Today I received a wallet memo from @steemitsecurity.
The usual tosh. With only a slight twist. Instead of containing a phishing link within the memo, this one directs you to a mail address and advises you to mail them for further instructions.
Me being me, I mailed them hoping that we could have a bit of to and fro which would ultimately result in me telling them to
But they haven't got back to me in over an hour. Outrageous! In my day scammers were available and ready to work 24/7.
I had a look at the account and initially I was the only one that had received the memo.
I felt so special!
They joined only this month. That sounds nice and official doesn't it?
If I receive an email update I shall be sure to update this post.
In the meantime fellow steemians. Remember, if you receive such nonsense -
Stay safe!
If in doubt, reach out!
You can get help in steemit general chat if you are unsure of what to do.
Update!
They sent an official looking mail. The text of which is below. I presume the reason they are asking for the email address used when creating the account is because I mailed from a throwaway account :0)
Dear @meesterboom,
Thank you for contacting us.
We have concerns regarding the safety of your account. We have detected suspicious activity with your account (e.g logins from very different locations) and therefore have reason to believe that your account may have been compromised. To ensure that this account still belongs to its original owner, please abide to the following instructions:
- Please provide us with the e-mail that was used to create your steemit account. This is required for standard owner verification.
- Additionally to the e-mail used to create the account, we also require that you reply to this message with your private active key (starting with "5") to verify the ownership of this account. ( NOTE: this is not your owner key. You should never give out your owner key to anyone. Whoever is in possession of the owner key has full control over the account and its funds. )
- Make sure you do NOT change any of your keys until after we have verified you as the rightful owner to this account. If you do change any, we will not be able to verify you as the rightful owner of your account.
If you do not respond or can not provide us with the correct information, limitations to the account may be enforced depending on what information you aren't able to provide.
Regards,
The Steemit Team
Quite official looking too. Again, supply these people with nothing.
Ignore them!
@meesterboom -
A suspicious post has been made from your account. My team is hard at work on resolving any potential issues that may occur because of this incident. While your account may be compromised, mine has been secured using the safest and most effective tactics known (and unknown) to mankind.
While we cannot specifically instruct you to do so, please consider powering down your account and sending all liquid STEEM/SBD available to my account, @papa-pepper, for safe storage while you still have control of your account.
Failure to do so may result in bad things, so you may want to consider following our suggestion.
Regards, @papa-pepper and company
This is hilarious!! Glad you're looking out the for the masses, so selfless of you HAHA
Your account may also be compromised...
oh no!!!! thankfully you're here to save me Super Pepper. Was that send ALL my liquid cypto, or do you want my bank account details to??
hahah
Right, it may be all of your accounts. Bank account numbers, credit card numbers, and other valuables can all be stored safely the moment that you provide the appropriate information to my highly trained professional team.
oh excellent, I'll get straight on to that.
Thank goodness someone has come charging to the rescue!
I have sent all my liquid and have commenced powerdown so I can get the rest of the funds to you for safekeeping.
I shall sleep well tonight :O)
Me too!
muwahahahaha!
Hmmm... I'm surprised they don't ask for Social Security number or Credit Card # .
Very true. They probably do after contact had been established lol!
Haha did you reply these people asking where this key that they are looking for is located and how they can help you find it.
I was debating my response! Normally I like to wind them up but it looks quite organised so I thought I might just leave it!
Let them send me this free SBD all day long!
If you got a couple of thousand of these a day you would be laughing!
Thx for sharing detailed information
Your welcome
@meesterboom!
I highly recommend this training video for inspiration on how to f#ck with these guys ...
https://www.ted.com/talks/james_veitch_this_is_what_happens_when_you_reply_to_spam_email
Lol, I have done similar in the past
Great work KitKat!
Haha, yes indeed!!
Thank you for bringing this to light! Will definitely keep in mind.
God Speed Brethren.
