Got Hacked? Here's How To Get Your Account And Reputation Score Back!

simplymike (67) in mapsters • 7 years ago

This step-by-step guide will show you how to recover your account and your reputation after getting hacked.

It Can Happen To Everyone

If you’ve been following my blog, you probably know I got hacked last week. If you haven’t read my post/ warning yet, please head over to: ‘The Most Important Thing I've Learned From Getting HACKED!!.

Unfortunately, the phishing scam is still going on, and people are still falling victim to the hackers.

What’s Going On?

In case you haven’t heard the news yet: hackers are compromising accounts by sending out phishing messages with a fake link.

The phishing messages take many forms.

When you click the link inside, you’re taken to a fake website (like for example steemil.com or steewitt.com) which resembles SteemIt.

You’re then asked to log into your account. Once you do, the hackers have access to your credentials.

Once the hackers can access your account, they use it to send out their phishing message to others, trying to get more people to click their fake link.

When you’ve exposed just your private posting key, that’s all they can do and your money is safe. However, if you’ve exposed your private active key - or even worse: your master password - the hackers will withdraw your SBD and initiate the power down of your SP.

Protection Measures

Once the phishing comments that were sent out from your account are detected, the people over at @steemcleaners will start flagging them. When a comment has been flagged, it is hidden from the public. This way, the risk for others to click one of the phishing links is reduced to almost zero.

The downside of this is that your reputation score will go down to -1.

Don’t Go Around Blaming People

I’ve seen several posts in which people are pointing their finger at the owner of the account that was used to post the phishing message.

Please don’t do this. The account has been hacked, just like yours. It’s the hackers that are sending out the phishing messages. The only thing you can blame the owner of is of being stupid enough to get his account hacked. By blaming the owner, you’re increasing the damage that has already been done.

What To Do When Your Account Has Been Hacked

I’ve noticed quite some people have abandoned their hacked account and created a new one, or still have their reputation score at -1.

As you can see, I recovered my account and got my reputation score back up, so it is possible to get out of this with just little damage.

Below, you can find the steps to take to get everything back to normal.

1. Start the account recovery process.

How to do this depends on how you’ve created your SteemIt account.

If you’ve created your account through the SteemIt website itself, you need to initiate the account recovery process by clicking the ‘Stolen Accounts Recovery’ link in the menu you can open by clicking the menu item at the top right of your screen.

You’ll have to enter your account name and your password before you can click the ‘Begin Recovery’ button. Then, you’ll have to enter the email address associated with your SteemIt account. Once you’ve done that, you’ll have to be patient, because it can take up to 24 hours for the confirmation email to arrive.
Once you’ve received it, simply follow the instructions given.

If you’ve created your account through Blocktrades, you’ll need to send an email to the Blocktrades support service. Someone from @blocktrades will then contact you. You’ll be asked to confirm your Blocktrades email address and you’ll need to send your password. They will then start the recovery process.
In case your account has been created through AnonSteem, you’ll have to follow the guidelines for their ‘Stolen Account Recovery’ process, which have been outlined here.

2. Editing the comments

Once you are back in control of your account, you need to make sure the flags will be removed. @steemcleaners will do this for you, providing you edit every single phishing comment that has been posted from your account so it will become harmless.

This will take some work and time, but if it can help you to get your reputation score back up, it’s definitely worth it.

To get started, go to https://steemworld.org/@yourusername.
(Change ‘yourusername’ to your actual username)

Scroll down to ‘account operations’ and find the spam comments that have been posted from your account.

^{Click to enlarge}

Click them to reveal more info.

Then, click the permalink.

^{Click to enlarge}

This will bring you directly to the comment that was posted.

From here, you should be able to edit the comment. Replace the existing text with ‘comment deleted’

^{Click to enlarge}

Save your changes.

You should do this for EVERY SINGLE PHISHING COMMENT.
(I told you it would take some work...)

3. Get the flags removed

Once you’ve edited all comments, visit the Steemcleaners Discord channel and tell them you’ve edited all the comments.

Be patient, it can take a while before someone is available to help you out.

Someone from @steemcleaners will then remove the flags so you can get back your reputation score.

If you’ve received flags from others, contact these people, explain the situation, tell them the comment has been edited to make it harmless and ask them to take away the flag.

That should do it.

When your account and reputation score are back up, you can decide whether or not you send all the people who got commented on a short comment with your apologies.

This may sound like another truckload of work, but by doing this you can clear your name entirely. I do recommend it, but it’s totally up to you.

