Hacking continues @samstonehill level 70 ACCOUNT was fooled, Don't be next
Steemains still getting fooled.
The user that got his account stolen, made a good post about the hack under a new account, you can find it on his new account Here
The run down
If you see this memo in your wallet please disregard.
ACCOUNT BLOCKED: We have detected unauthorized activity in your account. Your account has been BLOCKED for your protection. Please Contact Account Security: ttps://security-steemit.com.mx/account-security-contact
Never ever ever send your master key to anyone not even @ned
This is what the account looks like atm. It is sending messages to everyone, with the memo above.
The Fake site/link
If you happen to check out the link beacuse you are brave enough, This is what you will see
Couple weeks back there was a huge hack on many accounts @keyhunter found keys in memos and posts and locked those down and sent a memo to reset the account with account recovery.
Do not be fooled, Steemit is decentralized and there is no blocking of accounts no matter what, there is muting, flagging but no banning or blocks.
Keep all your keys safe! Never use your master key no matter what.
It looks like the orginial account holder has lost 3K in Steem, Liquid funds from this post will be sent to him to help recover.
This
Thanks for sharing this @zeartul. So far I will be in touch with the godaddy team support (as I'm member I may find something). I have checked this domain and it is been registered using godaddy. The info you may find, using a whois lookup will be this one:
Created On: 2017-10-09 Expiration Date: 2018-10-09 Last Updated On: 2017-10-09 Registrar: GoDaddy.com URL: http://www.godaddy.com
Registrant:
Name: Ned Scott
City: New York
State: Ciudad de Mexico
Country: Mexico
So the guy is very funny by putting @ned's name as a registrant. Well as soon as I can get in touch with them I will ask them how can we know this guy real name and address. He may have a linked credit card when he bought the domain. As soon as i get more info I will let you all know. IMHO this kind of people are very bad. I know how hard it is for many of us to get some reputation and gain our rewards by posting. This is why I'm here to help.
Godaddy will and cannot provide you with this information without a court order.
You used to be able to determine the owner (and registration address) of a domain name, but that was removed because of people getting threatened, harassed and attacked.
All we can do is stay vigilant.
Thanks for answer @rmz. Even that they won't give you any info, they allow you to report any suspicious activity within a website registered under their services. This is what I did some minutes ago.
So let's see what happen now.
In other news, feel free to check this out. A Chrome extension ethaddresslookup I have it installed and just now, I've realised, it works warning you about phishing websites:
source
So I guess it may be helpful in our "fight against Steemit's Crime organisations"
source
Not as much a "hack" as this is social engineering users into giving up their credentials.
I used to think if there is https, it is secure. Can you explain please how he got hacked?
It wasn’t truly a “hack” so there’s still no technical security vulnerabilities to worry about at the moment. It is a rash of “phishing” scams Steemit has been seeing. The user was tricked into giving his password to someone posing as “Steemit security.” So don’t worry too much about logging in. But best practices are still to only go to Steemit through a valid bookmark you’ve created so as not to be fooled by a duplicate site an external link may direct you to, and log in with your posting key. Only use owner/master keys when dealing with funds & account management.
@libert
httpsonly secures your data during transit and prevents prying eyes to intercept that data. However this is a phishing site meaning the destination of your data is malicious. Once you input your details including your keys or password, this will be sent to the scammer.That's what I wanted to know. Thanks.
Thank you, great tips.
I am afraid of hacking
Reblogged this so more people could see. Ive seen other people posting and asking about this as well. What is being done to improve account security.
Nothing. This is social media for grown ups.
Everyone needs to look after themselves, understand the basics, and be smart with their passwords.
Important news...i will resteem this news
Paranoia starting to set in!
WOW!! I didn't know about this, thanks so much. Upvoted, Resteemed, and you have a new follower.
Thank you for the heads up. I'm new and probably would have fallen for it, upvoted.