Phishing Warning 2.0

in phishing •  7 months ago

image source

This is a phishing warning. The levels of malicious links in comments have reached extreme proportions. Nearly 500 accounts have been infected to date.


Example Phishing Scams

  • Free votes
  • 10% off votes
  • Promotion bot
  • Steemian Day
  • Your post was stolen
  • You stole a post
  • Anything else that gives you a link

Other Scams

  • Bots that trawl for passwords that were accidentally posted
  • Bots that trick you into delegating all your SP

There are no short cuts. These hackers and scammers are trying to trick you because they know you're trying to write a good blog and are getting no votes. They know you may not speak English too well or that you're using a mobile phone. They know that 90% of comments out there are bots. They're playing you. Don't let them.

image source

What They Want

  • Your password
  • Your money
  • Your SP delegated to them
  • Your account to spread comments with

What You Can Do


image source

If You Got Hacked

  • Tell us and keep us up to date on how your recovery is going
  • Don't delete the flagged comments, just edit them to remove the phishing links the hackers posted
  • Make sure you change your password immediately if the hackers didn't change it
  • Start the recovery process immediately
  • If something went horribly wrong we will sponsor you a new STEEM account


  • The money the hackers stole can't be returned to you
  • If you lose some or all of your reputation in the process of being disinfected don't worry about it, it will come back over time
  • If you get a odd error while changing your password, wait a bit -- a password can only be changed once an hour
  • No, a hacker can't delete your account

image source


Read this first:

How do I check if I'm delegating my SP to a hacker?

How do I undelegate the SP?
Undelegating is just re-delegating but with zero 'vests' (SP). You can undelegate with Steem Connect by changing parts of this URL:

Who can I ask for help?
Myself (@guiltyparties), other @steemcleaners members (@patrice, @pjau, @anyx, @pfunk, @logic), @arcange, @bullionstackers, or most project leaders who are familiar with how STEEM works or how to reach us. Remember, you need to contact us to get taken off the infected list!

Translate this post into as many languages as possible to help spread the word!

Like what we're doing? Support us as a Witness.
Go to
At the bottom, type in guiltyparties
Click VOTE

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

This Post have Been Resteem by @bullionstackers
We are currently Fighting Cyber Criminals to protect Steemit community.
I agree with the poster that we require to write as many post

Please write in your own post in your own language Topic Phishing ( In Any Language )
One of the Tag must be #whalepower Tag and Support by my #whalepower Team .


I will be writing my own post as soon as I am back on track, and much appreciate your help when I was phished, @bullianstackers. I got locked out of my account - again - and it's a week tomorrow that I requested a recovery, and because no recovery email by Tuesday, I wrote to support because @steemcleaners can't help. No reply from support. A bit frustrating only being able to post from Busy and not being able to access any of the phone apps that integrate with the Steemit platform. Apologies for the rant. Feeling a little frustrated.


You have mention Busy
This are a few time I heard about their Website not Secure!

??? Maybe their site is not secure!

I see, if I can contact one of The App Officer.


I would really appreciate some help. I have been watching feed and my wallet carefully and nothing is going out of the wallet and I am the only one posting on my account and commenting. Seriously, a week to get a recovery email, and when I was hacked it took less than 24 hours. I appreciate that there may be as many as 400 scam accounts, but I am now really beginning to wonder if this is my account or if there's a bug. I'm a bit of a techno-dunce, which isn't helpful, either. Thanks again, @bullionstackers


Transfer your fund to your friend account first.
Also check for sudden Powering Down.
Try 500 x Accounts and rising. It is at Pandemic Level at the moment.


Oh, my word! I can only post at the moment, no transfers. Thanks, again, for the advice.


@bullionstackers, just to advise that thanks to @guiltyparties my issue has been resolved. Thanks again

Why the relation between busy, steemd, steemworld, steemit and steemconnect is not explained anywhere clearly? 😐


What do you mean?


Sorry, typo in my last comment. Edited it.

