Phishing: Attacks and Recovery

in #security7 years ago (edited)




Always be very careful about what you click on and where you put your password. There have been a lot of malicious links on STEEM platforms lately that lead to fake Steemit websites. These fake websites look identical or very similar to the real Steemit and ask you to login. When you do, they steal your password.

When they have your password they proceed to take all of your STEEM and SBD. If you have a lot of SP, they may delegate it to their own scam accounts. A lot of good Steemers have lost their investment because of one wrong click.

What Does Phishing Look Like?

Looks a lot like Steemit. The only way to tell is by looking at the URL.

Immediately after clicking on the malicious link it will ask you to login. The real Steemit doesn't do that.

Phishing via Mobile Apps

Always independently search information about an app before installing it. Fake apps for both Dtube and Busy have recently surfaced as phishing scams. Never put your password (aka master key) into any app.

Legitimate apps will only ask for your Private Posting Key, not your password!

Report Phishing

Now there are more ways than ever to report phishing when you find it.

  1. Submit the Abuse Form http://steemcleaners.com/reports/new
  2. Contact us on Discord https://discord.gg/YR2Wy5A

What Happens When You Get Hacked?

The hackers usually change your password as soon as they can and steal all your money. Depending on which group of hackers is responsible, the account will then be abandoned or used to spread comments with more phishing links in them.

When your account starts spreading phishing comments, it will be flagged by the Steemcleaners team and other members of the community. Where possible, your reputation will be reduced to 0 or -1 in order to automatically hide the phishing comments.

Restoring Your Account

If you are a victim of phishing then you will need to restore access to your account by going to this URL and filling out the form:

https://steemit.com/recover_account_step_1

You will need to provide your account name and your version of the password (master key). Using the email that you signed up with is recommended.

After you submit the form, Steemit staff will review the application and start the roll-back process. Once they're done, you will receive an email. It is your job to check your email diligently. The process can take 24 hours or longer on average.

Your Recovery Process

You will need to edit the phishing links that the hackers posted through your comments. For this, you will need to edit each comment to change the text to something else. We recommend a message that you've been hacked.


This is what you press to Edit comments.

Do NOT use the Delete function on comments that have been flagged. When you use the Delete function on a flagged comment, we are no longer able to lift that flag.


Don't use the Delete function on flagged comments!

If the flag is one that was used to reduce your reptutation to 0 or -1, then you will be stuck with that reputation until you receive enough organic upvotes to recover what you had before.

When you're done then let us and other folks who flagged you know that you recovered! The @mack-bot @guard and @spaminator accounts are all part of the @steemcleaners family.

What Can Go Wrong?

A. You may have trouble editing your comments. If that happens, you will need to use direct links. A direct link is a link to your comment alone, not to how it appears in a post.


This is an example of a directly-linked comment.

To create a direct link like this, follow these easy steps:

  1. Go to your Comments tab
  2. Right click on any comment you want to edit and copy its URL
  3. Paste the URL into a new browser window but don't press go!
  4. Edit the URL to remove everything after the category and before your username
  5. Click on the shorter URL and edit away!

You start with this:
https://steemit.com/category/@authorsname/title-of-post#@yourusername/re-title-of-post-20180317t021312626z

And end with this:
https://steemit.com/category/@yourusername/re-title-of-post-20180317t021312626z

B. The comments may be too old to unflag. Remember, we can only remove flags up to 12 hours before a post is cheduled to pay out. Depending on when you notice you've been hacked, get your account back and are recovered, it may be too late to remove the flags. Update: Comments that are past payout may be edited now and should be to mitigate the spread of malicious URLs.

All Clear!

Once your account is fully recovered you are back to business as usual once again!

Sort:  

What a powerful sharing you are offering us all, especially the ones suffering from this last round of phishing! Thanks a lot for all you are doing to help us all and the platform be more sustainable.

Namaste :)

To be safe, always put passwords on safe links only. Password is the most important thing in this platform so once it's stolen, you're money and efforts are stolen too. I hope it won't happen to anyone here.

I am against impostors who are trying to impose their own rules on everyone. You put a flag on me and made a loss of about 10 SBD. Since I have a small voice, I will have to obey the bandits. I have fulfilled your conditions. But, then you will give me back my upvote. I make content and make it interesting for my audience. You are engaged in extortion from the authors and hinder the development of social networks. And you make money on it. You are not free fighters for your ideas. You are thugs who earn extortion from the authors. I will put flags to all your posts until I bring you the loss that you brought to me.

Thanks @steemcleaners who already gave me information about hacker account steemit. I ask you whether I can make your post into the Indonesian language. because maybe comunity steemit in Indonesia there is a victim. if you answer he i will make this right now thanks. greetings from @alfa-good

This is the internet

it's full of dangers

stay safe !!! please

This is superuseful. I hope people are getting educated about phishing in general. The google traps are so sophisticated.

This is so stressful to read the post and comment here

why the bad guys are so much in this world.

I had a WARNING! message show up on my most recent post telling me not to click on a comment, and the comment turned gray. I'm glad a bot took care of it.

Have you seen something like this?
Screen Shot 2018-03-22 at 5.49.31 PM.png