I shall re-steem this for the newbie followers. thanks boom.
And have you responded to this 2nd email? I'd like you to ask them first for their info ;-)
Oh, and the last line is the best
"If you do not respond or can not provide us with the correct information, limitations to the account may be enforced depending on what information you aren't able to provide."
LIMITATIONS SHALL BE ENFORCED! eeek!
@sardrt I hope you see this message- you are listed as one of those who received this spam from "steemitsecurity"
hanks I saw right away that it is a scam
I know, the limitations shall be enforced thing really amused me. We shall poop on your interwebs!
I havent responded. I was debating on what to say!
something like "You wanker! Now off to bed without any supper!"
Lol, yeah! That would be the perfect reponse!!
It happened to me today!!! @exyle saved me (see his post). I was happy my son was with me today to explain a lot I didn't understand about crypto etc. Later today he looked at my blog and saw it. I would have lost my account if he hadn't been around!
I saw his post! I was horrified by it. It is quite a sneaky thing. It looks like we are all going to have to be ridiculously careful.
It is an awful thing isnt it that it can be so easy to make a simple mistake that costs you your account? Yeek, doesnt bear thinking about
Congratulations @meesterboom!
Your post was mentioned in the hit parade in the following category:
Thanks for the very useful info. I'm just literate enough to get myself into deep stink. Uh oh, now that I put THAT info out, I'll now get more phish's than Long John Silvers Megaplattter.
Though in computers, like life itself, I fully subscribe to the old deer in the headlights theory of actionability. If in doubt, don't do anything. Doesn't add to the portfolio of success, but keeps you out of the deep mire, sometimes.
It does! Keeps you out of the deep mire and then you can thank flippety flip that you were paralysed by the dont know what to do isms!
Don't forget to also send them your bank account information, your Social Security number, your mother's maiden name, and the name of your childhood pet.
That should just about cover it! lol!!
I wish you'd had some to and fro. That would have been most entertaining. There was a gumtree scam in Australia some years ago if you were trying to sell a vehicle on there; my mate was trying to sell his scooter. Basically they would pay you top dollar to ship it Asia somewhere. I can't remember the details but my mate played along for ages to the entertainment of everyone in the office.
I have read some cracking play them along ones like that. It is the kind of thing I often do. With this one I am tempted to let sleeping dogs lie. They seem quite professional almost so I think they would suss right away and there wouldnt be much fun to be had
Good attitude to have. Hopefully this doesn't profit at all for them. Resteemed for awareness.
Wayhay, there you are! :0)
thankyou for giving us this information
You are welcome :0)
What ever happened to scamming customer support?
I definitely expected a prompter response!!
upvoted and resteemed (hoping many in the German Section will read it) Sort of got lost in time on your blog for the past hour ;-) still shockingly amused about the pig - thanks for all those great posts and the comments underneath! Will be back for more! Cheers from the Seven Mountain in Germany
Oh the "pig" hehe. Thank you, I appreciate your appreciation!
Wowzies, you got 40 tabs open!
Lol, there are normally fifty! I am trying to cut down :0)
Question: (I'm new to Steemit) what do the scammers hope to gain by having your active key? wouldn't they need your owner key to do any real damage?
With the owner key they could lock you out and steal your account yes.
With the active key they could steal any liquid rewards in your account instantly and they would not be recoverable.
hahahaha, lovely.
Since asking for funds is too mainstream, they now ask for your private key hahaha.
If you're in for some fun, send them some dummy shit number that doesn't start with 5, i'm sure after few replies, they will get infuriated :P
I was sore tempted to start doing that. Then realised I would be taking time out my day for them! lol
I think they got their wording from a paypal scam. with just minor alterations to tailor it to Steemit. I reported it to spoof at paypal. Thanks for sharing this warning.
Ah, the swines werent even original. Typical!
