It seems that someone has gotten access to an account @ahlawat, which is getting used to create posts which redirects to a scam Steemit-Clone: steemiit.tk <= SCAM
Post:
https://steemit.com/steemit/@ahlawat/2qweaq-steem-price-will-fall-sharply-next-week-because-of-a-single-statement
The link in the red box will redirect you to steemiit.tk which is a clone of steemit that will steal your keys.
I'm not sure how many more accounts there are, but let's make sure that all of these posts are hidden.
Also, you can comment other posts/accounts that are getting used for this SCAM in the comments.
How to be safe?
Make sure that you are actually on steemit.com or another verified site (for example: steemitstage.com)
ps: thanks to @felander for giving me the info about this scam.
If your account gets hacked and your keys get changed, is there a way to reset your password? Like with the initial phone number or email you signed up with?
Or perhaps Steemit should implement a new password recovery system using secret questions and answers!
If your account gets hacked you can use this like to recover it using the password you had (as long as it's been changed in the last 30 days.)
https://steemit.com/recover_account_step_1
Since this article is about the danger of links...if you prefer not to use the one above (I can understand that,) just goto your wallet, click password...and you'll see a link for "Recover Password" to the right of the Current Password field.
They already have a recovery option using your master key. Which should be stored offline and never used to login to anything. It's strictly used to change your other keys and for account recovery only.
oh, thank you for your help.
Everyone out there becareful. There are always people like this, so we just have to be careful.
What can we do to avoid that?
I totally agree @suf1an. It is important for the growth of Steemit as a platform that there is a sense of trust within the community, and it gives me a lot of hope for the continuity of Steemit when I see other people stepping up and doing the right thing. Thank you for your post, have an upvote.
Yeah, that's totally true. I agree with you on this.
No community can grow if you don't have sense of understanding and trust.
You both are right, i agree as well :)
if we help each other is a win-win
maybe is the last step to evolve :)
edit: Alright, the account was nuked by @spaminator. Ty guys. No need for any more flags unless the account posts more.
PLEASE FLAG THIS:
(WARNING, these posts contain a link to a phishing site that may compromise your account)
These articles still show the link and are visible. For the warning comments to show up (the poster creates a big wall of
<br>to hide the comment section) we need the post to be hidden through flags.If you can flag them, please do! They're around $0.86
Thanks for exposing this piece of shit, and for keeping the rest of us safe mate.
Now we need to find him.
Get Bernie on the case, that guy is hella good at tracking down scammers!
Wow, I just checked with dummy text and after you press login it redirects you right back to steemit.com.
It seems to have been infiltrated into yesterday. The money in the account used to cycle between rewards and self-promotion with bots.
But then all the money the account had, and all subsequent rewards, have been sent into a bittrex account.
Interesting. I recall @ahlawat as being a #redfish community supporter. Thanks for bringing this to our attention @therealwolf!
On an unrelated note, any idea on the turnaround time for smartsteem white listing? Been waiting for about a week and looking forward to making good use of the utility with my following.
Thanks in advance.
P.S. I forgot to mention. We have a relatively new crowdfunded spam fighting initiative that incentivizes downvoters. From the looks of ahlawat's account. It appears to be handled but wanted to offer our services in the future if you become aware of any other abuse that an incentivization system would help address. We're pretty small now but with the prevalence of abuse on Steem there is certainly room for growth.
no worries, I have commented on all the posts so far to warn users of this... hopefully they will listen and heed the warning
You should have been a little more forceful with the comments, I think. You could edit them to have something on top like
"DO NOT CLICK THAT LINK, IT IS A SCAM TO STEAL YOUR ACCOUNT"
at the time i did not know... I sent the link to @therealwolf to check so I phrased it a bit more carefull in case I was wrong. (I do not know coding and wanted to be sure)
Yup, it's ok :) But you can edit it now that you're sure.
There’s always someone that tries to take advantage of a good thing and give it a bad name! It only takes 1 bad apple to ruin the bunch unfortunatel, let’s try to keep this platform safe and user friendly
oh my god
Thanks for the heads up ! ‘Preciated!
How does it try to get your keys? Does it say you’ve been logged out and try to get you to sign in again? I’m wondering which keys it’s trying to get or where it’s trying to get you to sign into/use your keys. I typically only use my post key for general logging in. I try to be more vigilant where and when I use my other keys.
The user seems to have been hacked. The account spams and changes posts to "Dont vote for me" bla bla bla and i see that he posts links that look like they are on steemit but send you to the scam site trough a google shortener. Check this:
Thank you also to know us about the scam. Thank you again.
I stumbled on a post yesterday and saw a warning, I left the blog immediately. Thank goodness for the warning.
