!!! Caution scammers !!!
Caution scammers
I want to warn everyone and the participants in the support program in particular.
Three days ago, the "owner keys" were stolen from one of our members.
Using the key, the hacker ferret changed other keys and blocked the owner's access to his account.
At the same time, he put SP on a decrease and began to withdraw tokens to his wallet.
This situation is commonly referred to as "phishing".
It's basically a hunt for your keys to gain access to your wallet.
I have no experience in this area, but I can draw your attention to some points.
- You create your post, publish and wait for upvotes and comments.
At this time, a comment comes to you with some tempting offer.
For example, you are given a link, following which you will receive a gift, support, prize, whatever.
Remember - the free cheese is usually inside the mousetrap.
So ... the comment might look like this:
Even if you check who he came from, you may not suspect anything.
https://steemit.com/@sduttaskitchen
This time the comment came from this lady. She has a normal blog and outwardly does not arouse suspicion.
If you follow a link, you may be prompted to enter your username and password to receive support or a gift.
Never enter passwords following links.
Our friend did it ... now he does not have access to his account and some of the funds have been stolen.
The owner of the account from which the ferret's comments of the same type originated, explained that her account was hacked and it was not she who caused the harm. She writes that she was able to quickly restore her account and now she is doing well. On this day, harm was done to many people.
Maybe she's really innocent, maybe she's in cahoots with this hacker ferret. I don’t know for sure. But people received similar comments from this @sduttaskitchen account before and before these recent events.
This lady just changed her comments under all posts so that the link is not visible. So far, she has not written a post explaining what happened. I'm not talking about an apology now.
2.You have not received any comments, but in order to log into your account you use an active key ...
I do not exclude the possibility that the hacker ferret created a program for brute-force / brute-force keys.
It checks whose keys wallets can open, opens and steals your funds.
In this case, he cannot block your account, does not have access to lower your SP, but he can take your money to his wallet.
To log into your account, use only the posting key.
Use your active key only for transactions with your wallet in standard platform operations (and nowhere else on third-party sites)
Save your owner key to a USB flash drive, external drive, make a photocopy and just keep it and never use it. Only for account recovery, if necessary.
Here is an example of non-burglary.The ferret just devoured money user. Read:
https://steemit.com/hive-196725/@duckling/warrentto-the-unknown-guy-hacked-my-account-and-withdrawn-my-all-sbd#@hdnakum/qvk06o
Forewarned is forearmed.
Take care of your wallets and your nerves.
Regards, @bambuka
@randulakoralage helped @sduttaskitchen when this was discovered and managed to save his account and had the spam comments deleted so that no one else would be fooled
@sduttaskitchen is not a thief and she deserves an apology from us.
Someone who does "phishing" would not even answer us
@sduttaskitcheni we correct this and give you membership with us 😊
Exactly as you said xpilar 😌 I saw one of her comment. I know her before. Then informed her via discord. Then she updated keys. Then deleted possible comments. And edited rest of the things quickly.
Thank you.
Thank you my dear friend, @randulakoralage only because of you I able to secure my account without loosing anything. You are truly knowledgeable and helpful person. Stay blessed.❤️😊
@xpilar, thanks for your attention to this issue and your comment. I am not claiming that @sduttaskitchen is a thief, I just want to understand the question and want her to help me with this with her answers. So far she has not answered anything on the merits of the question.
Perhaps my questions cast a shadow on her honest reputation. I will happily apologize to her when everything is cleared up and she has absolutely nothing to do with it.
I just want to keep this issue in focus and really hope for the help of witnesses and node holders.
I am not very good at blockchain mechanics, I am not an IT specialist and I do not have access to other resources. This is our common cause.
Such phishing attacks can drive newcomers off the platform and we will lose people like @elishanyong for example.
Maybe it makes sense to create a "self-security service" on the platform?
After all, you have to do something about it.
\\
@xpilar спасибо за внимание к этой проблеме и ваш комментарий. Я не утверждаю, что @sduttaskitchen вор, я просто хочу разобраться в вопросе и хочу, чтобы она помогла мне в этом своими ответами. Пока она ничего не ответила по существу вопроса.
Возможно, мои вопросы бросают тень на её честную репутацию. Я с радостью извинюсь перед ней, когда всё выяснится и она будет абсолютно ни при чём.
Я просто хочу держать этот вопрос в фокусе своего внимания и очень надеюсь на помощь свидетелей и держателей нод.
Я не очень силён в механике блокчейна, не являюст IT специалистом и не имею доступа к другим ресурсам. Это общее дело.
Такие фишинговые атаки могут прогнать новичков с платформы и мы потеряем таких людей как @elishanyong например.
Может быть имеет смысл создание на платформе "службы собственной безопасности"?
Ведь надо с этим что-то делать.
@xpilarIf I understand correctly (?), phishing is carried out using external sites that may look similar to Steemit when the user clicks on a link to that external site.
Is it possible to give a task to the developers so that when they go to an external site using a link from a comment, a warning about this transition about not using any keys there appears in front of the user. For beginners, this would be a certain protection.
I've seen this feature on some other sites.
Thank you so much @xpilar, I can understand the difference of qualified and knowledgeable people. That is the reason I mentioned you. Keep faith on me I will never do anything here that can hamper others and I am an arts student, didn't have much knowledge of blockchain. I am a social worker and serve the poorest of poor so can't even think about all these. I also believe in almighty. Thank you once again. I didn't want to give any explanation to qualified people rather to explain infront of a knowledgeable person. Stay blessed 😊
it is unfortunate that this type of acts are happening within the platform, thank you for the warning.
Scammers need to grab the hand and rip off the hand...
Вот здесь
https://steemit.com/hive-139751/@nklm/f-a-q-ru-steem-chasto-zadavaemye-voprosy
в разделе БЕЗОПАСНОСТЬ (это в конце) много чего сказано.
