Be careful - New scam for phishing website uses fake comments with images

in steemit •  3 months ago

You must be particularly careful because a new pernicious phishing attempt is currently spreading on Steemit!

Never give your password on suspect or unknown websites!!

I already warned you about several scam attempts (see bottom of this post for a list of them). Here is a new one.

Scam Description

The scammer will send you a comment like this:

NOTE: the author or the content of the comment may be different from the above screenshot

If you look closely at this comment in detail, you will notice that it is actually composed of texts and images that serve to mislead the user:

How does the scammer wants to trick you?

  1. He uses a fake “upvote/reply” image to simulate the end of his comment.

  2. He uses an image containing a well known user name with a high reputation, in our example it is @exyle. Did you noticed there is no avatar in front of @exyle's name?

  3. He adds his phishing comment with the poisoned links. You may think this is a comment from @exyle.

  4. He adds a fake “upvote” arrow and “reply” link, embedded in an image with an underlying link to the phishing website.

  5. He adds a a bunch of blank lines at the end of his crafted comment to hide the real Steemit’s “upvote/reply”

If you click on the link in the comment (the one that contains your supposedly copied post) or if you want to “upvote” or “reply” to “@exyle’s comment”, you will be redirected to a fake Steemit website:

NOTE: the domain name displayed may be different from the above screenshot

After a while, the page will fade out and a popup will appear, asking for your credentials:

NOTE: the domain name displayed may be different from the above screenshot

If you enter your credentials (DO NOT DO IT), you will be redirected to the the real website.

The goal of the creator of this website is to steal your credentials to hack your account and funds!

Preventive action activated

I will add any account sending phishing links to the black list of my Warning-Bot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.

If you find similar phishing attempts, contact me on

To protect yourself, you can:

  • always double check before clicking on a link, especially if this links take you away from
  • verify the reputation of people writing comments on your posts. A user with a low reputation should trigger you attention.

Previous threat alerts

If you missed them, please find here the previous alerts I published:


A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:

Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!

Rule 2: Use your posting key to login, post and vote on trusted websites like or

Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like

Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!

4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.

Spread the words, resteem this post to your friends, and you will make the platform safer.

Thanks for reading!

If you notice any new suspect activity like the one described above, drop a comment on this post or contact me on

footer created with steemitboard - click any award to see my board of honor

Support me and my work to protect the Steemit platform.

Vote for my witness

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Thanks for the warning! This is one of the most helpful posts I've read in awhile. These scams are very frustrating and I've learned that it's best to never click a link regardless of who it's from, even your friends. I'm really hoping that a DM function is incorporated into Steemit, to help mitigate this problem. If one already exists, please let me know.


Thank you for your support and for your witness vote @mantishands, really appreciated!

The only way you can "DM someone" is to write a comment under one of his/her posts or do a micro-transfer with your message in the memo.


You're very welcome @arcange. I've seen the micro transfers and some personlized messages that way. But I don't really see myself wanting to advertise my personal communications with another user for all to see. I understand that the blockchain is designed that way, but some of my words and ideas are for me and my friends only. Maybe someone who's smarter than me will build an app on top of Steemit that will provide a solution...


You may encrypt the memo content using your memo key. Then only the sender and the recipient will be able to read it. But that's not really an easy way to share messages with a group of friends.

Thank you for keeping us well informed @arcange! I voted you for witness and I can't think of anyone who could do it better! =D


Thanks for your support and your witness vote @kawaiicrush, really appreciated!

Appreciate you taking the time to share this new phishing scam with the community. Not everyone will diligently look at the site’s name and most will simply re-enter their password. The method of scamming is different but end result is the same. Will share with others so they are aware.

These scammers are getting pretty sophisticated.


That's exactly what I was thinking! Though I would never enter my credentials unless I was already trying to log into a site I intentionally navigated to, the rest of the scam would probably catch me without this warning. I saw a comment like this on my most recent article and actually did think it was from exyle.

I don't resteem often, but this needs to be shared. Thank you @arcange for all you do. I've seen your comments pop up on both my account as well as my daughter's. As a newbie, it could be easy to fall for something like this. I appreciate the work you're doing to help Steemians stay safe and protected.


