Wallet Fix - Stop the Scams/Spam!

in #steemit7 years ago

pexels-photo-545065.jpeg
Am I the only one bothered by the bills having different sides up? ;)
source

I know there are a lot of scams and phishing scams going on right now, and lots of very smart people are working to curb that. Hopefully they will be successful and the people who are committing these acts will be caught and dealt with in an appropriate manner. (Fill in your own preferred method of justice/punishment here)

Wallet Spam/Scams

Before moving to the more sophisticated methods of comments and embedded links that are driving people to fake Steemit sites, one of the main places that spamming/scamming started was in the users' wallets. Scammers would send links in the comment section that could be used to steal someone's account. It got so bad that Steemit changed the wallets, so hyperlinks are no longer displayed, rather only the text of the link is given.

Wallet picture 1.JPG
There's even a warning right above the transaction log

You would have to manually copy the link address and post it in your browser to get to the site. The additional time can help people's better judgement to kick in and prevent them from falling victim to the scam.

Bogus Transactions

The new craze in wallet spam is basting through a database of friends strangers and giving forcing on them 0.001 SBD (current value = $0.002) to harass them with messages that beg for money... or to use their "service." These are also basically begging for money as these services are devoid of worth. No real people follow those accounts. No one wants the spam! Still, check out the last three transactions in my wallet. One was rewards redemption, the other two, beggars.

Wallet picture 2.JPG

Transaction Escrow

Currently there is no way to prevent this spammers from sending their unwanted messages. From what I have been able to tell, muting someone won't prevent their message from showing in your wallet as it's a transaction on the blockchain. Therefore, the message gets through.

Because these scammers are exploiting the system to advertise their "services," I propose a change to the system. Rather than simply sending money directly to another party, the funds would be held in escrow by Steemit until delivery was accepted. Each transaction would have to be specifically "accepted."

For those of you who don't know what escrow is, Wikipedia defines it as: "... a contractual arrangement in which a third party receives and disburses money or documents for the primary transacting parties, with the disbursement dependent on conditions agreed to by the transacting parties."

In this case, the dependent condition would be the approval of the transaction by the sender (by sending the money) and the receiver (by specifically accepting the transaction (and memo)). Since the escrow is held by a neutral 3rd party (Steemit), you wouldn't have to worry about your money getting hijacked or stolen. All you would have to do is approve the transaction.

Whitelist

Yes, it would add another steps and could be time consuming, but the process could be automatically bypassed for specific senders. A "whitelist" could be added so users could put certain potential senders on their list for automatic approval. Any transactions from those senders would automatically enter and successfully exit the approval process without additional confirmation from the receiver. The successful transaction would show on the wallet log like normal.

Whitelist Variant

A variant of the whitelist could be a "followers approved" type of system. It would still rely on an escrow system with Steemit acting as the intermediary, but rather than requiring a user to specifically approve specific senders, all of the users they follow would automatically be approved. Additional users could be added without following them, but that would have to be done manually.

Blacklist

Because Steemit will be the one holding the money in escrow, it should be safe from hacks, and it shouldn't be retrievable by the sender. Also, a sender could be "blacklisted" so that transactions from specific people will automatically be rejected and the SBD returned to the sender. The would-be receiver wouldn't even know that a transaction had been attempted.

The blacklist could even apply to people below a certain reputation threshold. For instance, you could set it to automatically reject any transactions initiated by a sender with a negative reputation. Or you could even block potential transaction from anyone with a reputation below "x."

Conclusion

One of the reasons there is spam on the site is that the system allows it. By changing the process slightly to give users the opportunity to reject certain transactions/interactions, it protects Steemit's legitimate users from bad actors and those who are only seeking to exploit the system.

tl;dr Let people Reject or Block wallet ads from beggars, spammers, and scammers sending 0.001 SBD.


Note: These are just my opinions and are for informational/entertainment purposes only. Do your own research. Always protect your keys. Don't accept candy from strangers.

Ono Small.png
@themanwithnoname


- What do you think would help cut down on spam?

- Would a transaction cost be appropriate?

- What if bandwidth were lowered on people who were "bad actors?"

Sort:  

Could there be like some sort of "scam/spam police" , and once the police reports you over a period of time and every necessery checks has been done, i guess it's best to expel you from the platform.

In a way, the scam/spam police do exist, in the form of steemcleaners, cheetah, etc. They take actions to negate rewards or to spread the word, but it sounds like you may be wanting someone with some kind of legal authority or some kind of punishment beyond the community's own moderation?

Expelling someone from the platform (as in Steemit) is an intriguing idea. The problem is, however, while a user may abandon an account because a number of folks knock down their reputation, making it virtually impossible for their articles to be seen, that doesn't seem to apply to wallet transactions.

We've been told that accounts are sacrosanct. In other words, they won't be touched by Steemit or anyone else, so I'm not sure what other recourse there might be.

It looks like @glenalbrethsen already got a great response to you, but as a decentralized platform, it's hard to remove people from Steemit. A while ago, I saw a screenshot of an account that was purported to be deleted, but I don't know if it was legitimate. As far as I know, accounts can't be deleted.

Still, there's got to be something that can be done to cut down on wallet spam. The wallet should be one of the safest tabs. You have some good thoughts and I really appreciate you commenting. :)

you know, if those guys wanna give me a little money, go for it! i hope we all know (or will learn through your article too) just how scammy all that is! over the next few years, maybe we'll have a SBD worth of scammer $$ we can trade for steem :) lol, but in all seriousness, good thoughts on a pervasive problem. i've started toggling night mode as I steemit so that if i am taken to a bad site, i immediately know because it will be white (and not black like the night mode site). one way.

Yes, I thought about how eventually the SBD could add up, but they should raise the minimum send to .01. Then I only have to get 100 advertisements for 1 SBD. Although, I'd rather just not have it clog my wallet.

