@samstonehill has been hacked & cannot be re-accessed. How did this happen & what are the solutions?

in steemit •  last month

goobye me.jpg

After making the schoolboy error of entering my master key into a website which despite initial appearances turned out not to be our beloved steemit.com, I can do nothing now except watch the thief take around $3,500 worth of steem, week by week.

Anyone who has voted for this account in the last week, please withdraw your vote immediately to ensure they get as little as possible.

And resteem this article to build awareness of this important subject, especially now that the hackers are using my account to try and hack others. So if you see any messages from @samstonehill in your wallet, saying that they have detected unusual activity in your account, please just ignore it.

What about the account recovery process?

The recovery process won’t work for me because I didn’t write down the email address I used to confirm the account.

Screen Shot 2017-10-09 at 23.36.38.png

Account recovery link here: https://steemit.com/recover_account_step_1

It was my understanding at the time that we should set up a new email address for the purpose of confirming the steemit account and not use that email address again, as to protect our anonymity.

The Steemit registration guidelines were very clear about writing down the master key… which I did. But they did not mention to write down the email address used to confirm the account.

SO TAKE NOTE:

If your account is hacked you will need your master key and email address to recover it.


How am I feeling now?

Not great to be honest.

In truth I feel a bit let down by Steemit. Yes, I was the one who made the mistake by falling into the trap but it brings up three important questions for me:

1. Should the Steemit devs consider adding a function which enables them to terminate hackers' accounts immediately?

This particular hacker's account (despite having a rep of -3) is still active and most likely still scamming people. You can see it HERE

2. In this situation should there not be a system in place which prevents the hackers from so casually taking the STEEM using the power down system?

I would prefer to see my STEEM go back to the reward pool than watch a thief slowly take it week by week.

3. I followed the registration instructions without fault and never lost my master key, so is this a flaw in the current system?

It feels to me like something needs to change within the registration process if Steemit is going to prove itself to the masses as the awesome next generation social media platform which I still firmly believe it is!


Potential solutions

  • Create a warning system which sends out a message to EVERYONE in their wallets when there is a scam like this happening.

  • Add a FREEZE ACCOUNT function, entrusted to the Steemit Witnesses only, taking away the incentive for future scammers.

  • Add one sentence in the registration process which highlights the importance of not only the master key, but also the email address through which the account is confirmed.

I have passed on my story to the right people and I hope this will create some solid changes, making me the last person to suffer this experience.


It has been a tiring few days, checking every combination of name, password & email account provider I can think of. Without any luck.

Am considering seeing a hypnotist tomorrow who may be able to help me access this small piece of information which must be stored somewhere in this busy brain of mine.

Depending on how much a service like this costs? Hey…that would make an interesting steemit post!

It wasn't easy explaining to my french partner Sabrina that I made this mistake and consequently lost our savings, dramatically changing our plans for the future. In time she will forgive me.

The hardest part has been the mental challenge of letting this go and focusing my thoughts back on the things that make me feel good again... because I worked so incredibly hard to get my rep number up to 70.7 with 2,155 followers over the last 14 months.

...and now I have to start from square one again.

But I do believe that in time all of this will make sense to me and I will look back with a smile, knowing that everything happened exactly the way it was meant to happen.

It is rather fitting that my last post in the @samstonehill account was an Abraham of the day, entitled 'find a way to be happy wherever you are now!'
Link HERE

section.jpg

Haha... thanks Abe. Am doing my best!

sexy banner.png

How did I make this mistake?

First and foremost I was tired. Exhausted in fact.

I had been working hard on creating a donation account (@charitysteemit) and numerous posts (from the @samstonehill account) designed to raise money for the growing number of evacuees stuck in camps here in Bali waiting for their volcano to blow. My heart went out to these people and I pushed myself very hard to do what I could for them.

…and then (as a tourist here in Bali) I had to do a visa run to Kuala Lumpur. After working through the night I couldn’t sleep on the flight and with only a short turnaround before getting back on a plane to Bali, I decided to grab a coffee to keep myself awake. They had wifi so I logged on to find the following message in my wallet:

shot.jpg

I had never seen anything like this before, so I clicked on their link which took me to this page.

I sent them an email explaining that the 'unusual activity' they mentioned was most likely due to all the donations coming in to my account for the Bali fundraiser.

I also told them it was not good practice to hand out my master key in this manner. They responded straight away by email insisting that this needed to be done immediately in order to secure my account.

With only a few minutes left at this point and in fear of losing the money for the people of Bali, I glanced at the url of their site and it appeared genuine in my tired state. Now of course, I can see clearly it is not, with an I before the steemit.com

Full of fear and the knowledge that I had to run for my plane, I entered my master password and hoped all would be well.

By the time I arrived back in Bali 3 hours later the account's password had been changed and I was locked out.

The following day they took down my colourful banner and all personal information. I wonder if my family photo was messing with their sense of morality?

Now my account looks like this

Screen Shot 2017-10-10 at 04.15.54.png
and I can only imagine what rubbish they intend to spam people with.

Thankfully I had already transferred the STEEM & SBD donated from many generous steemians (for the Bali fundraiser) into the @charitysteemit account. So those who contributed can rest assured this money will be used as intended for solar panels & water filters.

But the money raised through my @samstonehill posts on this subject is gone now. And to those who voted for me with the intention of helping the people of Bali I am deeply sorry for my mistake. I can assure you it will never happen again.


What have I learned from this?

  • Rest more! When my body is tired I make mistakes.

  • Make use of the community! As soon as I was back in Bali and no longer under pressure to get on a plane, I found within 30seconds numerous posts advising people this was a scam.

  • Steemit could potentially have better security protocols & measures in place to disincentivise scammers.

  • Consider using sites like anon.steem to create your steemit account. They don't require email addresses of phone numbers, and the account is created immediately. But the best thing of all is that in this situation, they would verify that I am me through something as simple as a video call. And I would have my account back again.