I wonder how many people missed the warning and got into the trap.
The message must be loud and clear, there are scammers trying to destroy the good works and sacrifices that have gone into building Steemit. We must not allow them.
As soon as you see anything fishy, sound it out. Call out the Steemian. @ned and other developers should consider a taskforce that proactively smoke out such dubious persons on Steemit.
Thanks for the warning man, always keep an eye on those damned phishing scammers!
Followed ofc. ;)
We've had enough of these sick fucks scamming people of their hard earned money. Thanks for your contribution in taking them down @therealwolf. Some people put a lot into this to be scammed. Thank you.
i have come across that post, thank you for this post.
Only because I actually read the text on the thumbnail image to your post (before actually reading the headline and content of your post) maybe some format of the image included below would be helpeful in getting the message across.
Cheers!
Thank you for the feedback! Is that good?
Awesome dude much appreciated!
I’m also currently on my mobile device without my reading glasses (damn I sound old haha) but in all seriousness it makes it much clearer imo!
Cheers!
It looks like some kind of auto-posting bot has taken over @ahlawat 's account; looking at his/her feed here shows multiple duplicate posts:
https://steemit.com/@ahlawat
...interestingly, the headlines of older posts seem to indicate that the user is aware their account has been infiltrated:
Maybe its the same dude who runs the scam site?
everyone be safe use only registered steemit website...
Oddly enough, I have recently been thinking of the possibility of this kind of malacious Steemit clone. Being that it is open source and there are many Steemit related websites- ive been extra weary of finding myself putting my information into anything I am unsure about.
The bottom line is that everyone needs to be careful and stick to the websites that are well known and reputable. There plenty at stake here for everyone...whales and minnows alike..
Oh that's dangerous, be careful and double check the address and lock 🔒 info before logging in.
thanks for sharing such a useful information.....
oh thank you so much for letting us know about these scamers. @therealwolf
So weird...scammers r getting masters
That is alarming... There's a lot of people here in Steemit must be aware...
Thanks!
Thank you brother !
Been only a question of time till steemit getting victim of scamers. Thank you for the warning. And i believe in future there will be more of it.
Where ever is value, there will someone try to take it on a bad way.
@therealwolf
Thanks for the heads up...also be very careful of links in your wallet transfer history that you don't recognize. I got one a while back offering me a .001 steem. It looked like bs.
And would someone plase tell me why I sent 3 SBD to @smartsteem for votes and he and every one that promotes him wont tell me why he is keeping my sbd...? At this point its been 5 days no response from anybody. ..so I am about to go Tsunami on this .... its just 3 sbds...but I wonder whom else has lost their sbd to smartsteem...or dumbsteem
Somebody better start singing...Im pissed
I hope its just a glitch...
how could these scammers go to sleep at night? Sometimes it is hard for me to fathom the mere thought that how can someone be comfortable stealing money from someone else?
Anyways guys be careful before using your master key anywhere. This is now a new method of hacking into your account. Not just steemit but can you receive such messages on other websites like gmail, twitter and facebook. So be careful.
I really appreciate you getting the word out!!! Thank you.
oh my is this new or has this been going on for a while??? any idea if they could get us if we are on verified sites?
hello every body, i am new in smartsteem, i need some info how is smartsteem will work?
hi @therealwolf, can i translate that post to hebrew?
Hello, maybe this is the wrong place to ask this? I transferred 4 sbd to smartmarket 3 hours ago for an upvote. Using this link.
https://steemit.com/art/@knackart/nordic-mythology-and-interpretation-of-the-runes-part-2
Never recieved an upvote or got the refund. Could you please look into it? Thank you!
Very good oh, thank you for your help.
Everyone out there becareful. There are always people like this so we just have to be careful
What can we do to avoid that
thanks for talking about that problem.
Anyway, everything like ''read the full article here'' looks dubious to me.
OMG this scared me..
thank you so so much for this informATION
now i am following you for more such awareness @therealwolf
Resteemed... think this is important people are aware of such scams. Thank you
Thanks to you too for sharing the scam information with us too.
thank you for informing us @therealwolf
What I do not understand is why he changed all the titles of his posts claiming that he got hacked and is in the need of a new account. Did he lost his master key? And why did he not delete those phishing posts, instead of changing them, wouldn't that be better? He still has his active key, so the master key must be still the same. Technically speaking his account was not stolen as he claims but compromised. His steem and SBD are kaput though. I understand that he probably wants a clean state again, but still, over 800SP is a lot to build up to.
this is my first resteem :D
sharing is caring :)
Thank you so much for your contribution!
the post you share is very good, allow me to share again. very useful for me, after I read your article my thoughts and insights add, thanks @therealwolf
Nice Post!