Never click links in comments or wallet messages, always check URL’s if you do and only log in with your private posting key. Never use your master password.

I have been a victim myself and I have some guides on how to protect yourself/ how to get your account and reputation score back on my blog.

The current contest is to spread the word and warn people: https://steemit.com/contest/@simplymike/20sbd-contest-protect-people-from-the-ongoing-phishing-scam

Or visit my blog and look for the post I made 2 days ago: ‘💰 [20SBD CONTEST] Protect People From The Ongoing Phishing Scam’