  • As the popularity of this platform grows, so too will the complexity of these scams. And vigilance will be required at all times!


What now?

Last month I set up @samstonehilltube with the intention of sharing only my video work there, but now it will become an upgraded version of the @samstonehill account!

 ban 2.jpg

And I am actually a little bit excited about that 😄

It will be interesting to see how quickly I can build myself back up again with my 14 months of experience and the many wonderful friends I have made here on Steemit.

In Conclusion

I am determined to stay as positive as I can about this situation and I hope my that my experience ensures it doesn't happen to anyone else in the future.

On a final note I must tell you that I find it very hard to ask people for help. But in this moment I really do need your help.

My trading account investments are looking low right now yet I have no choice but to sell them all... and in around 2 weeks when this money is spent, I have no idea what we will do.

I could always go back to London and start making films again, but I would very much like to continue using Steemit in the way I was using it before... in order that I can continue inspiring you with my tales from around the world.

So, you can help me now with a simple upvote & resteem 🙏🏻

And I hope too you will follow this new account @samstonehilltube from which I will continue to provide quality posts worthy of your attention.

Blessings from Bali.jpg

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  trending

Whilst I think websites like anon.steem which permit you to buy steemit accounts with no email address are GREAT, one must be aware of the potential problems in doing so.

Actually, you'd have been safer if you had used AnonSteem.

We recover accounts generally based on you having your original order ID and an old password, as well as some clear way to prove it's still you (e.g. your twitter, steemit chat account, discord etc.)

But, we can also recover accounts if we just know it's you. Maybe something as simple as a video call, to see you're clearly the same person from the images, and I'd happily enable recovery for the account.

I reported the phishing domain to GoDaddy last night after I got the spam to my own STEEM account, though they seem to be making new ones constantly.

You might be able to contact some STEEMIT staff, who could enable recovery for your account if they verify you through alternative means as I suggested.

@ned @sneak

·

I don't understand how accounts can be recovered in a trustless and decentralized way if someone is deciding whether or not they want to recover it.( based on their subjective opinion) Please explain

·
·

The account can only be recovered if someone knows one of the old passwords.

This means even though I can start the recovery process for an account made via AnonSteem, I can't actually change the key without having at least one of their old passwords.

Account recovery is something that cannot really be done without some form of trust system, otherwise let's say the hacker figures out your "secret information" you use for recovery? Well you're definitely screwed now.

It's possible for you to change your trustee, but you have to wait 31 days since the last password change to do that. You could for example, create an AnonSteem account, then 31 days later change the trustee to @steemit - which would make them responsible for recovering your account in an emergency. Similarly you could even set it to a friend.

·
·
·

Yeah. That's was the obvious part I was missing.

Also thanks for clarifying the trustee can be change. Such a well thought out feature that is this recovery account thing.

·
·
·

Thanks for your answer. What I don't understand is that samstonehill said steemit needs his email to recover the account, why ? They should only ask for old password not the email. no?

·
·

Account can only be recovered by the account recovery person and only if the master key has been changed in the last 30 days.

If the account has been created on Steemit.com the recovery person is @steemit If the account has been created by other means than steemit.com then the account recovery person can be chose by the person who create the account.

This is why anonsteem can be the recovery person. The can only change or recover the account if the password has been changed in the last 30 days. I'm not sure if I forgot something or if my explanation is 100% correct. Maybe @someguy123 can confirm.

·
·
·

Great and all untill @someguy123 dies and then what? I hope he has deadmans swicthes set up! sory to be so gloomy but ....like taylor swift has said, 'I dont trust nobody and nobody trusts me' so is anon steem realky better? ior is it just some guy? lol woah didnt even meam that but yeah isnt it just some guy trying to pretend he is like a company? i mean, i hope at least 2 people run anonsteem! bevcause if something happens to like theone guy who runs anonsteem and then u cant get ur account recovered, then what?

Sorry thats just my lil "hat if" scenari, juyst being a contrarian

yeah anyway I always used to ask about how the account recovery works, but i have to remind people, Steemit is not Bitcoin

we dont use proof of work, we have Delegated proof of stake, that chanegs everything when it comes to doing stuff like being ABLE to do stuff like a Wallet recovery when Bitcoin has no wallet recovery for hacked wallets... lol But imagine if Bitcoin network actualy decided to do a hard fork to reverse all transactions that were from hackers stealing funds, you could have like a hard fork of bitcoin where all contested transactions are reversed and you have a central authority to do that stuff, and thats kind of what steemit is because all the witnesses kinda know each other and thats one simple way to look at ity.....

but in reality the witness nodes are decentralized and steemit inc is just one steem gateway.... steemit inc cannot really do any more than any one person with steem account, a steem account can be created from any already created account..... and you can make your OWN steemit gateay like chainbb or busy.org .... thething is all witnesses have to agree tio run teh same software... that software has to behanded "down" from some centralized locaytion and thats steemit inc for now, am i right or wrong? I am not sure thats jjust my guess.... but it is only like that for now

in the future we will become more decentralized so that steemit inc can be shut down and we could still carry on... in fact if busy,org has a powerdown and withdrawl function... then i am pretty sure we could be using that incase steemit.com is down.... wel no bevcause it cannot create accounts i dont think? at least not for free?/? I think we would need a new gateway that can create steem accounts and tHEN we wouldnt need steemit.com/// but h,, yes its strange @someonewhoisme it seems counterintuitive at first BUT its not, its makes sense when you know how steemit works and how yes it is decentralized but the steemit witnesses all agree on everything or else we would not have consensus, but we have this sort of hivemind but its a decentralized horizontal hivemind.....
I think that you have to realize... steemit is not bitcoin and bitcoin does not have witnesses but just bitcoin miners and nodes and you dont have a centralized way to organize them all like you do on steemit where you can talk to everyone over the steemit forum...Bitcoin would need to freakin use Bitcointalk.com forums to actually communicate instructions and news to all of its network miners and node operators whil steem blockchain has this built in social media network that lets people talkto each other and also to amake announcements where the important ones get to the front page and everyone gets to see them!

