SCAM ALERT - Phishing attack to steal your active key

in steemit •  last year

A new scam is spreading on Steemit and try to steal your private information to get your funds.

Scam description

Victims receive a transfer of 0.001 SDB from the account @steemitsecurity with the following memo:

The memo use an email address and advises you to mail it for further instructions.

If you reply to the email (something you should NOT do), the scammer sent you back the following email:

Dear @yourusername,

Thank you for contacting us.

We have concerns regarding the safety of your account. We have detected suspicious activity with your account (e.g logins from very different locations) and therefore have reason to believe that your account may have been compromised. To ensure that this account still belongs to its original owner, please abide to the following instructions:

  • Please provide us with the e-mail that was used to create your steemit account. This is required for standard owner verification.

  • Additionally to the e-mail used to create the account, we also require that you reply to this message with your private active key (starting with "5") to verify the ownership of this account. ( NOTE: this is not your owner key. You should never give out your owner key to anyone. Whoever is in possession of the owner key has full control over the account and its funds. )

  • Make sure you do NOT change any of your keys until after we have verified you as the rightful owner to this account. If you do change any, we will not be able to verify you as the rightful owner of your account.

If you do not respond or can not provide us with the correct information, limitations to the account may be enforced depending on what information you aren't able to provide.

The Steemit Team

This email looks official and is an attempt to steal security information from you in order to get control of your account and funds.

Current status

The attack started 2017-10-23 13:56:12 UTC time and already targeted 52 users.

White Hat reaction

The account @steemitsecurity has been put on the black list of my Warning-Bot.

The bot will issue a warnings message to all the victims using their wallet. The memo of the transfer done by the bot will link to this post, notifying users of the malicious activity of @steemitsecurity.

The bot will run 24x7 and can be easily updated to react to new attacks.


A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:

Rule 1: NEVER, I repeat, NEVER use or give your owner key!

Rule 2: Use your posting key to login, post and vote on trusted websites like or

Rule 3: NEVER give your active key as this key allows to control your funds! The only reason to use your active key is for special operations like money transfer or account update on trusted websites like

Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!

4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.

If you notice any new suspect activity like the one described above, drop a comment on this post, contact me on or via Telegram (@The_Arcange)

Spread the words, resteem this post to your friends, and you will make the platform safer.

Thanks for reading!

footer created with steemitboard - click any award to see my board of honor

Support me and my work as a witness by voting for me here!

If you like this post, do not forget to upvote and resteem

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

And thank you @lighteye for the translation :)

Where there is value there will be fraud! Thanks for the heads-up and it is great to see a community that steps in and self-defends itself. That is truly awesome. Proud to be part of Steemit!

Upvoted and resteemed (or I'm trying to resteem, it's just spinning... ), thanks for the heads up!


Hope your spinning ended. Thanks for the resteem!

Upvoted and resteemed, @arcange. Thanks for the detailed warning! Cheers!

All at once difficult to understand. thank you for always helping!


You're welcome =)

thank you

Thanks for the warn alert at @arcange

This could help a lot of steemians resteemed..

Thanks for the warning @arcange.. I'll resteem this. Might help the others as well..

Thank you once again for your efforts! Resteemed it!

Thanks for letting us know :)

Terrible that people do this kind of thing. I will be careful!

Not only am I supporting this scam report service, if you are the same person maintaining the SQL-server service then I want to be doubly aggressive in my support because there is no way that the so-called "rewards" here are a proper compensation for what you put in.

On this point, I would encourage you to publish your public keys for BTC, LTC, STEEM, etc., so that those of us who understand what you're doing from the delivery end of things can add to our support.

I think I may have sent to you the following remark on another occasion, and if so I apologize for repeating it. Either Steemit or some other website would help deliver badly needed public education by maintaining a database of screenshots and texts associated the scamming projects. As another commentator here points out, they are becoming devilishly clever (I see that with the stuff arriving on lmy phone and my computers), and I worry about the day when I will be sleepy and accidentally do a "Click Here" that I should not do.

I got one the of the day that was really amazing. The message popped up on my iPad browser screen. The message looked very much like an alert from one of my banks, except that they made the mistake of telling me to "Click Here" if I wanted to unsubscribe!

When I looked at the source code there was no address beside the "Click here", and when I looked at the URL at the top the screen it bore no resemblance to normal TCP/IP syntax.

I suppose if I did do a "Click here" some piece of code would have been installed on my machine. And it would probably be a tiny piece of code, which would later on contact the server and bring on a larger piece of code, and so on until they have soiftware that executes on my computer to either steal stuff or attack other computers. So these guys are getting to be seriously clever, and the best we can do is to educate ourselves as much as we can on how they are presenting themselves.

That's extremely sneaky. Thanks for looking out for us!!

Thank you, quiet. I never take candies from strangers

very informative post..

you will have my upvote ^_^ @arcange

Thanks for the kind bot for alerting.

Thanks for the heads up on this one @arcange Appreciated.

Thanks for the heads up on this one @arcange Appreciated.

Thanks for the heads up on this one @arcange Appreciated.

This post has been ranked within the top 80 most undervalued posts in the first half of Oct 25. We estimate that this post is undervalued by $11.76 as compared to a scenario in which every voter had an equal say.

See the full rankings and details in The Daily Tribune: Oct 25 - Part I. You can also read about some of our methodology, data analysis and technical details in our initial post.

If you are the author and would prefer not to receive these comments, simply reply "Stop" to this comment.

thanks for the alert"""!!!!

Thank you for the warming! I have also resteemed to help spread the word!

"...(e.g logins from very different locations)"
not various different, not different, but VERY different...
how telling.