How To Prevent This From Happening Again

It’s a shame it took such a drastic event for me to learn a couple of important things concerning account security.

First of all:

Never use your master password for daily logins.

As I’ve stated in my other post:

Always triple-check the URL to see that you’re actually on SteemIt before you enter your credentials.

Better be safe than sorry!

More Info

Below, you’ll find the links to some other posts about this situation.

Beware of Clicking Links in Phishing Comments Pointing to STEEMIL.COM by @drakos

Public Service Announcement (PSA) - FAKE SITE: STEEMIL - PHISHING ATTACK ! ! ! BEWARE ! ! ! by @goldkey

Scam Alert #2 - I was Scammed 663.843 SBD - Update For You - Enjoy with Troy! by @enjoywithtroy

Phishing Scam Warning ! by @arunava

Please take the necessary precautions so your account will be secure.

If you know someone who has been hacked, feel free to refer to this guide.

Subscribe Ro RSS Feed | Subscribe To Newsletter

UPDATE

After I wrote this post, a MASS COMMENT REPLACER script was released.
With this script, you don't have to spend hours editing the comments.
You can read more about the script and how to use it in my update post here:
https://steemit.com/steemit/@simplymike/got-hacked-this-mass-comment-replacer-script-will-help-you-to-recover-quickly-video-tutorial-included

fionasfavourites (66) · 7 years ago

Thanks, @simplymike - will include this in my post in due course.

$0.00

[-]

mbc-meps (52) · 7 years ago

Very Well Done
Nominating this for MOTW ;)

$0.03

2 votes

[-]

simplymike (67) · 7 years ago

Thanks a lot

$0.30

1 vote

[-]

minnowbootcamp (54) · 7 years ago

Another little bonus from your Drill Sargent...

$0.00

[-]

simplymike (67) · 7 years ago

thanks

$0.06

1 vote

[-]

omitaylor (56) · 7 years ago

What's MOTW?

$0.06

1 vote

[-]

minnowbootcamp (54) · 7 years ago

MINNOW OF THE WEEK!

You should join us...

.........................................................................................................

Join the new @MBC-MEPS bot at Discord!

MBC DISCORD!

Mikey did get this, btw ;)

$0.00

[-]

steem-bounty (72) · 6 years ago

This post has been revived by steem-forever and will get extra rewards. This happens when a post is upvoted on steem-bounty.com after the 7 day post life.

Users can simple upvote via steem-bounty.com continously, so posts can live and earn rewards forever.
Authors can share their steem-bounty.com links and get upvoted forever.

We hope this will allow everyone to earn more meaningful rewards over longer timeframes than before.

$0.00

1 vote

[-]

ebargains (68) · 7 years ago

You got a 24.00% upvote and resteem from @ebargains courtesy of @simplymike. Thank you for using the @ebargains UPVOTE and RESTEEM bot.

If you are looking to earn a passive no hassle return on your Steem Power, delegate your SP to @ebargains by clicking on one of the ready to delegate links:
50SP | 100SP | 250SP | 500SP | 1000SP | 5000SP | Custom Amount

You will earn 80% of the voting bot's earnings based on your delegated SP's prorated share of the bot's SP pool at the end of EACH voting round! That is over 38.5% APR! You can also undelegate at anytime.

$0.00

1 vote

[-]

shailendra26 (32) · 7 years ago

Tq for this kind info it may so helpful for us

$0.00

1 vote

[-]

simplymike (67) · 7 years ago

I hope you’ll never need it...

$0.00

[-]

prisonfreepress (30) · 7 years ago

Thanks for this caution & fix.
I've been using the wrong password.

$0.00

1 vote

[-]

simplymike (67) · 7 years ago

Glad My aweful experience can be of so much help to others ;0)

$0.00

2 votes

[-]

svkrulze (52) · 7 years ago

Great article... and congrats on becoming MOTW....
I upvoted this comment because your post has expired and I wanted to support you :)

$0.00

[-]

simplymike (67) · 7 years ago

Thanks. I consider it an honour. I’m happy everything turned out fine, and that I can help others through sharing my experiences.

$0.00

1 vote

[-]

hak4life (33) · 7 years ago

nice post

Tisko Bot
Send 1 STEEM/SBD and the URL in the memo to @tisko to use the bot for a resteem and to get 10 good upvots.
Click here to see how to use Tisko Bot.

$0.00

[-]

bashadow (65) · 7 years ago

Very well written, and very much in need. It is so hard to find the information need to recover an account for a lot of people and what the process is like. I think you did an excellent job on that count.

