UseSteemit Crypto Academy Contest / S7W6 - Careful, Has your Steemit account been hacked?
Have my Steemit account ever been hacked?
No, my Steemit account has never been hacked and I wish it remains that way. I still remember what I passed through when my Facebook account got hacked, though the worth of a steemit account can't be compared to a Facebook account, at the least I have experienced the pain created by the Denial Of Service (DoS). being unable to login and use my account while an unknown person was using my account to strike fraudulent deals.
My opinion concerning dubious links offering rewards? |
|---|
Most successful hacks are a result of cleaver phishing techniques sandwiched with some form of social engineering, keyloggers and malicious software that creates a backdoor into your device.
On Steemit, such often comes in the form of a link that offers to give some kind of rewards if clicked. In reality, such linked are linked to a series of malicious codes that will exploit a vulnerability on your device,
In most cases, clicking on such a link will disable the "ask for permission" option on your device so that once the download of the main keyloggers or spyware that will steal your username, posting and active key. This information will then be send it to the hacker.
Yes, your account can be hacked by a single click on a phishing link.
My recommendations to prevent an account from being stolen or hacked? |
|---|
It is best not to click on links that are unknown, links that have mouthwatering promises are often set as baits and any link that takes you outside steemit should be viewed as suspicious untill proven innocent.
Try to read link destination paths
Learn how to read a links path which is easy when the link is kept in the open. By that I mean a link that is dropped like this:
https://en.m.wikipedia.org/wiki/Phishing
It is easy to tell that this link will be taking you to the Wikipedia website, under the wiki section that discusses Phishing.
But if the link is formated, such that it's path is not openly shown like this one:
Free TRX
Press and hold on the link till it display a menu like this:
which will give you the Parth/address the link will be taking you to, or action to be executed.
You can copy the link and pest it in a text editor.
This link called free TRX will be taking you to the kaspersky.com where you have the definition of social-engineering
keep your keys to yourselves
Your steemit keys are your personal property. Do not give your keys to anyone else, and be careful when trusting third parties with sensitive steemit keys.
Generate new keys
After using a key for a while, use your master or owner key to regenerate new sets of keys. This is something you should do if your phone is stolen or snatched.
Why do some accounts get hacked? |
|---|
An account could get hacked if you kept your keys with a third party and the third party has been compromised.
Better keep your keys alone and don't trust anyone with it. Keep an eye on your account by regularly checking your Steemit account for suspicious activities.
Your account could get hacked if it was created for you by someone such that the person has your keys and has now gone rogue.
periodically change your keys, ask steemit to generate new sets of keys rendering the old keys obsolete.
if your keys got exposed, your account could be hacked. This could happen if you copy the key and paste it in an input field that that has no encryption or mistakingly sent it to someone. It could also happen if your keys are written on a diary.
Quickly use your master password to reset all your keys. If you should write your keys on a diary, use a type of data encryption technology to protect the key.
Your account could be hacked if you login on a device that has an outdated operating system or web browser. Or a device that has been compromised.
Always update your device and don't login using a device you are not sure of and once a device flags an error, be quicke to respond to it and don't ignore it. If you are using Android, get safe apps from the Google play-store.
If the Email that holds your keys is not adequately protected with a full proof two ways authentication, you could get hacked.
Activate a two way authentication on your Email to protect your keys.
To anyone whose accounts are hacked?
Immediate action
Of the hack is ongoing or is still within the 30 days limit, I will suggest an account reset in the Steem world.com site.
Words of Consolation
It may not be as a result of your negligence that you got hacked.
Try recovering the hacked account as the reputation you created using that account is a very valuable resource, assuming the funds have been lost.
Prevent it from reoccurring
Change your password and learn how to keep your account safe.
What you should do if your account is being hacked |
|---|
Immediate action
I will end any progressive power down and immediately go for a reset of all my keys.
Buy time
Depending on the feature that will respond or not, I may also delegate my Steem to any user so as to buy me some time.
Recover Account
Now that the hack is still in progress, it means I still have the opportunity to go to Steem would and ask for a reset.