So you see, that and how we are Delegated proof of Stake allows us to actually do things regular POW bitcoin cannot do! through consensus of witness nodes we can accomplish great things for the community! Its software and all software is maleable its just a question of getting everyone to agree on overall system wide changes, consensus, its magical!

·
·
·
·

that software has to behanded "down" from some centralized locaytion and thats steemit inc for now,

The Steem software is publicly hosted on github just the same as Bitcoin. Both can be fork. For now Steemit Inc are the one most knowledgeable about the code but anyone can study it. It's open source.

What you said about the fact that if something happen to the recovery partner is also true if the recovery partner is Steemit. If the person or persons controlling the Steemit account are ill prepare in case something happen to them then they might not be able to recover the account of their people. I think the recovery partner can be changed. I'm not sure. Not through steemit but through steemd. I'm pretty sure it can be changed.

If all witnesses agree to something then they don't have to conspire to make something happen, they all agree. That's what happen Steem is updated. I don't remember how many % of the top witness have to agree but the update goes through.

For some witnesses to conspire and trying to pass false transactions would be almost impossible I think because other nodes would realize what happened and then people would very soon vote those witnesses out of their place. It would also be much more complex than people realize and those people/witness would probably have to know how to recode part of the Steem code. Not realistic stuff for many reasons.

Creating Steem account almost for free is coming in the next update and if it wouldn't it would probably be an easy thing to code if Steemit Inc didn't want it but everyone else would want this feature. The thing is Steemit Inc want this feature probably more than anyone else.

·
·
·

why does steemit need email to recover the account?

·
·
·
·

It's a way to help them prevent the person who just steal the password to initiate the recovery process claiming they are the real owner of the account. They don't really need it if they can prove the identity of person trying to recover the account by another mean, in fact the email is far from being the best way but for Steemit it can help.

Anonsteem uses other means and other recovery partners could also use other means.

·
·
·
·
·

I know, it's a bit another issue but I have a question though.

Is it possible to get back STEEM I have sent by mistake to an account?
E.g. I sent STEEM to @minnowboster (https://steemit.com/@minnowboster) with one o instead of @minnowbooster with 2 o's?
I mean, there should be an option to reverse your actions within a given time frame.

·

Wow! I was not aware of this at all. And I apologise for my assumption. I will amend this information immediately. Perhaps it might be worth adding this info on your main page? Now that hacking seems to be a topical issue, I believe it would make people feel safer.

This info certainly makes me feel a whole lot better, as this new account was bought with anon.steem! Thanks for your awesome service by the way 🙏🏻

And your suggested systems of proving identity make a lot of sense.

I have written to support@steemit.com and explained the full story... and I hope they will let me verify my identity with something as simple as a video call :)

Thank you for tagging @ned & @sneak here. I hadn't thought of that.

·
·

@samstonehilltube :D this is quite unfortunate, I wrote a bit longer of a comment and I'm sorry you lost your "fortune"

First of contact the team and ask them, any of the devs on chat, ned, sneak whoever on the rocket chat.

Second you've done the best already, I was tired of watching scam posts, but it is how it is, I was going to write a security 101 ... What I've learned from games is "Never tell anyone your password" privacy is important as is thinking, you basically went into the perfect storm, but next time, if steemit needs your password, what for, why would they, there is no reason, they have their accounts..

Pfishing is going on since emails exist even before that, people have been getting scammed out of property, whatever weak points you have will be exploited if there is gain to be earned .. some people are like that, anyways freezing accounts would be nice in such occasions, but I'm not sure how features would be implemented without the potential for abuse..

Just keep in mind there are many greedy and stupid people..

I'm happy you have grown so much :)

and that you have spread what you have earned, whatever is lost rarely is, I'm sure you will make it back up in no time, in the case of the account not getting recovered.

There was a famous quote from a millionaire that he can make everything back up even with a shirt on his back, I hope this is a worthwhile experience to any ego driven mind, which is all of us. Possessions are not worth anything and we have put a lot of value into a lot of objects

Ridiculous Account Security in a decentralised app..

I'm sure you will pull back, you have a beautiful life :)

Let the traps fall into themselves.

·

Thanks for the clarification on anon.steem and what you did. the next time i wanna register an account for someone who wants anonymity, i'll use your service.

·
·

I have used it many times. It's great! Especially now I know accounts can still be recovered without giving an email address :)

·
·
·

I am thankful that you have been able to get your account back! Losing all that work put into it would be heartbreaking.

This scam was discussed in the #security channel on steemit.chat. If anyone sees anything similar to this scam, simply get on steemit.chat and ask for help first. It doesn't hurt to check in the official #steemitabuse channel too. I had reported this particular scam to that channel as others had. The admins were working on it too.

This is really unfortunate. Thanks for staying positive and continuing to help others.

·

Thank you for your support. This really means a lot to me :)

I'm sure the steem team can nail this theif if they take the time? The amount of skilled people involved in this platform makes me sure the theief is only able to get away with it if we let them? Steemit def needs more user friendly security as soon as poss, otherwise as this platform increases stories like this will
increase tenfold as less web savvy users sign up and it will bring the platform into disrepute. Good luck! Upvoted and resteemed.

I'm very sorry to read this. I hope you can recover soon. I also think this a wrong doing. Our profiles have a lot of work.

I did a little investigation on this domain:


Created On: 2017-10-09 Expiration Date: 2018-10-09 Last Updated On: 2017-10-09 Registrar: GoDaddy.com URL: http://www.godaddy.com Registrant: Name: Ned Scott City: New York State: Ciudad de Mexico Country: Mexico
So the guy is very funny by putting @ned's name as a registrant. I will keep myself asking to godaddy's team support if there is a way to get a real name and email. He may have a credit card linked, or PayPal account, in order to buy this domain. As soon as I get any info I will let you know. STEEM ON!
·

Thanks so much for looking into this and sharing what you have learned! Kinda funny to use Ned Scott City as the name. Not so funny what they are up to. But we will get them off this platform one way or another.

