comments