When running through my Email, I saw an Email purporting to come from "noreply[at]steemit.com". It had this Subject:
Welcome to Steemit! Confirm Your Email
And this in the body:
To continue, please confirm your email address by clicking on the link below
I immediately spotted this as a phishing Email - quite possibly a spear-phishing Email - because my account is months old. That's why so many phishing attempts go wrong, by the way: they don't make sense.
But it would have made sense had I just signed up. (!)
So, please use this guide to spot a phishing Email especially if you're a newcomer:
Spotting The Phish!
THIS IS WHAT A LEGITIMATE EMAIL FROM STEEMIT LOOKS LIKE:
It says email@example.com via sendgrid.net Look carefully at the "From" field. You should see that it was sent through sendgrid.net. If that's not there, delete it!!
Remember to hover over the link before clicking it!
When you hover over the link, the domain for the link should include sendit.net. (I know this because I deliberately signed up for a new second account so as to get a legitimate confirm Email.)
If you haven't picked up the habit of hovering over all Email links, now's the time to get into the habit!
I cannot emphasize enough: make it a habit to hover over any and all links you get through Email. Phishing Emails always make themselves known via weird-looking links, especially links that are different from the raw URL in the Email.
THIS IS WHAT A PHISHING EMAIL LOOKS LIKE:
This is the phishing Email I got. It says firstname.lastname@example.org without the "via sendgrid.net". Had I not screenshot it for this post, I would have deleted it.
Please watch out!!
I hope this brief warning helped. If you want to spread it around, feel free to copy and reproduce it. Just ask, and I'll send you the raw markup code.