Never give your password and double check on which website you really are!
I already warned you about several (potential) scam attempts (see bottom of this post for a list of them). Here is a new one. Thanks to @lighteye for catching my attention and notifying about this new scam.
A few hours ago, in my last Scam Alert, I warned you about the steemitfollowup(dot)ml phishing website. I invite you to read the post for full details on the phishing attempt.
I also updated my WarningBot to notify users about the threat, sending hundreds of warnings to users.
It wasn't long before the scammer reacted and registered a new domain, with (nearly) the same content.
He started a new posting campaign with the following comment:
Once on the phishing website you will see this:
Clicking on the "Join Now" button will redirect to the same fake SteemConnect website hosted on steemconnect(dot)ml.
The rest of the phishing exploit is the same as described in my previous Scam Alert
Preventive action activated
Up to now, the scammer has already posted 346 comments to users.
I will add any account sending phishing links to the black list of my Warning-Bot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.
I will also notify users who already received a comment mentioning the phishing website.
If you find similar phishing attempt, contact me on steem.chat
To protect yourself, you can:
- always double check before clicking on a link, especially if this links take you away from steemit.com.
- verify the reputation of people writing comments on your posts. A user with a low reputation shoud trigger you attention.
Previous threat alerts
If you missed them, please find here the previous alerts I published:
- Scam alert and white hat counter-strike
- Phishing exploit has been stopped - Scammers thwarted!
- Potential scammer reported- @jones420
- Fake Steemit website try to steal your password!
- Phishing attack to steal your active key
- Potential scammer reported - @minnowpond
- Scammer reported - @russiann
- Scammer reported - @steemitrobot
- Scammer reported - @tripadvisor.com
- Scammer reported - @harquick
- Scammer reported - @gtg.witnesses
- Phishing site reported - sleemit(dot)com
- Phishing site reported - ww.steemitfollowup(dot)ml
A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:
Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!
Rule 2: Use your posting key to login, post and vote on trusted websites like steemit.com or busy.org.
Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like steemit.com.
Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!
4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.
Spread the words, resteem this post to your friends, and you will make the platform safer.
Thanks for reading!