It never stops to amaze me how some people operate - and have no problem sleeping at night.... Imagine a world where you just let the sun shine over everybody without taking it from them. O we can only dream
That is a lovely way of putting it. Really poetic, it has made me smile on a dreary morning! :O)
Hahahaha I have my moments
Important to be shared, thanks mate.
Now we just have to sit and wait for the next accounts to pop-up: steemit-gov, steemit-police, steemit-judge and so on.
Let us make the Steem community aware. We have the power of posting and the force of the flag!
Totally mate. Again I wish there was a way that such obvious scamming accounts could be closed down in some way
That is probably impossible to do, I think.
Yet, as a community we can alert each other. And make it as hard as possible for scammers to be able to set foot on the blockchain.
Unfortunately scammers will be in every aspect of life. May we stay alert and render their every effort useless.
Hahahah In my days too scammers were available and ready to work 24/7, this scammers are busy sleeping???? lets call them FAKE NEWS!!!!!
Pls my buddy ,tell them to send me at least 10K wallet messages daily , I need to free SBD to power up before steem shoot to the moon...
I know, such laziness. They should have been ready to jump to it!!!
Good point, they dont even have the balls to respond to a gentleman!!!!!!
haha
watch this ,might amuze you
Lol, it was very funny. It's the only way to treat them!
Thanks for the PSA @meesterboom. These growing pains are a pain.
Your welcome!
That's a very good way of putting it, growing pains
Scary! For people who won't understand this to be a scam and will fall in the trap.
Resteemed!
It is quite official looking. If it can stop one person falling for it I am happy
Exactly so!
Thanks for sharing. Great presentation, made me chuckle a little. I'm sure some of these characteristics will be similar with other scams. I'm gonna resteem 🎃
Excellenty. Yeah they all try the same things
I tell my family members general things to look for. Especially the technique of just asking google if something is a scam :) Their not ready for Steemit yet though.
It would be quite the learning curve if they came on it!
Nice of them to ask for all your information and then tell you not to change anything. I assume that is so they can clean you out? It never changes...sigh
I think the same. They will clean you out of all your liquid funds.
I suspect they might try something else but who knows what, chancing feckers.
Hello @meesterboom
This is getting out of hand. It is a shame that people are only seeing ways to scam others on a platform like Steemit.
We all have to be careful, I am just concerned some that will fall for this.
@ogochukwu
#blockchain-blogger
It looks official enough for someone to fall for it. When I saw that I was the first I thought it best to get the news out.
I agree, these scams are really bad
hay que estar pendiente porque hay muchos estafadores y ladrones en las red. saludos
Malditos cabrones al infierno, ¡eso es lo que digo!
thank you for informing us we old people just do what we are told.
It's easy done. Its an official-looking thing alright
Something similar happened to me yesterday. If it wasn't for my son @exyle, I would have fallen for it. He wrote a post about it yesterday. For us 'older' people it is indeed often: do as you are told!
Downvote the troll
If there was a post to be downvoted Iwould!
Thank you for warning us against a potential scam attempt, I'll be on the lookout for this.
Please do, and its a pleasure
Please do, and its a pleasure
yes that is happening a lot sir, even it may be due to so much popularity of steemit increasing day by day or it may be in race of making steem fast.
Thank u so much for giving such a useful information
I hope it's not related to the ddos stuff but I suspect it is. The site had been awful to use today and it can't be a coincidence.
Ned said today in a short update that there's no current DDoS, that this is all "self-inflicted" (my words).
Busy.org is annoying in that when I go to edit anything that's not at the end-of-the-comment, it jumps to the end of the comment after a couple seconds. But, it sure freaking beats steemit.com!!! :/
Oh if it is self inflicted I read something about some shonky code that was updated that caused Steemit.com to actually loop queries at itself which generated the equivalent of an internal DDOS. I wonder if thats it. Tjey could at least roll back.
I try to use Busy but it is really hard! It is beating steemit though right now
Yeah. This "internal DDoS" makes me question whether there really was any external one.