I'm glad to read my comment was helpful. Thanks for your feedback @crowbarmama.

Thanks so much for the warning. I truly appreciate that their are people spreading the word. I will resteem to help increase awareness.


Thank you for your support @headchange

Would you know if these fraudulent links are filtered out by using mobile apps outside if the steemit domain?

Posted using Partiko Android


To be honest, it depends on which app you use.

Yuck these are more nasty then i expected. Thanks for the info, some of these are hard to spot even when you are very careful. I wonder how many people have been tricked..

They are getting more and more creative


I have always been impressed how creative "bad" people can be. It's just a pity they do not use their skills in a positive way.


Chasing after them can teach you some interesting technical tricks sometimes. Like the way they manipulate the browser history when you land on their page so that even if you click on the Back button of the browser you are still on their website

Posted using Partiko iOS


Nothing really extraordinary technically speaking. This is because there is an intermediate domain with a redirect. Two clicks "back", is you are back on the original comment on Steemit.


One of the sites I saw is pushing a lot of fake URLs in the history and even with ten clicks back you’re still on their site which will again change the history. They saturate the history by doing a pushState() in a loop at each page load.

Thanks for these useful and informative tips @arcange

Buenas noche amigo gracias con su información. Bendiciones para usted. Saludos desde Venezuela hasta luego

So many work))

Great catch. Thanks for the warning, matey!

Thanks for the warning. Upvoted and about to resteem.

Proud member of #steemitbloggers @steemitbloggers

Thanks for this amazing work.

thank you for the heads up, pretty sure this is the same name that was doing this on a couple of my posts and we flagged cause of the link,,,thanks again for doing great work, you have my vote

Resteem'd! Thank you!

hate this things thank for the tip !

Congratulations @arcange! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :

You published 4 posts in one day

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.

You can upvote this notification to help all Steemit users. Learn why here!

Thankyou! Gracias!

Great work - really! Saving alot of people from alot of stress :)

This scam is very intricate indeed, resteemed!

Thanks for the warning.

Nice one, weldon, would really be happy if all these fake and scam account are been, banned from usage....

many thanks @arcange for the warning as no one else seemed to bother to let others know but you. very much appreciated


You're welcome @banditqueen

Oh man, this is a sneeky one for sure. Thanks for the heads up I actually got a suspect looking link in my last post but that guy wasn't as smart of a scammer as whoever is doing this.

Thank you for the alert , can we also report the domain somewhere ?

Thanks for the heads up sir.

You do a good work.

Posted using Partiko Android

I always get scared When these sort off things happen! Thanks I have resteemed this nlog to My followers hope they follow up

Thank you for the advice!

For three weeks in steemit has already encountered intrusive proposals to be a referral in doubtful minings. Advertising is necessary, but requires a reasonable restriction, spam is not allowed at all.


Up to you to flag spammers to lower their reputation if they are too aggressive with their "advertising"

wow, that is some devious shit, thanks for the heads up and all of your hard work fighting these scamming turds.

Team Good Alpaca loves this post! Nomnomnomnom!
Delegate to our project via SteemConnect:
10 SP | 20 SP | 50 SP | 100 SP | 200 SP | 500 SP | 1000 SP | 5000 SP

That's really insane! Thanks for this much appreciated!

Thank you very much for always giving us your undying support and advices. Steemit may have been very promising for its technology, but also very frustrating and discouraging for this kind of reasons and lack of support from other big players. We hope there will be more like you and the likes of @surpassinggoogle to make this platform a working system in the future and not a platform of politics and thugs.

Exceptionally useful post. Thanks for the work you do. Resteemed.

Thank you!

I am so sorry I missed this before I could add my vote!
I had no idea that this kind of hidden link was even possible. Thank you so much for letting us know!

Thank you for this! I will be very careful!

Thanks for the heads up! This is good information that should be spread to all Steemians!

Go through the Discord channels of which I am part and report on its publication, everyone can contribute to the platform in some way;)

Thanks a lot to let us know !!! I pay attention of that

This is the smartest scam I've seen on steemit so far. It's such a shame that this kind of talent is being used to fuck people over when the world has enoguh problems

Thanks for warning us @arcange your work is so good. Keep it up, please :D