TOGETHER WE ARE STRONGER!!

Thanks again for your support :)

·
·

I did what I could so far. I have reported the phishing website to godaddy's team support. They have a section where people can reports about this kind of websites.
In other news, some weeks ago I have installed this tool ethaddresslookup I use it to check ethereum addresses but just now I've realised that it works also, for phishing websites. As I have it within my Chrome Browser, as soon as I tried to look at this "hacker" website shows me a warning, so I recommend you try this kind of tools too.



source

·
·

I will do my best in order to help with this.

By the way I could notice a "downvote" on the answer you just gave me. This account: @accounttransfers gives you a downvote. If you check its transfer section you can see how this account is "hacking people too"
So let's stay away of this website too: LSTEEMIT.COM looks like they are part of the same robbing organisations.

I think this requires a follow-up post asap:

Screenshot-2017-10-10  samstonehilltube.png


Screenshot-2017-10-10  samstonehill.png

·

I just noticed that @flauwy... seems a bit suspect. Also pondering where a "test" transfer to @chron fits into the picture.

Bumped this up the comment list a bit, but my vote isn't worth that much... @samstonehilltube some odd activity is still going on....

·
·

It's all good my friend. In case you missed the news, I'm back in. The transfer to @chron was just to make sure everything worked right!

Still playing catch-up on all these lovely comments :)

·

Oh, it was just a test! Well, I guess we can all rest easy with @accounttransfers on the case /s

dam that really sucks. I'm here because I got a message in my inbox wallet .
I read this after I already posted a warning blog post. I resteemed your post.

tip! post

steemit scam alert.PNG

I'm really sorry man - one can be as smart as humanly possible but mistakes happen and I'm actually quite scared myself that one day I might go to the wrong google entry or link without noticing it.

But I'm glad that you try to see the positive side of it. And on the positive side - I haven't known your blog before and after watching the trailer for your new documentary ... you're very fascinating!

All the best!
wolf

·

Thanks for your support here and thanks too for watching the film! That is just the tip of the iceberg. I make many different kinds of films.

And am looking forward to sharing them all here on Steemit, even if it is from a new account :)

·
·

If you like - I still have free spots left on my Voting Bot list.

Currently capped at 10 Steemians and Auto-Upvotes on every new post through a Balance System (deposit once - no more url transfers)

Explained it in detail here: http://steem.link/introduction-wolfs-voting-bot

OMG, this is tough my friend - hope you still get it back somehow, their must be a change for the registration indeed, also an option for existing account to create / edit their security settings (or are their security settings)? Getting back later to you.

·

I think there may be a way but it would have to be a special circumstances kind of situation... which I am hoping this is!

Let us see how it plays out.

Remaining as optimistic as I can :)

Thanks for your support Uwe.

Sorry to hear that! Resteeming this so others woudn't fall in trap. It is little bit sily that Steemit can't stop payouts from hacked account. Followed you on second account.

·

Thanks. Really appreciate your support :)

·
·

Followed the first account and now I'm following this second account...sorry to hear about the scam but thank God for the @charitysteemit account you were able to transfer the donations. I know you will recover very fast because you have lots of friends here who really cares, we will outnumber the scammers. God bless you sir!

·
·
·

Thanks for following both accounts! Though for now there is only one.

Let us see how this pans out...

Yes, and it was certainly lucky that the last transfer I made out of the @samstonehil account was this donation money.

Many thanks for your kind words and support. In a way, I am looking forward to building this new account from scratch. The rep number moves much faster at the beginning!!! :)

I just flagged that accounts last 4 comments - 100% - hope this helps lower this scums rep even more

·

Perfect! Thank you. Though apparently the hackers aren't happy now.... That they are flagging all my new posts from my old account!

Sent a THIRDS DONATION @samstonehilltube

Keep STEEM N ON

·

I just saw that now. Thank you so much! You are amazing and I will have to write another post about the awesome generosity of some of the people on this platform.

I am eternally grateful and if there is anything I can ever do for you... you only have to ask :)

This is really unfortunate. Steemit needs more user friendly security, otherwise as it will bring the platform into disrepute.

·

Thanks so much for your support 🙏🏻

Now your old account is being used for scams. Privacy is a double edged sword. So also is the concept of freezing accounts. If you want that, you have banks. I created a website for people to sell files for steem dollars. www.steemfiles.com.

The biggest security flaw in Steemit are the users. If they limit Steemit to veteran bitcoin users, then this would not happen. But that is not what Steemit is for.

This is why you should always use the posting key! Logging with the master password should display huge warnings in the steemit.com interface!

·

You are so right! That would be a much safer system. I hope the right people read your suggestion here.

Many thanks for taking the time to comment & support me in these testing times.

I am sure the platform will improve as a consequence.

·

as I saw this happened with his account I tried to do so, but don't get it. how do I log in with the posting key? can you explain or lead me to a post? would be awesome. thanks

it makes me very sad to hear what happened to you. I hope you recover very soon from this loss. I shared your customer so that it does not happen to others. Steem on brother.

·

Not to worry brother. This won't stop me. Steemit is too awesome to leave behind because of this.

I still believe everything will work itself out in the end.

Thanks for your support 🙏🏻

·
·

welcome my friend....

Sad that this happened ... I was not aware of the security issues associated with using the master account and why there are "child" passwords with different ACL.

·

Thanks for your support here.

Not sure what you mean by child passwords?

·
·

Not sure what you mean by child passwords?

just meant that passwords with lesser access rights like post only, read only etc.

Damn, I had reported this to steemcleaners a few days ago. Wish there was a way to nuke such spam accounts.
Really terrible, but the 'l' in front of 'steemit' in the url plus it not being https is a dead giveaway.
Sorry for your loss, and wish you the best of luck!

·

Indeed, now I am not in a hurry and not so tired... I can see what a stupid mistake I made.

