One more phishing website reported. That's the third one in less than 24h!
I already warned you about several (potential) scam attempts (see bottom of this post for a list of them). Here is a new one. Thanks to @my451r for catching my attention and notifying about this new scam.
Description
The scammer publish the following comment on user’s post
If you click on the link in the comment, you will be redirected to the following site:
The site is a simple one page website created with Wordpress.
If you click on the “Connect to Steemit” button, or on the “Connect“ menu in the top right of the page, you will land on the following page:
The page maliciously mention SteemConnect, despite the fact it has clearly nothing to do with it.
If you enter your credentials and click on the “Connect Now” button, you will get the following result:
A quick review of the page source code shows that this is a simple form and guess the entered credentials will be stored to hack your account!.
Preventive action activated
Up to now, the scammer has already posted 325 comments to users.
I will add any account sending phishing links to the black list of my Warning-Bot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.
If you find similiar pishing attemps, contact me on steem.chat
To protect yourself, you can:
- always double check before clicking on a link, especially if this links take you away from steemit.com.
- verify the reputation of people writing comments on your posts. A user with a low reputation shoud trigger you attention.
Previous threat alerts
If you missed them, please find here the previous alerts I published:
- Scam alert and white hat counter-strike
- Phishing exploit has been stopped - Scammers thwarted!
- Potential scammer reported- @jones420
- Fake Steemit website try to steal your password!
- Phishing attack to steal your active key
- Potential scammer reported - @minnowpond
- Scammer reported - @russiann
- Scammer reported - @steemitrobot
- Scammer reported - @tripadvisor.com
- Scammer reported - @harquick
- Scammer reported - @gtg.witnesses
- Phishing site reported - sleemit(dot)com
- Phishing site reported - www.steemitfollowup(dot)ml
- Phishing site reported - www.steemitfollowup(dot)cf
reminder
A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:
Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!
Rule 2: Use your posting key to login, post and vote on trusted websites like steemit.com or busy.org.
Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like steemit.com.
Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!
4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.
Spread the words, resteem this post to your friends, and you will make the platform safer.
Thanks for reading!
If you notice any new suspect activity like the one described above, drop a comment on this post, contact me on steemit.chat or via Telegram (@The_Arcange)
Resteemed. Thanks for your efforts to thwart the exploiters and protect their targets.
I was paranoid before I read this. Am new to Steemit. I'll wait a long time before I attempt to do anything but blog, comment or upvote. Don't understand enough to do more. Thanks for the alerts. I'm going to read every one on your list. Have resteemed.
Thank you for your support!
they thief sbd or steem .. the name of his account @deepcrypto8 this animal has stolen me he has stolen my steemit password with the help of @reza3110 he is an illegitimate child
Exactly, I was a victim of that, check your wallet there all the people who staph yesterday included me.. @ deepcrypto8
This user @deepcrypto8 still continues to cheat check his wallet has many recent transfers, the same as retiromi money
Exactly, I was a victim of that, I hope that no other person has occurred
Thanks @arcange
Come on peoples lets Resteem this Scam Alert to the COMMUNITY
Keep STEEM N ON,
Frank
Resteem...
https://steemit.com/promoted/scam
Thank you. I received one of these messages and I had a feeling it was a scam. But the problem is there isn't a structure in place for us to report the user, but only flag his comment, and his comment is still there.
Let's work together to develop a method of reviewing and banning users rather than making bots to spam everyone to inform them of the dangers of other spammers.
Imagine you are new to steemit and this is the first interaction you have on your account. How would you feel about the reliability of the platform? (I have had an account for 24h and already had a phishing attempt on my account, followed by a spam bot warning me it was a phishing attempt. Meanwhile I have no ACTUAL comments on my posts other than this. Not exactly a good first impression)
I have already devised a system of banning and reporting that is more efficient than the current steemit system. Can someone help me get the blueprint to the developers?
You can go to my comments section on my profile and read my detailed guidelines on how to build a report and moderation system that rewards users for moderating posts and bans malicious spammers.
Thanks to share this.
thank you for your alert
Thanks for the heads up sir.
Thank you for your help.
Thank you for advising me in reply to my post.
You're welcome
Thank you very much for making people aware of this scam site.
Muchas gracias, por tus advertencias. Son bien valoradas por la comunidad.Abrazo
Thanks. I clicked on website. I also clicked on connect. But didn't get any info. Hope this is ok. And this guy should be banned.
I have suspected one on my recent post. Im scared to do a screen shot because i might accidentally click it. Let's all be careful.
Username is @nirayma.
Thank you so much for all the alert.
Thanks @arcange. Resteemed.
@arcange, include @mirta 100% a phising site when you click her comment with link! The website of html steemit has different letters! And have underscore or coma in t or s.
@mirta is already in my blacklist. Thanks.
yes your are right
Thanks for the heads up,friend.
I never hit those buttons 'cause it's too obvious that they are scam.
People should also be cautious about other social media accounts imitating official accounts and asking "send 0.5 ETH and we will send you 1 ETH back."
I see some guys fall into these traps.
thanks for your informations
I was falling in the trap. How can i solve the problem
Thanks for the info. I'm new to Steemit, and, not surprisingly, received this exact phising scam before any real comments. Glad it was easy to double-check.