Но даже те кто читал - смеются.
.... А потом - плачут, ага..
Хороший пост и полезные предупреждения.
Есть такое слово "инфантильность"...
GRACIAS POR INFORMAR.
You are welcome
Gracias por la actualización y estar pendiente. @bambuka
Thanks for the update and stay tuned.
You are welcome
Для вашего блага :)
Thank you for this warning, there are many tricks abuser use to get benefits for themselves.
You post is nominated for „Wold of xpilar“ Community Support Program, @booming account upvote. Only the posts that are not cross posted, original and posted from community page are eligible. If your post gets approval, then you get upvote within few days. Good luck!
CC: steemcurator01
Thanks so much truly appreciated !
Thank you for the message! A very serious topic has been raised and I would like to be aware of the results of the investigation, if it is being conducted.
I wouldn't call it an investigation. It is rather a warning for the complacent and inattentive who do not worry about their safety. Judging by the history of the wallet, this scammer has long and successfully robbed inexperienced novices who are careless about security and password issues.
I'd love to see a real investigation from the #steem team #steemit #steemblockchain #steemitblog. I don't know how to get their attention right.
But here we can say that the users themselves are to blame, who for some reason do not value their safety.
\
Я бы не стал называть это расследованием. Это скорее предупреждение для благодушных и невнимательных, которые не беспокояться о своей безопасности. Судя по истории кошелька этот мошенник уже давно и успешно обкрадывает неопытных новичков, которые беспечно относятся к вопросам безопасности и пользования паролями.
Мне хотелось бы увидеть настоящее расследование от команды #steem #steemit #steemblockchain #steemitblog/. Я не знаю как правильно привлечь их внимание.
Но тут можно сказать, что виноваты и сами пользователи, которые по каким-то причинам не дорожат своей безопастностью.
Thank you for posting this. My friend @elishanyong got the same comment and immediately reached out to me to be sure that it won't cause any harm. I asked him not to take any action. He would have been a victim by now. This fraudulent act is alarming and I hope the perpetrators of this act will be brought to book.
I looked at your friend's profile and invited him to the support program. He is a talented artist and spiritually developed personality. As a result of a hacker attack, he could leave the platform. This is the main danger and harm of these ferret hackers.
I also hope that the hackers will be found and punished.
@Xpilar and other witnesses now know about this problem and I think that measures will be taken.
The victims should not remain silent, just as the name of honest people should not be denigrated. We must work together in this direction.
Thank you so much for looking into his profile. He is quite talented and spirited as you have noticed. we have been working together for sometime now. I invited him to join steemit to share his world with us and I am happy he didn't fall for the scam. That would have had a negative effect on him.
I am glad the witnesses know about this problem and I am also hopeful that soon, it will be over for them
It's good that he was careful. I sent him an invitation and am waiting for his answer.
I think that witnesses are more interested than others in preventing phishing and the situation should soon become clear.
I actually fell for something like this a while back but before the page was fully loaded I suspected something was wrong as I knew very well that no community or body on the platform would ask for my password or anything personal so I opted out and immediately changed my password...
This would really save a lot of people, thanks for sharing @bambuka
@ezunjoshy you did the right thing, but unfortunately not everyone does it and this hacker has a long list of victims.
Be attentive and careful, I wish you success on the platform :)
@bambuka thank you for the awareness you are spreading. I didn't know how it happened, and you can see I have written a post regarding the same.
But I don't find your message about hacking. The tape contains only idyllic landscapes and flowers.
Please follow the comments
https://steemit.com/hive-196725/@alejandrop/alert-sduttaskitchen-is-scammer-has-stolen-a-steemit-account-see-complete-post
This is not your post
I'm watching. Here the picture is clearer:
https://steemworld.org/@sduttaskitchen
(Set the filter by the date 2021-06-29
and outgoing comments)
A quote from your story about the event:
But in the interval between the scam mailing list, changing the password and starting to delete the sent messages from the account, there were no comments. They start from you with this:
Block 55041249 / Transaction 55041249-1
@sduttaskitchen how can you comment on this. Just please, I ask you to answer on the merits. This is a very serious matter and I see inconsistencies between what you are saying with what can be seen in the blockchain. You know that traces from any activity remain in the blockchain and you can always compare dates and meanings.
I am waiting for your clarification. Otherwise, I will have reason to believe that you are involved in this fraud.
\
@sduttaskitchen как вы можете это прокомментировать. Только пожалуйста, прошу вас ответить по существу. Это очень серьёзное дело и я вижу нестыковки того, что вы рассказываете с тем, что можно увидеть в блокчейне. Вы же знаете, что в блокчейне остаются следы от любой деятельности и всегда можно сравнить даты и смыслы.
Я жду вашего разъяснения. В противном случае у меня будет основание считать вас причастной к этому мошенничеству.
@sduttaskitchen
Do you consider posts about a better life with Steem such a post?
I checked your blog before publishing this post. I did not see any messages about your account being hacked (which would be appropriate in such circumstances). All you did was change every comment that caused the fraud. An attacker would do the same. I am not saying or claiming that you are the ferret hacker who did all this three days ago and in the same way at different times before. (Look at his wallet, the history of deceptions is quite long and I think that this is not the only his account.)
Until now, your actions only help him. If you are not in collusion with him, then I would like to see your activity in the issue of suppressing his activities. After all, as you state in the comments, you were also hacked. At the same time, your wallet was not damaged personally. Think about these words.
Please follow the comments
https://steemit.com/hive-196725/@alejandrop/alert-sduttaskitchen-is-scammer-has-stolen-a-steemit-account-see-complete-post
In the comment for that post, you link to some @randula.
Who is this? I could not find such a user