🚨Security Alert, Being Smart, & Call to Action🚨
There are several efforts to do account take-over and shamming Steem and SBD via phishing sites, wallet messaging, creating very similar looking usernames, and the creativity does not seem to stop.
One of the most popular phishing incident was that of @samstonehill Some 19 days ago he wrote about this experience, his convo with the hacker, and some valuable tips to protect yourself. That post can be read here: A conversation with Steemit HACKER @accounttransfers & IMPORTANT SECURITY SUGGESTION for EVERYONE!.
@surpassinggoogle post yesterday attempted to warn us of another phishing effort. The attacker sadly gained access to a few account of people I know even after the alert from Terry. That post can be found here: Please Don't Use (https://steemit.press/Update-December-2017/) Vs Steemit Condenser Interfaces!!! Plus, I Need Your Help With Building "Steemgigs".
Here is a couple of snapshots from the attacker's account activities:
In the snapshot, it will be seen that the same person created an account named @steemitsecurity. This account then sent a few messages in another attempt to phish as shown below.
In general, messages about security of an account via the wallet message written like this should be ignored. The most sensible advice one can get if anyone suspects that an account's keys have been compromised is to change one's password. That can be done here: https://steemit.com/@username/password (change @username to your username, in my case @steemitph). If the advice includes any other instructions specially contacting a specific person, be wary.
I was forming some interest in @buildawhale and decided to check their activities in SteemD. After seeing only a few transactions done showing in the activity, I knew I've done something wrong. I miss-typed the username and missed the "a" beween the words "build" and "whale. In the below snapshot, you will see that @buildwhale has victimized a couple of Steemians to-date:
I then searched for @followbtcnews in discord to alert him, but seems like he already know.
Here are a Few of Similar Usernames which "may be" Intended for Shamming Your Steem/SBD
| Original | Copy |
|---|---|
| @buildawhale | @buildwhale |
| @blocktrades | @blocktrade @blocktradess |
| @minnowbooster | @minowbooster |
| @bellyrub | @belyrub |
| @promoted | @promote |
There may be many more out there, so be careful. Please let me know of similar username's which may be intended to take Steem or SBD from mistyping usernames in the transactions.
I've seen lots of efforts being done to deter comment farms from negatively affecting the reward pool, I have resteemed this post from @teamsteem about @patrice and @spaminator's effort: Spaminator Needs Your Help. Please support their effort if you have big enough SP to delegate. I have delegated a quarter of my SP between three communities, and am looking at supporting @patrice soon. Doing it now though will significantly impact my influence.
@steemcleaners and @cheetah are doing pretty well in protecting the platform from plagiarism
There needs to be similar effort to deter phishing and shamming Steem and SBD. @arcange is doing what he can, but this area needs to be looked at more closely. Please share specific things that can be done by commenting, for I may be very new to know all the technicalities. My thought however includes:
- An official communication from @steemitblog on areas concerning security against these type of attacks.
- Some community effort similar to @spaminator and @patrice (on comment farm), and @steemcleaners and @cheetah (on plagiarism) focused on account security and fraud/scam prevention.
- @precise did an education session in our small but steadily growing Steemit Philippines community all about security through an Ask Me Anything session. Other sub-communities may benefit from doing the same.
The best thing to do is to be vigilant and smart when it comes to account security. It never hurts to be extremely careful.
If you are a Filipino, an expat living in the Philippines, or care about the Philippines, please join our growing community in discord by clicking on this picture:
Vote for Our Philippines Witnesses
How to vote?
Use the witness page https://steemit.com/~witnesses
Scroll down the page until you see the vote box below and enter
Click vote
With the help of @fubar-bdhr and @beerbot @steemcleaners has been staying on top of identifying phishing links & accounts. Unfortunately some of the accounts are not posting so all we can do is track them.
Thank you for your support!
Didn't know about @beerbot. Just saw his week 42 report. Thanks for all that you do for all of us.
thank you sir for reminding us.
Yep. Security is number one. We are all invested here both in money and in effort. We will do best to protect ourselves.
Too late for me. hahaha charge to experience.. my name is in the top list and latest zzzzzzzzzzzzzzzzzzzzzzz
Oo nga sir eh. Hhhaaayyy... Dun ba yun sa phishing site na nasa post ni Terry? Buti na lng din at di fully na take over yung account mo.
dun sa discord chatroom ko nakita.. as in nakapakatanga ko hahahahaha
Nope if you signed up with steemit, you can recover your account and we raise the money
Thanks for the support and encouragement. I'm cooking some article now hahahah
Very necessary and timely reminder, thanks for the share.
Thanks for the mention sir @steemitph. To emphasize the importance of this matter, for this week's Ask-Me-Anything session I specifically set the topics from the first 2 episodes and give more focus on security. I am hoping that people who missed out the first 2 sessions will have an opportunity to ask questions.
I hope you don't mind the promotion
thanks again for the continued support.
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by steemitph from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews/crimsonclad, and netuoso. The goal is to help Steemit grow by supporting Minnows and creating a social network. Please find us in the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
@cmtzco has voted on behalf of @minnowpond.
If you would like to recieve upvotes from minnowponds team on all your posts, simply FOLLOW @minnowpond.
Thanks again @qurator. I haven't seen similar name as our community so far, so that's good. @thamarkymark though presented a thought that makes sense. Can we look at potentially doing that?
Thank you for mentioning this @steemitph. We will definitely be looking into it, any suggested names you might think can be used to scam @qurator and its members will be highly appreciated. Thanks again =)
As a follower of @followforupvotes this post has been randomly selected and upvoted! Enjoy your upvote and have a great day!
This post has received a 0.35 % upvote from @drotto thanks to: @banjo.