$0.00

[-]

simplymike (67) · 7 years ago

Thanks. I kept bumping into people who simply created a new account. I hope they'll still be able to save their old one with this guide.

$0.00

[-]

alignment (49) · 7 years ago

This is what every one on steemit should read, some actually don't pay attention to security issues, I used to be one of them. :)

$0.00

[-]

simplymike (67) · 7 years ago

Me too. This situation has thaught me some valuable lessons.

$0.00

1 vote

[-]

adorablechi (44) · 7 years ago

So enlightening , everyone ought to read this
Am resteeming
Great work @simplymike

$0.00

[-]

simplymike (67) · 7 years ago

Thanks @adorablechi!

$0.00

[-]

everittdmickey (73) · 7 years ago (edited)

mute all wallet memos
I haven't seen one yet, other than BlockTrades, that didn't deserve it.
(and the blocktrades memo was redundant)

$0.00

[-]

simplymike (67) · 7 years ago

@everitttdmickey, I'm not sure I get what you mean...

$0.00

[-]

everittdmickey (73) · 7 years ago

I thought I was pretty clear.
Wallet Memos are usually spam...at best
at worst they are phishing..

$0.00

[-]

simplymike (67) · 7 years ago

To be honest, I didn’t think about it up until today that wallet memo’s are indeed a good way to send around phishing links.
Personally, I was tricked with a fake ‘Grumpy Cat’ message.
Apparently, this phising scam comes in many forms

$0.02

1 vote

[-]

vibeof100monkeys (58) · 7 years ago

Nice work glad you back on track !!! 💯🐒

$0.00

[-]

simplymike (67) · 7 years ago

Thanks. i’m glad too. I really didn’t want to start from zero again...

$0.00

[-]

vibeof100monkeys (58) · 7 years ago

For sure! 💯🐒

$0.00

[-]

rebeccabe (63) · 7 years ago

great info for all.
I am glad you got your account back.

$0.00

[-]

simplymike (67) · 7 years ago

Me too :0)

$0.00

[-]

viraldrome (67) · 7 years ago

Repairing rep score sounds difficult. You need everyone to de flag you right? It's so hard to build reputation and it can be down voted away so easily

$0.00

[-]

simplymike (67) · 7 years ago

True. Fortunately, most flags I got were from steemcleaners, so I didn't have to contact a lot of people

$0.00

[-]

purplevision (50) · 7 years ago

Thanks for the info, I'll be more careful now!
Pd: Always appreciate a good GD gif 🤟

$0.00

[-]

joe.nobel (55) · 7 years ago

Thank you for sharing. It must have been grueling to put this post together -- the hard way (from experience).
I'm bookmarking this page in case I'll need it. Hope I never do.
Upvoting and re-streeming.

Joe
@joe.nobel
science fiction, fantasy, erotica

$0.00

[-]

simplymike (67) · 7 years ago

Hi @joe.nobel
I do hope you'll never have to come back to this post :0)

$0.00

[-]

joe.nobel (55) · 7 years ago

Thanks, me too.
PS also following you now. It looks like you have stuff to say.

$0.00

[-]

insideoutlet (58) · 7 years ago

I'm so glad you got your account back and your rep, great post of what to do it it were to happen to anyone else.

$0.00

[-]

simplymike (67) · 7 years ago

Thanks.
I'm very glad to have it back.

$0.00

[-]

payforplay (59) · 7 years ago

You got a 37.96% upvote from @payforplay courtesy of @simplymike! Thanks for using our service. If you would like to share in our profits, consider delegating steem power to @payforplay. We are currently sharing 85% of our rewards with our delegators. Steem power can be delegated here: https://steembottracker.com/delegation.html

$0.00

[-]

foovler (63) · 7 years ago

Remind me not to click on links ever again.

$0.00

[-]

simplymike (67) · 7 years ago

:0)

$0.00

[-]

spydo (58) · 7 years ago

Congratulations, your post received 20.90% up vote form @spydo courtesy of @simplymike! I hope, my gratitude will help you getting more visibility.
You can also earn by making delegation. Click here to delegate to @spydo and earn 95% daily reward payout! Follow this link to know more about delegation benefits.

$0.00

[-]

basicstoliving (58) · 7 years ago

There are a few that need to see this post. Thanks for posting this as it will help those that have been hacked. Resteemed and Upvoted!

$0.00

[-]

simplymike (67) · 7 years ago

Thanks for the upvote and resteem. i noticed there were quite a few people who were still struggling with getting their account back, so I thouht a ‘how-to’ post could come in handy

$0.00

[-]

basicstoliving (58) · 7 years ago

Yes, it does come in handy! Thanks for helping make Steemit a better place.