But I do believe this event will create measures to prevent this situation from happening in the future.

The fact that these accounts have value and are under attack is a good thing. It shows that these accounts are real money. Just think of all the bitcoin wallets that have been hacked over the years with nobody even knowing about them.

·

Very true. Thanks for your kind support here :)

Btw, did you get the welcome email from steemit asking to confirm your email address? I just checked and found mine.

·

As I said in the post I tried to be clever by setting up an email address specifically for the purpose of confirming the account. And haven't used it since. And didn't write it down! So, the combinations of names, passwords and email providers is pretty endless. I tried for two days and found nothing.

So I decided to move my attention and write this post, which I hope will help others :)

Thank you for your support at this testing time 🙏🏻

couldn't have happened to a nicer person! So sorry to hear. I've voted on every comment too! Maybe this is a sign to come to England we can make videos together!

·

haha! Funny you should mention that.... I had a rare moment of freaking out yesterday, in part because I hadn't written this post yet and wasn't feeling too much support. Just a rather angry missus! And yes, I said we would move to London and re-connect with my many friends there. It is a city in which I know I can make money if I need to.

But now that I am calm again I am not sure this is what I really want right now.

The latest plan is to spend 4 months of the year in Europe. When it is warm there! Sabrina's mum isn't well and needs our support, so we will live between france & england in those 4 months each year...

....and you and I are going to get very active on the Steemit front, kickstarting London like never before!

Thank you Danny for your lovely email and your upvotes & support. Am still smiling from ear to ear in the way the Universe brought us together :)

·
·

Well if you need a nurse or a nanny, I could tag along?

·
·
·

Yes, we do need a nanny!!!! Tag along by all means :)

Sorry to hear about your problems. Resteemed Upvoted. Donated. It will take you nothing to get back to your 70 rep status. Thank you for trying to help the people of Bali.

·

You are a legend! Thank you so much for your generosity. It really warms my heart to see how the community have responded to this. And this subject deserves a post of its own!

Please just ask if there is anything I can ever do for you :)

·
·

I am not a legend, still new here. I like @mammassita, and she likes Bali. You were trying to help the people of Bali, to try and bring a little bit of light into the dreary days of evacuation, all I did was give a few SBD that I had, You are the Legend, You helped, all I did was donate a tiny amount. Thank you for what you are doing.

Your old @samstonehill account is now sending another pishing link. I so sorry to hear that bad news. I hope you will recover from your lost as soon as posible.

·

Yes it's pretty tough for me to look at the account as it is now. A deep breath and I focus my mind on happy thoughts :)

The harderst part is knowing that the next power down is in 6 hours from now... and there is nothing I can do about it. 400 STEEM I need to support my family of 4.

The generosity of this platform has been unreal though. Just take a look at the donations in my wallet which came in today.

I am going to write a post about this next. The Steemit community really is amazing :) There is no other community like this one.

sorry for the shitty news.. I unfollowed your account and am now following your new one..

·

Thanks for your support my friend. And for the re-follow :)

I believe one way or another it will all turn out for the best in the end...

I am very sorry to hear what happened to you @samstonehilltube. I do not want to bother or stress you, but when you are more relaxed, maybe you can search in your e-mail accounts for noreply@steemit.com in order to find out which email address you registered with.

·

Trust me. I tried this. For two days solid. I tried to be clever by using a name I had never used in an account I had never used with a password I had never used... and then didn't write any of it down.

Lesson learned.

·
·

I am still hoping you will be able to remember. I am sending you positive vibes.

That is so frustrating. I cannot imagine how you must feel, the loss and violation. I commend you on your attitude and balanced perspective.

·

Thank you for your lovely words of support. I can't say it has been easy. But now that I have accepted it, I am able to move forward again with a smile :)

Really sorry this happened. Upvoted and resteemed. I hope you can get quickly back on track.

·

Thanks for your support here! Feel like I already am back on track with this new account :)

But still keeping my fingers crossed that somehow they are able to recover my old one!

So @samstonehilltube, I read through your post and i will resteem of course and I must tell you that i have this gut feeling or intuition that you will find the email address and password you used. Think back at the time you first joined steemit, what else were you doing at the time? I am wishing for a miracle and I will send you a little gift. Hang in there friend, you had a lot of momentum on that account and you have a lot of people that enjoy your quotes and beautiful photos and appreciate you and your family.
BLESSINGS

·

You are amazing 🙏🏻 I've just looked in my wallet and wow! Thank you from the bottom of heart not just for this but for all your beautiful words and support over the months.

I believe this will be resolved one way or another. At least now I can afford that hypnotist! Though it is my belief that Steemit Inc will read my emails sent this morning and find some kind of resolution.

Two things have already changed which will help this platform grow stronger.

  1. The wording in the registration process now makes it 100% clear that the email address used to confirm the account needs to be recorded for situations like this.

  2. A bot has been created by @arcange to send wallet messages to anyone who receives a wallet message from a known scammer.

Meaning that in future this won't happen to people as it happened to me.

And the scammers will have to look elsewhere to get their money!

So, all is good :)

Thank you again & massive huge hugs to you from my family & I :)

Luna.png
Esteban.png

·
·

Kisses to them both Sam, Esteban have grown so much. All will be well sooner i hope.

·
·

Wow, that's really upsetting. So sorry that happened. At least you still have your lovely family and your health. Will be following you more closely for now on. -Dan

·

You know it my friend. We are all happy and healthy! And what more could I want from life?

When I am not focused on the past or future only one thing remains.... this moment is perfect :)

And the generosity shown by the Steemit community around this situation has brought tears to my eyes.

I will never give up on Steemit :)

·
·

You're an inspiration to us all!

Jangan terlalu sedih @samstonehilltube !

Although I am sad reading this post! I hope Sabrina is calmed now.

Shitty people out there for sure

Upvoted, not much, but it's a start

Di tunggu blog selanjutnya😊

·

Makasih :)

Everything will be fine in the end.

