Steemit Crypto Academy Contest / S7W6 - Careful, Has your Steemit account been hacked?

Asalam Alikum! This is Asad Fazal from Pakistan. I pray everyone here stays healthy, active, and happy. Today's I'm here to take part in the Season 7 Week 6 contest held by SteemitCryptoAcademy Team. The topic decided by the team is Careful, Has your Steemit account been hacked?. Same like always the topic is very interesting because it is all about Steemit platform. It will help us to get knowledge from others and to share ours with other members. I am excited to start the post, so let's begin!

The world of cryptocurrency is open to scam and frauds because most of us becomes greedy at some point. There are different things that make us loss our investment in crypto space like greed, clicking on all links, downloading malicious browser extensions and more.

The most easy way to hack someone's account is to make fake apps or browser wallets where user thinks it is legit wallet and they enter their password and seed phrase. But as the technology, cryptocurrency, and blockchain knowledge is increasing among people, scammers and hackers are getting tough time in hacking.

Talking about Steemit which is a social platform that gives reward on creating quality content, it is also open to risks and insecurities. But remember losses are only due to user's own fault but not in the platform.

Talking about my account on Steemit, I have never been hacked here and for which I always Thanks Allah Almighty. I have my account keys securely saved and also I have hand-written them on a page if I somehow lost my keys. The hacking here on Steemit is when the hacker gets your Active key, Owner key, or Master Password. These keys are very important and we need to keep them safe. The Posting key is only to login but can't used to transferred Steem.

If a hacker access your private posting key, you don't need to worry because he can't transfer funds from your account. But if hacker has access to your Active key, Owner key, or Master Password, time is to worry now. Because with these keys, your wallet can be accessed and funds can easily be transferred which nobody can retrieve or refund.

There are many accounts on Steemit that scammers, hackers, and SEO (Backlink Guys) has created. The scammers and hackers post suspicious links in the comment section of highly engaged or normal engaged posts. In the comment, they will claim that you will get reward just like he got after you click on the link. Check the below screenshot.

In above screenshot you can see how he is trying to convince others by showing he has earned $31547 from Google by performing simple actions. If someone clicks on the link, it is possible his account get hacked and can get access to your keys when you put them during transfer or login. The above scammer has commented on many posts as can be seen below.

We all know Steemit is decentralized platform which can't be controlled by anyone. So it is not possible to stop the scammers and hackers here. But the thing we can do is never click on the links that look suspicious. Try to keep distance from suspicious accounts. If you loss your funds, nobody can bring them back so you need to protect yourself.

What I have seen till now, newbies and those who have no idea about suspicious links and people who are greedy to get more and more are the main target of hackers. The nature of blockchain and cryptocurrencies is decentralization however there are some who are centralized but still if you loss your investment, nobody can help you get it back. But there are some precautions that every person not only crypto traders but every person who is using internet must follow. My recommended preventions are:

• The first thing is to keep your Windows and Browser on which you log in your accounts up-to-date. Previous versions have flaws thats why newer versions are introduced in the market.

• Never ever click on the links that look suspicious. There are many scammers who show rewards for clicking the link but in reality they are trying to hack your system and accounts.

• No matter how close your friend is, never open your account on his laptop. Always use one device PC or mobile.

• Never share your private keys to anyone including Active key, Owner key, and Master Password. It is not possible in this era to trust anyone except your family.

• Create complex and strong passwords that are almost impossible to break.

• Never save your password in the browser because it can easily be hacked.

• I have shared dubious links above, it is highly recommended to never click on them no matter what.

• Use latest anti-virus version in your PC and turn of Firewall.

• Save your Steemit Key's PDF to your PC and I personally recommend to write them down on your notebook at home because it is the safest thing to do.

• Regularly check your Steemit wallet and if there is anything wrong, take action accordinly.

