There's a sucker born every minute.

P.T. Barnum didn't really say it, but he is quoted as saying it.

Image Source

The problem...

There's a term you need to know about
because there is a scam
making the rounds here on Steemit
and other web sites.

Phishing

According to wikipedia...

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

What happens?

• The Phishing scammers put a link to a website that tries to steal your password.
  • Disguising it by making it a very similar URL and similar looking web site.
    • If you give them your password, they start cleaning out your wallet.
• This link might be in a post, a message sent to your wallet, or comment.

NOT to be confused with fishing

WizNOTE: This an actual contest I have going...
Guess the size of this fish
and win a FREE #SteemBasicIncome (SBI) share = upvotes for life...
Click here

+++++++
Compare these 2 links...

• Click here
• Click here
  • They look exactly the same, don't they?
    • They take you to 2 different pages.
• The 1st one takes you to the actual page where you can guess the weight of the monster catfish and win your free share of SBI, and 1 of 2 super cool dolphin keyrings.
  • The 2nd one takes you to my wall showing you all my posts.
    • This is not a dangerous phishing web site, but simply an example to show you it's hard to tell what you are actually clicking on. So, use due diligence any time you click on a link on the Internet.
• They can even make a link that looks like a tag link that actually takes you to their phishing site.
  • #SteemBasicIncome
    • Looks like a simple tag link, doesn't it? If you click on it, you will actually be taken to the post where you can guess the weight of the catfish.
• They can even make a link that looks like a username link that actually takes you to their phishing site.
  • @WizarDave
    • Yup, you guessd it, that link that looks like a username actually will take you to my contest post...
• Had this been an actual phishing attempt, the link would have been to another web site that looks exactly like Steemit, but isn't. They would have had you log in with your password, perhaps even using a popup window that looks very similar to SteemConnect (a service you are used to using to sign into Steemit web sites...).
  • Only problem, that site isn't steemit and they now have your password!
    • WARNING WARNING WARNING
      YOU NEVER WANT TO GIVE OUT YOUR MASTER PASSWORD TO STEEMIT!!!
• They will start powering down and transferring your hard earned STEEM, STEEM POWER and SBDs.
  • They will start commenting all over the place, using your username and including links to their phishing site, so they can catch more people's passwords.

WizNOTE about passwords:
There are 3 sets of passwords.

• Use your posting password for most surfing and posting on Steemit and Steemit related sites.
• Use your active password as required for transfers and such.
• Only use your master password to change or get new passwords.

Phishing and fishing are similar, in that the Phisherman tosses out bait in hopes someone bites.

• They can then use your passwords to clean out your wallet.

Due diligence

...is defined as...

• the care a reasonable person should take before entering into an agreement or a transaction with another party.

What can you do to prevent falling prey to a phishing attack.

• Usually if you hover over a link, you can look in the bottom left of your browser to see where the link will take you.

The Solution..,
Hover Look b4u Click

Always remember to

1. Hover your mouse over the link
2. Look in the bottom left corner of your browser to make sure it looks proper
3. Then click the link if all is fine...

Here are screen pics from my bottom left browser corner while hovering over the 2 links above...

• 
  • As you see this shows going to the actual page you think you are clicking.
• 
  • See the difference?

Go ahead and scroll back up there and try it for yourself.

• You should get in the habit of looking at the bottom left corner of your browser before actually clicking the link.
  • This simple step could save you a lot of headache!!!

First hand account of being phished...

@simplymike recently fell prey to a phishing attack.

• Luckily she was able to get her account and reputation back, and replace all the phishing comments made on her behalf.
  • In fact, she's the reason for this post. She's holding a contest to help spread the word about the dangers of phishing.
    You can read about her contest here.
  • Did you hover your mouse over the link before actually clicking the link?
    YES = that's due diligence.
    NO = you are too trusting! Please, start using due diligence...
• She has several articles linked in her contest post that you should read about what she went through and what she had to do to recover her account.

HELP I've been phished! What do I do?

The first thing to do is read @simplymike's post with a step by step guide.

1. Recover your account
2. Remove comments made as you by the hackers
3. Turn them in.

Steamcleaners to the rescue!

• https://steemcleaners.org/
  • Abuse Guide
    Explains phishing is abuse...
    • Report abuse here
    • You can also report abuse on their discord channel...
• Don't forget to Hover Look b4u Click

Conclusion

• If you are a reasonable person
• Use due diligence...
  • 2 things you can do to protect yourself
    • Hover Look b4u Click
    • Never use your master password!

But I trust the person who wrote the post I'm looking at.

• To save time, I'm not going to Hover Post b4u Click
  • Remember, if the person has phished, it may not be them doing the actual post or comment!
    • It may be the phishers who made the post.
• Use due diligence!
  • ALWAYS Hover Look b4u Click...

Who I am @WizarDave	The KEY to Life!