I appreciate your support 🙏🏻

·
·

That's the spirit @samstonehilltube

Semangat!

Thanks for informing us, so, now I can unfollow samstonehill and hope your hacker will not get interest in hacking also your followers. I mean, quite a big pool to fish in it he has now. I'm just too small, I guess not even a fish more some algae or some seaweed there, so he might not be interested. Thanks, for information anyway.

·

I forgot to mention that they are generally targeting people with Steem in their wallets. But you don't need to worry if you understand how it is they are running their scam.

Just stay vigilant and never give out your master key. Says the man who went and did exactly that!

Important lessons have been learned and these will only make us stronger :)

·
·

Thanks, but when I upvoted your post the Account Transfers quickly took 100% of my upvote (or so I understand). Look at Steemnow - it si clearly shown there and on Steemstats.com, and some web site of Account Transfers opened up next to the already opened Steemit site of your post. Do you understand what is going on - I certainly don't. So, please, do check this out.

So sorry to hear that your account been hacked..when you been helping your fellow Balinese community..
Such kindness been paid with hacked acc.
But...dont worried too much or think about it..
You gain your rep and loss in no time..
As my sister once said to me when i laid motionless in ICU and been revived twice years ago.."God work is so mysterious and always see the good thing in everything even the bad thing"
Blessed you mate...

·

Many thanks for your lovely supportive words!

And I do believe you are absolutely right. There is always good which comes out of bad. If one chooses to focus on the good ;)

Thanks again for your support at this slightly testing time 🙏🏻

·
·

Your welcome mate..
Feel free to stop by at Sabah next time..
Loadsss of awesome place for your time lapse..

And...if you need help for your charity at Bali..i got a few Kiwi friends residing there also..
Worked for Fauna & Flora International. Ecosystem Impact.
They been there since the Tsunami..

sam. i am fairly new here and i am sorry this is the way we get to meet. in two posts i have read just today, i have seen a steemian give someone a ride and a twenty dollar bill when they needed it, and the steem community helping someone pay for medical care for something they have needed for 15 years. i have voted and followed. just my small token. if what i have seen just today is any indication, i have full confidence that the people of this community will not let you down.

·

You are right about that my friend. This is clearly one of the most amazing communities on line. I am blown away by the generosity here. And despite current circumstances, I have high hopes for the future :)

Feeling very sad for you. Resteemed and upvoted all your current posts. Fingers crossed for the hypnotherapy!

EDIT - Although I'm saddened and appalled at the actions of this person / group of people, I'm not really surprised. There are many greedy people out there. But what really shocked me, oddly, was that he then flagged you. That's just plain mean, nasty and petty, using your own money to reduce your capacity to build back up.

·

Yes, I have to admit that was pretty low. Though in truth it actually made me laugh. Sometimes we just have to look at the funny side of things!

Many thanks for your support :)

Damn, bro. So sorry to hear this! Thank you for making us more aware. Following you here now.

·

The words of my last Abraham post in the @samstonehill account are quite fitting really. 'Find a way to be happy wherever you are now'. And I must say that in this moment, I do feel very happy indeed.

The community have been incredibly supportive, reminding me of why I am here!

Many lessons learned for me here and for the steemit devs too.

Ultimately it will serve to make this platform stronger.

Thanks for your ongoing support :)

Consider flagging the outstanding rewards to reduce the payouts. I am very sorry this happened.

I do not think it was a flaw, in SteemIt's recovery process. Yet, I think many of us created accounts anonymously or via a throw away address and could also end up in the same boat.

·

It looks like everything that can be flagged has been now. All the way to zero. Which is great!

Funny however that they are now flagging me from my own account. I can see my own minus vote in the list on this post. Guess I must be pissing them off! haha :)

Yes, many lessons learned and it's not right of me to blame Steemit, but a few changes have already been made which will hopefully prevent this kind of thing from happening in the future.

Hi bro, i am really sorry to hear bout this misfortune especially to you having noble thought. I have upvoted, resteemed and started following your new account.
I know its not going to be easy but always remember that, the hackers have only taken a very small portion of your contribution. Look at the brighter side that your Intellectual Property (IP) which is your most valuable asset is still with you. And always remember bro, when you are working on a noble job, there will always be an invisble hand helping to pull you up. I am not sure if you are a believer in that but, He would never let you down. So, cheer up buddy, take some deep breath and a good rest and re-steem your self for a new journey thru this new site.
Thanks to @exyle for sharing a post bout your misfortune.

·

It seems this event will mostly serve to make our platform stronger.

Two things have already been changed:

  1. The wording in the registration process now makes it 100% clear that the email address used to confirm the account needs to be recorded for situations like this.

  2. A bot has been created by @arcange to send wallet messages to anyone who receives a wallet message from a known scammer.

Am breathing deep in this moment & feeling the perfection of NOW.

People have been unbelievably generous. It's truly heart-warming.

Thank you for your support :)

So sorry to hear that, but it should be a warning to everyone, the threat is very real! but you'll recover quickly, you have many followers and supporters.

·

Thanks for your support. I am already enjoying the process of re-building a new account :)

And why knows? Perhaps I may even get the old one back at some point???

:)

Sorry to hear that Sam. Follow you here and resteemed :-)

·

Thanks for your support my friend. I still have a little hope for the old account. But even without this, it doesn't matter. I will never stop posting on this awesome platform :)

holy christ that is terrible... it is these kind of one-time security lapses that I think will prevent Steemit from really taking off. i'm a noob, but it seems so damn fragile. thanks for your post / upvoted

·

These events make the platform stronger. They actually need to happen in order for the devs to to see the cracks in the armour and fix the problems. Things will change because of this. Trust me. They already are ;)

Thank you for your support at this difficult time :)

I do believe it was some twisted manifestation Mr Stone-Hill!

·

haha! Yes, perhaps my ego did get the better of me a bit there.

And most likely made them think I had lots of money...and therefore wouldn't care about the $3,500 they are currently stealing.