• Last recommendation will save you that is to keep your Steem in Steem Power because it takes 1 month (4 transactions) to convert back to Steem. In this way, hacker can't get the account for 1 month.

These are some of the recommendations and suggestions from me that can prevent your Steemit account to be hacked or stolen. I strongly suggest to follow all above tips if you don't want to loss your investment.

There are many reasons why some people's Steemit account and other accounts get hacked. If someon don't follow the above mentioned tips and other useful precautions, their accounts become easy to hack. I also read my friend's post @preye2 here on Steemit where he mentioned that his close friend did malicious act on his account and stole 136 Steem tokens. However, below are some of the points that got your Steemit hacked.

• The quick and easy way to got hacked is by clicking on malicious and dubious links shared on highly engaged posts' comment section here on Steemit.

• Storing keys with no care at all makes the account open to hackers and scammers.

• Users store their Steemit Key's PDF to Google Drive, Onedrive, or any other drive which is somehow easy to hack.

• The browser extensions are another possible method to hack and we Steemians need to be very careful for that.

• Some newbies share their private key to scammers if they face any issue on platform thinking that this person will save me but in reality he is his enemy.

• It is also possible if you sell your PC or Laptop, the shop keeper or the new owner will recover your system and it can easily be done with free softwares like iCare Data Recovery Software. After recovery, they can acccess your keys.

• Phising emails that shows they are from Steemit team are also quick and easy way to get user's data if he is not aware of this hacking type.

We work hard on the platform and if someone hacks our account, it really breaks our heart. It is the toughest time for the one whose account got hacked and funds are stolen. First thing is I feel sorry for him/her and then I will give some suggestions.

The hack only happens because of our own fault and loophole we give to the hacker. I suggest whose account got hacked, first need to login with posting key and if it says wrong, try to use Active key and if it let you log in, immediately change your password. If it says wrong password, try to contact Steemit team because they can help you get your account ONLY if you have your Master Password.

Second thing is we all should make trusted witness our recovery account through Steemworld.org. They can help us to recover account but you will require Master Password for that also. Third thing I would say is to check your Steemit wallet after recovery regularly and monitor if there is any suspicious activity going on. Don't click on any dubious link, untrusted website, or emails. Stay safe and monitor your account regularly.

I pray it never happens to me and I am active in saving my account by taking precautions I mentioned above. I am trying my best to secure my account by storing my keys on hand written paper because I can't trust any online drive or browser. I never save my passwords in browser but only those that are easy to recover like Netflix and SEO blogging tools. But if still my account got hacked, I will do the following steps to prevent my funds to be transferred.

The first thing I will do is convert all Steem tokens to Steem Power (SP) because it can't be transferred and takes 1 month to convert back to Steem. This step is only possible if the password is not changed. However, I am already keeping my 95% of Steem to SP.

If the password is not changed, I will immediately log in and change it to strong and complex one. Then I will save it on my notebook at home.

The third step will be to contact Steemit team or my recovery account to help in get my account back because I have my Master Password saved in notebook at home.

Then after gaining proper access to my account, I will check wallet and blog section to check if the hacker is still there or has he used my account to post some dubious links in different communities.

After that, I will write a detailed article on how my account got hacked and what was my mistake so others can take care of it. Also I will share how Steemit team helped me in recovering my account.

Last step I will do is to regularly monitor my account not only on PC but also on my mobile multiple times a day to stay updated. I will check all things including wallet transactions, Steem, SP, TRX, posting, comments, and upvotes.

These are 6 steps I will do immediately if my account got hacked. I suggest here to follow the points that Steemit team mentions during registration of account. Also follow the steps that admins and mods of different communities share.

This is all from me for the "Steemit Crypto Academy Contest / S7W6 - Careful, Has your Steemit account been hacked?". I invite @samminator, @preye2, @steemdoctor1, @simonnwigwe, @preye2, @lavanyalakshman, and @theentertainer to participate in this contest and share with us knowledge they have about Steemit account hacking.