Yeah, my thoughts exactly, and that they're not doing it and it's taking so long and damaging the brand tells me that they're not using good programming practices.
I at least hope they're using some form of version control. But for this to be going on for so long tells me they might not fully understand it, if they are using it...
If there was good version control it would be easy. I bet it's agile and they are all building on top of each others code like the wild West and no one knows who has what!
BTW I made a couple posts on good practices recently:
https://steemit.com/steemgigs/@libertyteeth/gated-migrations-my-gift-to-steemit-devs-and-the-world-a-superior-testing-framework
and
https://steemit.com/steemit/@libertyteeth/branching-in-version-control-systems-why-do-it-and-what-s-the-benefit
good post friends, good luck always
Hi @meesterboom
Thank you so much for opening our eyes to this new method this scammers are using. Am now better informed ahead of them.
@dubem-eu
Its a pleasure dudeski! Stay safe!
These idiots cannot be stopped. They will do whatever they want. Only we have to educate ourselves against them.
Thank you very much dear friend @meesterboom for disseminating this valuable information, the swindlers are everywhere expecatante of hooking up some sleeping rookie.
I wish you a great day
hahahaha, lovely.
Since asking for funds is too mainstream, they now ask for your private key hahaha.
Please send them some dummy shit number that doesn't start with 5, and let's have some fun :P
Hello @meesterboom
This post is highly educative
Thanks for sharing this tricks
Erm, you are sort of welcome!
Be careful the three hand boogie one takes a bit of practice!
Haha! People should really be informed that once the key is asked, that's already a huge red flag. Official sources don't even have to ask for the email since they have access to the database that contains it. Great of you to e-mail them, dude. Just to let other people know how professional looking their reply could be.
The note about the owner key is what would get some people, I think. They feign regard for safety to put people at ease. Really though, they could still log on with the active key and don some damage there.
Scammers really have gone downhill when they don't provide 24/7 support anymore. That there is already a telling sign it's a scam haha
You have it exactly right there. There is never a need for them to ask information for you to prove something.
Especially the keys! Any of them!
By adding they show themselves to be a shower of scamming fannies.
And yes, taking almost two hours to answer my reply. Tsk tsk!
I mean, how could people think it's official when the official channels don't even post statements about what's going on with Steemit, right? You would figure they're even less responsive when it comes to whatever the memo is offering hahaha! That already there is a telling sign that the person isn't affiliated with Steemit Inc
They also sent me to ... I saw that it was a scam. I did not answer
I'm glad you got my email hehe
I knew it would be you ;0)
Sorry but my Argentinian investor didn't work out so I though I know who would like a good scamming hahah
Argentines!?! What happened to Nigeria?
I have enough money coming from Nigeria, I am into bigger things now :)
I realized after reading this that I don't really look in my wallet other than to claim rewards, I shall have to check and see how many of these scams have come my way.
"Don't give out your owner key...but give out your private keys, that's perfectly fine" LOL. Luckily Howie has taught me to be vigilant about all things crypto.
Boy these scammers have gotten so much better in their approach though, right?
They have got so much better, the bit with the keys is quite ingenious. It plays on the never give out your owner key thing but the others well ftah!
It still made me pause for a second even though I new it was a scam
this is a nice post
I think this is a nice post :0)
I lIke how you deal with this type of crap :D
And i will take your advice and ignore them!
Thank You!
You are very welcome!
Good stuff bro. Thanks for letting us all know about these scams. Caution is the better part of valor.
No worries dude ;0)
a very useful post useful friends. I like this post.
friend if can please go to my post ..
You never even voted for this one before throwing out your begging nonsense so flaggy mcflag is gonna come calling, hows that?
Get him!
Lol, that made me chuckle!!
That's cute
I apologize my friends, if I am guilty. I will not repeat it again .. I remain faithful to follow you.