Conclusion |
|---|
Incidents of hacks have become reoccurring trends this days, it is good to take proactive steps to guide against being hacked and knowing what to do when a hack is in progress can save you a lot of pains, frustration and heartache.
I will love to invite the following friends to participate in this interesting contest from the crypto Academy community, @okere-blessing, @udylicious, @bela90 and @gwillchrist
#burnsteem25 #cryptoacademy-s7w6 #steemexclusive #nigeria #steem #club100
I must commend that this is one of the most important article made on this topic of account security, as you share both screenshots and guidance on what to do in certain security situations.
I appreciate your time and effort to share your knowledge with us boss, it would go a little ng way in saving someone out there.
We ought to always double-check the URL before entering our username and password to any link. Additionally, we should make sure that the website is secure with SSL encryption.
It is also important to create different passwords for each website. A password manager can help keep track of all our passwords and ensure that they are unique and secure.
With a password manager, we can create unique, strong passwords for all of your accounts, without having to remember them.
Changing our keys occasionally would equally be a healthy practice for our accounts, and we should learn to store our keys offline too.
By following these steps, we can protect our Steemit account from being hacked by malicious actors.
I really love the valuable guide and remarkable points shared on this article my boss, I would equally appreciate of you engage in mine
Links that offer big prizes are often trapped by new Steemit users. But those who follow and read more about basic Steemit knowledge are less likely to get caught up in that. Good post. Good luck for the contest. I have also participated in this contest.
🥰🥰🥰
I have read through your post in this contest, it's a great work. And I am happy that you have decorated my post with your interesting comment, thank you for reading through my post, for the comment and the support....
You have a good knowledge on this topic. This hackers are so intelligent but we should always be careful not to be a victim.
A person needs plenty of knowledge about the inner working of a system in other to pull a successful hack.
But some just have the right tool and prey on other people's ignorance. Yes they may be smart, but we shall try to keep our accounts safe at all time.
Thanks for your comment on this post.
Hello manuelhooks,
I hope you are fine. You have put great effort in creating the content. You have discussed in start that your account never got hacked and I hope it will never get hacked in future.
You have mentioned that your Facebook account hacked in the past and you still know it's pain. I know how it feels when you can't access your account where you are posting for years. I hope it will never happy again.
You have shared some recommendations and also cleared the difference between link path and fulllink path. It is most of us missed in our content but you covered it and I really appreciate that.
Then you mentioned some of the reasons why other users' account got hacked and what they do wrong.
In last, you mentioned if your account got hacked you will delegate SP to someone so you get more time and will then recover your account with the help of Steemit Team.
Overall, your content is full of knowledge and newbies and users with less knowledge can get much benefit from it. I hope you will stay safe in the future also. I wish you best of luck for the contest. Please have a look at mine and share your views :)
Saludos amigo! es muy satisfactorio ver que no ha sido hackeada tu cuenta y que cuentas con las herramientas y conocimientos pertinentes para la protección de la misma. Gracias por compartir con nosotros tu valiosa publicación. Saludos cordiales!!
gracias por leer mi publicación. sí, mi cuenta no ha sido pirateada y deseo mantener ese estado. aunque estoy haciendo todo lo posible para proteger mi cuenta, realmente creo que la seguridad es un esfuerzo colectivo que nos involucra a todos.
A hacker could be attracted to an account because it has a large amount of Steem that has not been powered up. The thief in so many cases do not have the patience to wait for a power-down.
Powering up all your liquid Steem will keep some eyes away from your account.
Thanks for inviting me to this contest and I wish you the very best. You made some great points like the need to recover keys once we are rubbed of our devices.
I totally agree with your point, liquid Steem or SBD are easy to transfer out once an account is hacked but if the Steem was powered up and delegated, it makes the process long time consuming for the hacker.
We support quality posts, and good comments anywhere, with any tags.
Thank you to @goodybest of team 3 for supporting my post, I am greatly encouraged.
Hacking of once account is a terible experience, I dont wish it happen to any one.