I have already been using "night mode," because it's not as bright on my eyes, but that's a really good idea for security reasons. I hadn't even thought of that. Good idea! Thanks for sharing your ideas!

Cool idea, and it would be great if there was a dedicated Steemit tag that these type of platform improvements could reference with some kind of guarantee that you'd get a yea/nay/maybe answer in a reasonable period of time. It seems that so many good ideas fall into a black hole.

A dedicated tag would be nice... or even a customer service person who could accept comments or emails. I'd be willing to send it in email format if it meant it got in front of someone who would read it. And how cool would it be if that Steemit person made a weekly post about some of the ideas they received, and even highlighted certain ones that they were considering?! I'd love to see that!

I agree that it feels like there's not a lot of communication either direction between users and the site. Would like to see that improved. They really need a customer service department too. There's so much garbage that goes on, that they need a public relations person or something to put out releases assuring the public that things are under control. Just my opinion.

I like where you're headed with this.

I think we already have a mechanism in place. Every time you receive some kind of reward, you get this:


Screen Shot 2018-03-22 at 7.03.00 PM.png

Which kind of bugged me at first because I thought, of course, I want my rewards, why do I need to hit a button?

However, this would make perfect sense for people sending messages with their .001 SBDs. It might take more of a warning message with those kinds of transactions, like "Such and such has sent you x SBDs. Accept?" I don't know. Something like that. That way there's not something being set up in addition to what already exists.

Exactly my thoughts. I could have been a little more clear with that, but yes, the mechanism is already there. I would just add a new tab (or sub-tab) where you could go through the list. Easy peasy! Well, not really. ;)

Busy is double-posting comments. It won't tell me it posted until I resubmit it... then BOTH! Ha ha

I like the idea. Muting doesn't, raising the minimum transaction fee is just going to hurt redfish and new users, so blacklisting accounts and using escrow account for non-blacklisted accounts would be a good Idea. If the escrow service received a certain number of complaints about a certain sender then that account/sender gets added to the blacklist account. That would maybe take out some of the vote bots.

That's a great analysis of the different options. Yeah, red fish aren't going to have the money to make the transaction. If you add a fee, it's going to be even more difficult.

Having a consensus blacklist would be another great idea. Some accounts like hottopic don't have negative reputation, but most people don't like them. If 100 or 500 people (number negotiable) flagged them, they would be auto-blacklisted. They could even take that idea to the next level and allow you to subscribe to someone's blacklist, i.e. @steemcleaners. Then you theoretically wouldn't need to worry about it.

Cut down on spam by blocking account creation from a specific IP address? Most of these idiots aren't that smart. By the way you just got a new follower i found this post from @cognoscere commenting on my recent post. I was recently victim to a hacking and have always had a very strong stance against non authentic behaviors on here since i started here!

Yes, blocking a specific IP address could help. The downside would be if someone used a public wireless network, like Starbucks. If you could block IPs it would cut down on the spammers who have multiple accounts. It's frustrating when one gets shut down and the rest of them are able to continue on... or they start new ones.

Glad to have you following. @cognoscere is awesome and has been a big supporter of me. Very grateful. Also, those pictures are amazing, right?!

Sorry to hear you got hacked. Glad you got your account back. Hopefully not too much work for you to get right back on track.

Thanks for stopping in! :)

Interesting thoughts and good solution @themanwithnoname.

I personally don't have a problem with people putting money into my wallet, even if it is spam, so I wouldn't really want an extra step to approve incoming transations.

The spam that really gets up my nose is accounts following and unfollowing me all the time. The same ones day after day.

They fill up my notifications and I end up missing stuff I actually do want to be notified about. But no matter what I do I can't seem to stop them showing up. Grrrrrrrrr!

I can understand that some people don't mind it. I'm just saying it would be nice to have the option to not get them. I don't consider $0.002 worth my time. And I don't think it's right that there's nothing that I can do to stop them from bothering me.

I get followed and unfollowed a bit. It's annoying. I think they're just trying to get attention.

0.002 is often a good upvote for me @themanwithnoname and having choice is always good. 😊

Oh, I wasn't talking about upvotes. As someone who was thrilled when his total vote value went over $0.01, I don't judge there. I was talking about transactions in the wallet. That 0.001 SBD is only worth $0.002. It seems like if someone is going to all that effort to send me a message, they should at least give me something more than that for my time. ;)

Yes you were. Apologies. I've just come in from doing some errands and forgot the thread of what we were talking about here. 😊

Could you delete the "@" from the names... if those accounts haven't found me already, I'd rather not have them following notification here. Using the @ sign is like a bat-signal for them. Thanks!

Will do. I can remove them completely if you'd prefer! 😊

Congratulations @themanwithnoname! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

Upvote this notification to help all Steemit users. Learn why here!

I don't really mind the 0.001 STEEM spam, a penny is still a penny xD

Like my fellow countrymen say: "grain by grain, the hen fills her belly"
Other such sayings :

  • Little strokes fell great oaks.
  • Great oaks from little acorns grow

I think most ppl have enough brain cells to not actually use one of those resteem services that are full of bots...

That's part of the issue, it's not even a penny. Maybe it could be a sliding scale, that if you wanted to send money to someone, there was a minimum that increased based on how much SP the person had. So if you wanted to send to a red fish, .001 could be the min, but if you wanted to send to a whale, 5 SBD would be the min. For someone like me, .1 SBD would be the min. :)

Thanks for the advise, I think they are here to stay, I just avoid all, just do what is required and one should be safe.

Coin Marketplace

STEEM 0.19
TRX 0.17
JST 0.031
BTC 82195.61
ETH 3201.57
USDT 1.00
SBD 2.81