Is there any affiliation between above sites? So we can trust them? Like etc

Thank you for your continued support of SteemSilverGold

very awesome and i really support you @guiltyparties, i've seen phishing in my friend account @sepfriadi hacked by account @gregoryoo24, when i want to help and report to @arcange but in vain, all the contents in @sepfriadi account's wallet have in transfer to account @gregoryoo24

thank you @guiltyparties

This post have been Resteem by @freeservice

@freeservice is Another Resteeming Service Account by @bullionstackers
Introduction Post Here

please help me to remove the flag?



If you are doing Phishing , you need to remove All your Bad Links comments first.
Once you have done that come back to me.

How can we help you? Please Read

[How to recover your account in Indonesia]

[Bahasa / Eng / Cn version Post]

what should we do for this exam? thank you

Thanks, @guiltyparties for this very clear exposition and for your help when I was phished. After trying to change my password again, I was locked out of my account. Tomorrow it will be a week since I requested a recovery. @steemcleaners can't help and still no response from @steemit support. I am now at a loss because I can post on Busy from my laptop, but can't access any apps from my phone, which adds to my frustration. Any advice much appreciated.

Once I am back on the Steemit platform, I will be writing my own post about my experience and what I have learned. Including about the support from the "real" Steemeit community.


Six days ago did you update your password or not? Message me on please.


Will do. Give me a minute. Thanks

@guiltyparties , I am not Hi-jacking your post.
Hope you don't mind. Have a good sleep.


I appreciate it. It was around 1am when I posted it so didn't get a chance to see replies.

@guiltyparties thanks for the warning update...yes it is spreading like a wild fire, the more you avoid from greed, the more safe you are.


That's why I want as many translations of the post as possible. I don't even give a crap if they copy/paste the thing.

It is essential that people are made more aware of this issue, no matter how many times you tell people it's just human nature to click on links - and they bait them so well - @saffisara had a comment on her post yesterday saying someone had copied her work - with one of her post titles turned into a link - looking at the source for the page I could see it was leading to another clone Steemit site that would capture account log in details if someone entered it. Fortunately she had not clicked it and we were able to flag the comment to invisible and she contacted Steemcleaners with the account details.



That's exactly what they're doing. Telling people they copied or were copied.

Thank you for the warning brother I will be careful in the comments so as not to get caught in this kind of fraud, your post is very useful brother I learned a lot from your post good job brother @guiltyparties

This is very useful information! You do so much to support the newcomers! Many thanks!

I'm using Cryptonite by Metacert to be protected on and This extension for chrome and firefox works great. As the original site is verified and checked, all new phishing sites are recognized automatically. is not verified until now, but hopefully soon (has to be done by the owner of the project).


I think there's another extension out as well for Chrome. The more the better (as long as they're not phishing themselves). We've got a full out infestation here.

Thank you for getting the word out! Will resteem :)

thank you very much for the information you provide.@guiltyparties
I just made you my witness

Hi @guiltyparties, I just stopped back to let you know your post was one of my favourite reads and I included it in my Fiber Ramble. You can read what I wrote about your post here.

Join us on Mondays for Coffee Hour at 1pm EDT in the Steemit Fiberartists on Discord or view it live on the Steem Star Network.

i will try to make a post an translate that in french if you are ok


Yes please do that.


ok! i'm on it !

thank you for the information, you deserve to be my witness.@guiltyparties


you are welcome

Info is the best weapon!
I'd like to translate it into Russian. Is there the way to get the body of this post, i mean, with saving all the links and Markdown codes?


warning for Russian-speaking users is ready:-)

Thank you for the update. This is rampant across the crypto world. Resteemed


It's the same group as the one that hit bitcoinforums and other communities. We tracked them down to the same registrar before they started going for the free domains.

I see the developers are working on ways to highlight phishing links. Newbies will not know about the dangers, so the site should alert them.


That's one of my submissions. Also put out one for updating the phishing.js list with the full list of phishing URLs.

My ID is hacked today, What should i do now.What do i have to do now.Can I get my ID back?My account name @jihad420