Rumor of Phishing Scam is Back
There is a rumor that the old Phishing scam is back.
Witnesses are on the alert to take them down.
Be careful. If you are asked to enter your key after you click a link, it is highly likely a phishing site that looks like Steemit. Check the URL and if you are not sure, close the window and open a new window with the correct URL address.
Scammers want your keys
Steps to keep your Keys Safe
Step #1 - Never use your Master Key except to change the keys in an emergency
Step #2 - Use your Posting key to log and blog, vote, and comment.
Step #3 - Never use your Private Memo Key
Step #4 - Never keep your keys stored on a computer that is connected to the internet
You should know what your keys do and only use the lowest access key for the task.
Be Safe. Blog Safe.
Please remember to VOTE and ReSteem
---------------------------------------
For a breakdown of how Steemit Rewards system works:
https://steemit.com/steemit/@socky/steemit-rewards-breakdown-a-simplified-explanation-with-illustrations
For a breakdown of Steemit Keys:
https://steemit.com/life/@socky/do-you-understand-your-steemit-keys
I suggest everyone a tactic I use.
Don't click on links.
Thank you for the great infographic. So many keys so much confusion.
Upvote this: https://steemit.com/free/@bible.com/4qcr2i
When it comes down to it...watch your shit and pay attention!😎👍
Great tips!
thank you for the head’s up.... plus appreciate the graphic... x (((o)))
Is this just a rumour or it is really a threat
this scam is only a threat to those who aren't careful with their keys. I read the witness chat room that they were talking about the phishing scam is back and to alert them if any instances of it happening. I go to the #help chat room and people are constantly asking what to do if they have lost their keys. In their case they only use the master key and never use the other keys. It is shocking how often that happens. No one should lose their keys. The master key should be stored in a safe place. If the lower access keys are lost, then the master key is used to get a new set of keys.
Another layer of security is to store STEEM in the form of SP. If a thief gains access to an account, to steal all the STEEM, the thief would need to do it over a period of 13 weeks.
The phishing scam uses a stolen account and sends comments to various blogs trying to get users to click a link. Once a user clicks that link, it takes them to a site that looks like Steemit. It will look as if the system logged the user off and they will get the log-in screen. If they enter their keys to log in on the fake website, then the thief will have the keys and can take over their account. They will use it to send more comments to get more people to click the link in the comment.
If you have STEEM stored in SP and never use your master key, then the thief can't take any STEEM because it takes too long to get it out. All you need to do is use the master key to create all new keys. The old keys that the thief has will become useless.
@socky Thanks for the valuable alert. Keep posting such threats....
How about steemconnect, can we share master key to them?
No. The rule is never to use the master key unless it is an emergency to change all the keys.
Use your Active key
Thanks for this scam alert!