This is starting to develop into a major Steemit issue, personally I would trust only the links in the posts...emphasis POSTS of people you follow on here. Any link, however innocent it might seem in a comment could be compromised. Do not enter your user name and any key in a log in that requests it unless you have triple checked the authenticity - if in doubt just cancel it. If you find a comment or post you suspect contains a phishing link flag it - it is far better to hide a genuine link then leave in the open a phishing one.
What would a phishing link look like or what would someone be looking for to determine it was a phishing link....I don't even know what it is, I am going to google it though when I am done.
It could be any link - because when see a link like this https://discord.gg/3eBkqY it is very easy to change the real domain you are directed to (as I have done if you click the link). The problem is these links are being manipulated so they go to domains that are misspellings of steemit like steewit with identical page design and it asks you to log back in again - so if you are unwary and do not notice the domain change - you enter your Steemit it user name and password - the site logs them in a file and then no doubt bounces you back to Steemit as if nothing happened.
Thank you.