Thanks for your support bro. Come over for a drink any time! I don't get too much male interaction around here now that @jockey is gone.

·
·

I just meant "the end of all my posts" thing, It was for that account for the time being anyway. Yeah I will give you a shout sometime but if you go to the BTC exchange also then let me know, I'm sure it's not rocket science but I want to just see how the transaction takes place, you'll be skipping along there in no time with all the support!

·
·
·

Ah, I get you now! haha! Every end is a new beginning :)

hmmm maybe @ned and some of the whales can flag him to -28...
Upvoted , resteemed!
Namaste!

·

I would imagine it won't take long before he is flagged off the platform. Just wish it could happen faster!

Many thanks for the support :)

What about apps like steepshot that ask you for your private keys? Can that be trusted?

·

I am not sure about the answer to this question. Do a post on it. The community usually has the answer ;)

I see that twat that stole your account has posted on many other people's wallet messages trying to get their information. They are also using YOUR old account to send these phishing messages now! Can anyone on the steemit team ban this person? I also resteemed your post for awareness.

·

It is being looked in to. I am sure they will find a solution. They have already changed a few things :)

This breaks my heart! I hope they can help you recover everything some how :(

·

You are such a star! Thank you so much for your donation! This was not expected at all and I have been completely blown away by the generosity of this community :)

I also hope they can recover it but am mentally prepared now for the worst case scenario.

Thanks to people like you, the blow has been softened greatly :)

If there is ever anything I can do for you, please just ask!

Really sad to hear your story my friend !
Be strong and patient ....You will rock again !!
Best of luck dear friend !!!
Thank you so much for sharing this story here. It gives a good lesson to we all steemians .

·

Thanks very much for your support. It is massively appreciated.

Let's see how this plays out, but I am sure in the end I will look back on this and smile :)

·
·

Thank you so much for your reply !
All the best my friend !!

Thanks for your insights! I'll immediately check if I have all the information stored and start blogging with one of the less mighty keys.

I wish you all the best that you recover soon from your loss (mentally and financially). One way to get over bad experiences is fasterEFT. (Just if nothing else helps, tapping fasterEFT style you can switch your memories and go on as a happier you!)

Greetings from Vienna !

·

That's actually a very good idea. Just use your posting key instead of your master key. If someone gets hold of this, all they can do is make posts from your account! And you can change that key with your master key. A valuable lesson learned for all.

Many thanks for your kind words and it is curious that you mentioned tapping. I started doing this two months ago to deal with my nightmares... which are now gone! So have moved on now to release and let go of a whole bunch of things.

For the last few days it has been about the release my fear of not having any money and also to release my very old belief system that I have a terrible memory! Thought this would help me remember my email address I need for the account recovery. No luck yet, but I will keep you informed...

Many thanks again for your support and greetings from Bali 🙏🏻

·
·

Congratulations that you found tapping for yourself! I guess it were your words about getting over losing the money, that made me assume that you would be open to it. :D
Oh yes, the fear of having no money is actually also a big one for me too. Thanks for reminding me to work on that one.
I'm looking forward to hearing more about your tapping successes. In fact, I'm planning to write about my fasterEFT tapping journey here on steemit, but I'm not sure, if I'll translate everything to English or stick to German.

Anyway, I'm sure somewhere in your brain you'll find the information about your email-address. Just take a shower, go swimming, have fun at a party and it will suddenly show up, when you expected it least. :D
Greetings from Vienna!

Oh my goddd...!! What an idiot he is ...May he won't ever find peace in his whole life stealing someone's hard earned acheivements like this ..:(

·

People like this almost always get what is coming to them in the end. And if fact, he has done us all a favour because now improvements will be made and this won't be able to happen again in the future.

Many thanks for your support :)

Yikes! Sorry to hear that, Sam :( What URL did you access that phished your password? Also, how were you able to track the hacker to that account? Is it the one included in their transfer memo to you?

I'm sure you're going to be able to get back what you've lost, and then some! Have faith!

·

Thank you my friend. I still have faith. And I am sure in time all will be well...

I used the url given to me in my wallet. And I feel pretty dumb right now for having fallen for their trap.

But many lessons have been learned and it will only make this platform stronger in the end :)

·
·

Don't beat yourself up about it too much. Even the best of us fall victim to those things at least once. At least what they took is something you can earn back. From the looks of things, you're already off to a great start! No losses, only lessons.

Oh man, I'm so sorry; I, and others tried to get the word out and warn people but it is hard without hundreds of resteems. Stay positive and stay safe.

Cg

·

Thanks for your support. Yes, it's a tricky one. There is no way to warn the entire platform at the same time. Something else for the devs to think about perhaps. Maybe a message board?

Anyway, so far today I have felt very positive thanks. All the amazing people under this post have help me a lot :)

Oh wow, that is terrible!! I'm so sorry for this experience you're going through however the positivity that you're still showing is truly amazing. We've got your back man :):)

·

In this moment I really do feel like the whole of Steemit have my back :)

Thanks very much for your kind words and support.

We Are With You Dear Don't Worry Never Give Up

·

Many thanks for your support.

It is greatly appreciated at this time :)

Oh, nooo! You have to build up your Steem again, from the beginning! But it will be easier! I know you'll never give up! We are with you!

·

You're right about that! I will never give up doing what I love... steem or no steem :)

Thank you for your support 🙏🏻

·
·

Uhmm interesting @samstonehilltube. Haha, Did you notice that your hacked account has been Upvoting your comments?

Ah! The Irony!! ;)

·
·
·

I hadn't noticed that! Weird. They are probably hoping to make money off anyone who votes after them. Or perhaps put people off from voting for my comments!

Apparently they don't like me very much as they are also intentionally lowering the payout of this post by using my own steem power against me with a flag.

I took this screen shot earlier today when I noticed my downvote in there.

Screen Shot 2017-10-10 at 11.10.00.png

Oh man. Sorry you had to go through this!

