As I already wrote an hour ago, there has been a phishing attempt on Steemit, by an account called @accounttransfers. I don't know yet if there has been any harm done, but what I do know is that we are very fortunate to be part of a social platform so resilient.
And by resilient I really mean hard to crack.
A common sense security practice says not to disclose anything about a failed scamming attempt that may be used by a future scamming attempt, so I will refrain from posting my forensic investigations for now (they're really are just screenshots of various blockchain explorers, these investigations, anyway). But I would like to stress a few key points related to the striking differences between Steemit, as a platform, and any other social media platform.
1. Everything is transparent
We know when the account was created, we know to whom it sent the attack messages, we know what the account published, what it deleted and who upvoted and downvted it. That's HUGE. It's a game changer. It's like everything happens in plain daylight. You can't hide.
2. Knowledge is power
If you really know how this platform works, then you know from the first second that these kind of messages are plain bullshit. The platform doesn't work the way they want to make you believe it works. Again, education is paramount, folks, so you don't need big "muscles" to be safe here, just normal brains and a bit of reading.
3. Rich guys are smart guys
I don't know if you agree with this, but especially in Steemit, the so called "rich list", which was apparently targeted by the attacker, is made by experienced users, who can spot any fishing attempt in seconds. In Steemit, the more you know, the better the chances to make more Steem. I think this is a game changer too, albeit more subtle.
4. Community IS security
If people communicate with each other, if they are creating strong bonds and trustable relationships, then no scam can succeed. The security layer is in fact the community layer. Stronger bonds really mean tighter security.
I hope you are safe and I wish for you to stay that way. Educate yourself, be aware and share your knowledge. That's how we grow stronger together.
I'm a serial entrepreneur, blogger and ultrarunner. You can find me mainly on my blog at Dragos Roua where I write about productivity, business, relationships and running. Here on Steemit you may stay updated by following me @dragosroua.
https://steemit.com/~witnesses
If you're new to Steemit, you may find these articles relevant (that's also part of my witness activity to support new members of the platform):
great reading, I totally agree what you pointed out here
Dear @dragosroua powerful and meaningful post that you shared.
Well done! Keep on doing this. Best of luck
I am always grateful that @dragosroua you are here. There is Safety in numbers and STEEMIT Community is growing in numbers each day. 99% or more of people here are good people and want to do the right thing. If anyone tries to hurt this community, then share that with others so no one gets hurt.
I haven't been hit by this yet. i guess I'm too small of a minnow to be worth their attention.
One of the interesting things, as you point out, is the transparency of the blockchain, and the ability to follow a path from one end to another.
It will be really interesting in about 5 years to do some research to map the various stages the platform goes through - new, boom, bust, rebuilding, bot wars, flag wars, begging wars, comment bot wars, phishing wars, seeing just how much STEEM can fit into Trevor's wallet wars (I'm looking forward to that one ;-) )
It would make for a very interest analysis of human behavior.
That is really great to know and great explanation of the transparency and reactivity of the decentralized system. For me it still is a bit freaky that the only confirmation link we have to Steemit is one passkey. Yet at the same time, being acquainted with a few witnesses and so forth now, I feel if anything did happen with a security breach I would have some recourse. Peace
I dont understand why this people waste their time to do this kind of things and not to add great content that in time will bring them to the desire resoult... but maybe its like in every day life... its much easy to distroy then to create!
Really sad to see this!
But life have its funny way so what comes around goes around!😉
I agree with that 110%!
Good article! Trying to conserve / replenish voting power at the moment, my apology for the floppy 1% vote.
Thanks, no worries for the 1%, glad to see you around, mate. Hope life is treating you well these days :)
Hey, this is a no-floppy / no-flabby vote zone! (-:
Congratulations @dragosroua
MinnowsPower listed your post "What Can We Learn From A Failed Fishing Scam On Steemit" as one of the top 5 upvoted and commented posts of the day...!!!
Exceptional article which helps (specially) minnows to secure their accounts...!!!
50% Upvoted by @MinnowsPower
MinnowsPower is not a bot, I am a Crowdfunding Hybrid
One small UpVote of Yours build MinnowsPower and MinnowsPower will Not Forget Your Support...!!!
(Limited Service Offer) Send 0.01 SBD and get $0.025 - $0.03 worth upvote from @MinnowsPower
We really dealt with his account, but they only have to get lucky a couple of times to make it worth their while. Someone may fall for it like they fall for 'Microsoft' support calls. People need to realise that they are the only ones who control their account. Steemit is not like other services. As numbers grow here it will get worse. I think some have already been caught out by previous scams that got hold of their keys.
This is the truth as you said
In Steemit, the more you know, the better the chances to make more Steem.
I am happy we have smart rich people that can spot a problem very quickly
It's a bit scary to think that someone can steal your Steem
I love the Power Up option, if someone tries to steal it will get bored waiting for nothing because I will have the time to notice the power Down
I hardly keep any steem or SBD everything is powered up
Thank you very much for sharing the info
Excellent post.... scammers are every where and this post should really help them to aware of it.
Where there is success, the scammers and criminals will follow. It's just, unfortunate that's the way the world is.
Education is, without doubt, the best weapon in the fight against such people.
Thanks for sharing
Great info. Thank you for sharing.
I think by failing to do much, this scam could prove steem as a platform and the community around is a better alternative than what is currently out there.
Good job my friend
@dragosroua,
Phishing a greatest problem for any online business! So, this is a great article for people who don't about them! Thanks for sharing friend!
Cheers~
good post
Hello @dragosroua
It is very funny I talked about the Nightmares we have to face on Steemit yesterday.
What most people don't know that Steemit is not a get rich quick scheme.Steemit is a mechanism for building a sustainable way of making the impact you want to make.
And even though that bad activities may surface it will not last. The Steem Blockchain is absolutely transparent, this means every single one of us leaves footprints of our activities.
Something bad might exist on Steemit, but it will not last.
@ogochukwu
To earn money, you have to work hard, share good content and forget about bad practices, otherwise these people have nothing to do in Steemit.
Resteemed for the information to pass to others who have not been warned.
Thanku good information
i hope there should not be any kind of hard really now we need to be smart regarding these !!