Phishing site reported - autosteemer(dot)club

in steemit •  9 months ago

One more phishing website reported. Scammer duplicated his malicious website and changed the domain name

Few hours ago, I warned you about the autosteemer(dot)com phishing website. My warning bot started to notify every use targeted by this phishing attempt.

As a reaction, the scammer duplicated is website and activated a new domain name.

Thanks to @afterglow for catching my attention and notifying about this new scam.

Description

The scammer publish the following comment on user’s post

If you click on the link in the comment, you will be redirected to the following site:

The site is a simple one page website created with Wordpress.

If you click on the “Connect to Steemit” button, or on the “Connect“ menu in the top right of the page, you will land on the following page:

The page maliciously mention SteemConnect, despite the fact it has clearly nothing to do with it.

If you enter your credentials and click on the “Connect Now” button, you will get the following result:

A quick review of the page source code shows that this is a simple form and guess the entered credentials will be stored to hack your account!.

Preventive action activated

I will add any account sending phishing links to the black list of my WarningBot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.

If you find similiar pishing attemps, contact me on steem.chat

To protect yourself, you can:

  • always double check before clicking on a link, especially if this links take you away from steemit.com.
  • verify the reputation of people writing comments on your posts. A user with a low reputation shoud trigger you attention.

Previous threat alerts

If you missed them, please find here the previous alerts I published:

reminder

A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:

Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!

Rule 2: Use your posting key to login, post and vote on trusted websites like steemit.com or busy.org.

Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like steemit.com.

Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!

4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.

Spread the words, resteem this post to your friends, and you will make the platform safer.

Thanks for reading!


If you notice any new suspect activity like the one described above, drop a comment on this post, contact me on steemit.chat or via Telegram (@The_Arcange)


footer created with steemitboard - click any award to see my board of honor

Support me and my work to protect the Steemit platform.

Vote for my witness

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Thanks for the important information.

Thx for the info!

This is fantastic information. I believe - something similar should always be available on the side bar. I suggest u to please make this recommendation to steem developers.

Oh thanks, resteem the post for awareness.

·

Thank you!

Congratulation!
This is my event and you won the event!
I voted you as a prize (full voting). Thank you~

https://steemit.com/kr-event/@cchyyy/aqjun-500

I really want to say thank you for a needed post to know.

Very imformative

Thank you for your work sir in combating phishers and scammers in this platform.

I feel sorry for their victims because I felt like I could have done more to prevent these kinds of activities.

Once again thanks for information, still lindungi we of those who try to cheat at steemit..

Resteemed thank u very much for the warning <3

Thank you for sharing this info. It would be a great help For me not to connect to a spammer site.

The users must be the moderators of steemit. We all have personal responsibility to flag spam and abuse. If you regulate too hard you will start inadvertently punishing people who are not abusers of the system.

Users must be taught when joining steemit that THEY are the moderators, and THEY are responsible for flagging content that does not belong on the platform. It is then up to seasoned and experienced members to analyze the flagged accounts for further abuse and set up automated systems which help prevent spam.

I think we will probably have to abandon the idea of being able to auto-ban spammers with intelligent algorythms because that could cause accidental censorship of legitimate users. We must view every individual user as EQUALLY important as the entire body of users. If even one user is ostracized due to a miscalculated automation algorythm then we are doing it wrong.

It is up to the programmers to implement these ideas on behalf of the community, and of course they should be rewarded for their time.

Perhaps play a short and entertaining video to each new user explaining to them that just like any other social network, there is spam, haters, flamers, jerks and quality posters, and tell them if they catch someone spamming on their page they have a duty to go check their comments section and see if they have been spamming on everyone elses page! That way they can flag each spam post.

However, this is not an ideal method in my opinion. It shouldn't be hard to detect when a user is posting the exact same message over and over again on hundreds of posts, and you should be able to flag USERS not just posts, that way they can have their accounts analyzed by the community. Everyone should be able to take a moderator role and be rewarded for the time they spend sifting through posts and flagging spam, because as it currently stands, we receive no rewards for the time we spend moderating steemit.

All human psychology is based on risk and reward. Human beings will not waste their time moderating steemit if they do not perceive some sort of value as a result of their hard work, and I'm sorry but "making steemit better" isn't going to motivate everyone.

Simply reward users for flagging spam.

How? By waiting until a post or a user has been flagged over 100 times then rewarding every user who contributed to that flag and deleting the post and flagging the user as a potential spammer. After 3 account flags, your account enters group moderation and anyone who wants to spend the time investigating the account can do so and put forth a vote on whether or not the user should be banned on the platform. After 100 votes to ban a user, they are banned.

How do we prevent this banning system from being abused? After all people could just flag things they don't like?

If you flag something to be banned and after 3 months it has not received enough votes to result in a ban, it is escalated to high priority and users are rewarded even more for voting on it. If after 1 more month the user does not receive enough votes to end in a ban, all users who flagged them receive a flag on their account as potential abusers. After 3 flags, THEY enter the moderation system and the process continues.

What do you guys think of these ideas? Please upvote if you think this would be useful to the developers, as I cannot code these ideas myself.