This is what I got in my transfers log 7 hours ago. It's a phishing attempt, in which you are asked to give your credentials on a fake website. The URL I highlighted is a fake URL, it has an extra "l" (the small letter l) before the word "steemit".
I used Postman to make a GET request to the site and here how it looks like:
As you can see, it asks for your WIF key. NEVER, EVER, under ANY circumstances, don't give your WIF key to any site on the internet! NEVER!
If you already accessed the site and moved away, please be aware that it sets a cookie, so you might want to delete it (it may be used in other future requests)
It's easy to spot a fishing attempt if you look at certain red flags:
- a gmail address as the contact address ([email protected])
- convoluted, complicated copy, involving fear-inducing sentences and concepts (government documents, etc)
- the most obvious one: a URL which seems credible, but on further inspection proves to be fake
Always access Steemit.com - and any other websites in which you store value, like online wallets - by bookmarklets, otherwise the URL may be easily spoofed.
Stay safe!
I'm a serial entrepreneur, blogger and ultrarunner. You can find me mainly on my blog at Dragos Roua where I write about productivity, business, relationships and running. Here on Steemit you may stay updated by following me @dragosroua.
https://steemit.com/~witnesses
If you're new to Steemit, you may find these articles relevant (that's also part of my witness activity to support new members of the platform):
Wonderful information.. Well done.. Clap for @dragosroua
Thanks for sharing ...I want to ask how can I raise my productivity in post like you? and how do you get it?
Thanks for the heads-up... sadly, crooks and scammers are everywhere there's money involved.
Whoever this is, they sort of blew it by targeting Steemit's "richlist" which is pretty much very experienced users who'd see through this in a second.
That said, we should probably keep a sharp eye out for copycats.
It was a very simple attempt, probably they're just gauging the platform, assessing the response, risks, etc.
@dragosroua Another day on the internet it seems. The wicked never rest. Thanks for the heads up. Will resteem this.
Scary, this person even has their display name as Bittrex.com.
@dragosroua - Oh Sir, thank you very much for sharing this useful information. Scammers at Steemit is not a good sign Sir :(
+W+ [UpVoted & ReSteemed]
We are likely to see more of this. I hope nobody falls for it. They need to understand the fundamentals of how steemit works to know this can't be real
Scam attempts are becoming more and more frequent. There is a user in the steemit.chat "mottler" that try to confuse people with the real steemit user "mottler" that his 100% upvote worths around $300 usd.
He asks a transfer of 10 Steem to his bittrex account for upvoting 100% two posts. Be aware of this user and if somebody administer the steemit.chat must ban this user.
Thanks for bringing this up.
Thanks for the warning dragosoura, we can't be too careful
@dragosroua,
I have noticed your name was there!
Cheers~
Thank you for the heads up...I might have easily fallen for this trick, really hard to notice that fake url. I guess we all have to be more observant and have an eye for detail.
I resteem your post !
usefull post. thank mate !
posting a good friend, I really like your post.
wow very scary ....
thank you, spreading
awareness will be share by everyone,
thanks for your information.
hell with these bloody scammers !!
Thanks for warning! We have to be more discerning!
Excellent reaction to a phishing scam! Thank you for your effort. It's good to see community is working that fast!
pheww i am glad i didn't got this thanks for saving !!
when you load the @accounttransfers page it says bittrex.com also... Fraud