·

That which doesn't kill us makes us stronger ;)

Many thanks for your support.

I am so sorry to hear about this! Sadly, all I can do is unfollow that account and follow this one. I also flagged two pending posts there that still have some payout pending.

I hope you manage to rebuild your status quickly on this account!

·

Thanks for doing the right thing with the flagging... as much as it breaks my heart to see!

Everything will be alright in the end and I am determined to continue enjoying every moment I spend here on Steemit :)

In principle you should still be able to recover your account if you're in contact with Steemit support.

They have the key required to recover your account, and you have the master key. The email is merely a method to provide evidence that you're the same person. Think about it, the blockchain is not based on emails, it's based on keys. If you can prove to them in some other way that you are the real owner of the original account, you should be able to recover it, if Steemit Inc can support.

·

I have written to support@steemit.com explaining my situation clearly.

I was thinking that a photo of my passport with a photo of me today (perhaps even holding up todays newspaper!) with some links to posts in the @samstonehill account which clearly show my face.... well, this surely would prove that I am me!

Let us see how this plays out....

The important thing is that Steemit grows stronger due to things like this and creates further systems to protect us.

And that is already happening :)

And if you still try to regain control of the mail? Somewhere in the browser this mail could have survived, it is necessary to contact a computer expert.

·

Trust me. Tried everything. I cleared the browser history for some reason the month after I joined!

I believe it can be resolved another way now. Just hope Steemit permit me to use an alternative method to prove I own the account 🙏🏻

Many thanks for your support :)

Hey Sam, oh my! That's crazy. And I've had a glimpse of just how hard you worked to build your following. Well, the least I can do is follow you again. As you say, this is an awesome opportunity though to rebuild from zero. Because of course it's going to be a magnificent pheonix rising from the ashes and well... From the steem! Since this new account was meant to focus on your (neglected) video work, might I suggest (especially while you are under 100 followers) you start videoing the rebuilding process. You definitely want to get some video of this low point. This is going to make a great adventure documentary!

·

Hey Russ! Many thanks for your words here. And thanks a million for the donation too! You are a total star.

Yes it's been a bit of a shock but am usually fast to move on in these situations. Life is too short to waste time feeling sorry for ourselves! Valuable lessons have been learned and many will benefit from this by improving their awareness of security.

Interesting idea for the documentary on this! If only there were more hours in the day. I am committed to Petra and many other projects currently. And was planning on leaving Bali end of Nov. Though not too sure about that one now!

Hope to see you some time soon... Esteban plays on the bintang seat every day :)

I am glad you believe that the time will come when this would just make you smile because it would have already made sense to you. I made a mistake 13 years ago and I'm enjoying the fruits of that mistake now. It might take years but it will come so don't let go of that thought.

Also, your page @charitysteemit still says 'contact @samstonehill'.

·

Ah, thanks for pointing this out! I will have a look at this right now....

Yes, I have experienced many things in my life which at the time felt very bad, but ultimately led me to exactly where I needed to be. And it seems to me this is no different.

Just have to stay focused on all the good stuff :)

Many thanks for you support 🙏🏻

O man, I'm so sorry. It appears your account is now being used to send Spam itself. I made a post about it and it let me here. I'll send all the rewards from the post to you.

·

Thanks very much for your support my friend. It really means a lot to me during this difficult time.

Am conscious of what they are doing in my account now. Difficult to see this but things will work out for the best in the end :)

This must have been a very difficult time for you mate, life's challenges can be hard! Hope everything works out okay and you get your future looks bright again.
I wish you the best mate

We @adsatly wish the best for our member, and we will pull all our resources to help you out.

Keyholder North

·

Thank you for your support @adsatly at this testing time. It is greatly appreciated 🙏🏻

Can the virus on the computer become the cause of the account theft?

·

I don't think so. But I am probably not the right person to ask about this.

It was because I made a mistake.

But this platform will grow stronger as a result :)

·
·

Thank you) I am pleased with your answer in any case)

Upvoted. I wish I could do more, for one of the people who helped me get started here by producing useful videos. Thank You, and best wishes!

·

Your words & upvote are plenty. And massively appreciated :)

Thanks for your support.

That really sucks . I am a newbie so that is a bit worrying . I sent bit coin , I am glad it is being used for the charity. Thanks for alerting us. Lets all make sure everyone knows how to protect themselves on steemit.

·

Nothing to be worried about. Events like this serve to highlight problems which devs then find the solutions to.

Two things have already changed which will help this platform grow stronger.

  1. The wording in the registration process now makes it 100% clear that the email address used to confirm the account needs to be recorded for situations like this.

  2. A bot has been created by @arcange to send wallet messages to anyone who receives a wallet message from a known scammer.

Ensuring that scammers will have to look elsewhere to do their dirty work.

Maybe he'll mess up and use the wrong tag and @sneak will flag him.

·

not sure I understand?

But I certainly appreciate the support :)

One of the great post. Thank you for sharing.

·

thanks for your support :)

Congratulations @samstonehilltube! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of comments
Award for the number of comments received

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

Sorry to hear this has happened.

I'm following you now (I wasn't before, no idea how that happened). I've also been and flagged the blogs and comments on that account. It's not made any difference to the rep, but if enough people do it, I'm sure that will change soon.

Good Luck. Keep up the good work!

·

Thanks so much for your support Michelle. This really means a lot to me to see you here :)

Once I get back into my usual posting regiment, I think you will enjoy what I have to offer.

Steem or no Steem, I am here for good!

·
·

I'm going to be supporting you. I had no idea what you were doing, but now I've seen some of it, as little as I can offer, it's going to be coming your way :)

If there's anything I can do to help in other ways, please let me know.

·
·
·

Wow! Thank you. This is great news!

Likewise, if there is anything I can do to help you... please just ask :)

I'm really sorry to hear that! You have my upvote and a resteem; I hope you'll be up to the same steem-level soon again :)

·

Thanks for your support here :)