$0.00

[-]

booster007 (66) · 7 years ago

Your post was resteem by Whale ResteemService @booster007 & @boostupvote
Resteem Over 10,400+ Followers

Keep it up!
All the best!

Send 0.100 SBD/steem For resteem over 4400+ followers / send 0.200 SBD/steem resteem over 10,400+ Follwers Send your link in memo ! @boostupvote Attached !

$0.00

[-]

lablockchain (42) · 7 years ago

very good write-up. I should keep this post on my bookmarks just in case.

$0.00

[-]

simplymike (67) · 7 years ago

Thanks!
I truly hope you’ll never need it ;0)

$0.00

[-]

bboyady (64) · 7 years ago

thank you for sharing this. its totally useful for future use

$0.00

[-]

simplymike (67) · 7 years ago

I hope you’ll never need it!

$0.00

[-]

bboyady (64) · 7 years ago

I hope so too.. cheers

$0.00

[-]

omitaylor (56) · 7 years ago

Upvoted and resteemed. Thank you for writing this, it was very informative and I'm sure a lot of people are wondering how to fix a hack.

$0.00

[-]

simplymike (67) · 7 years ago

Thanks for helping me spreading the word. Really appreciated!

$0.00

[-]

rezoanulvibes (75) · 7 years ago

Thank you so much @simplymike for sharing this! People are facing hacking attack, and losing SBD these days. We have to be careful while clicking the link. And if it asks for signing in after clicking the link, there has to be something wrong.

Again if you log in with your posting key, hackers cannot steal your money. They can also spam comment and post. You will have control on your account. In this case just change your password using master key. Everything will be fixed.

$0.00

[-]

simplymike (67) · 7 years ago

It took this hack for me to learn that. Before I used my password to log in. It is called ‘password’, so I didn’t see any problem in it. Fortunately I know better now.

$0.00

[-]

rezoanulvibes (75) · 7 years ago

Your posts create awareness and teach us what to do to stay safe. Keep posting! Wish you all the best! :)

$0.00

1 vote

[-]

sayee (66) · 7 years ago

Thank you dear for warning us all. My amazon was hacked but they could not change the pw, so i was able to login using the hackers mail and my pw. The changed email had been sent by amazon to me as notification.

I will folllw your advice

$0.00

[-]

sayee (66) · 7 years ago

Resteemed

$0.00

[-]

t-miles (44) · 7 years ago

What a fantastic article!

I didn't know that this had happened to you, and you know I spend some time on the newbieresteem discord channel. I must have missed something because I can not always come here.

But the important thing is that you have been able to recover your account and your entire reputation!

I will be much more attentive to what they are commenting on my posts and of the others!

Thanks for everything!

$0.00

[-]

simplymike (67) · 7 years ago

Thanks. I don’t think we’ve come across each other very often, that might be a reason why you missed it.

There are so many things going on on SteemIt every day that it is hard to keep track of them all :0)

$0.00

[-]

t-miles (44) · 7 years ago

Ahahha yeah you're right. I only go to discord sometimes xD
And I am focusing in raising my reputation, so I am with little time to talk there xD

$0.00

[-]

cutemachine (62) · 7 years ago

Awesome post. Hope I will never need to come back to it :)

$0.00

[-]

simplymike (67) · 7 years ago

:0)
I actually wish no one has to

$0.00

[-]

mirta (0) · 7 years ago

$0.00

Reveal Comment

[-]

simplymike (67) · 7 years ago (edited)

Don’t delete a comment.
If you delete it, the flag can’t be removed.
If the flag can’t be removed, you’ll never get your reputation score back!
Only edit them!

$0.00

[-]

romeo-chimezie (36) · 7 years ago

Thanks @simplymike for the guide and caution, it's indeed useful and will be helpful for anyone who'll be unfortunate victim to these hackers.

Please can you spare some of your time to explain which is the master password, private active key and the posting key.

Actually i have come across these security terms often here on steemit but have never gotten a satisfactory explanation. I do hope you can help me out on that. Thanks once again.

$0.00

[-]

simplymike (67) · 7 years ago (edited)

The master password is the one you received when you initially signed up. It can’t be found under the ‘permissions’ tab in your wallet.
All other keys can be found there.
The private posting key should be used for daily logins. It allows you to post, vote and comment.
The private active key is the key that protects your financial transactions, so you should only be using that when dealing with the finances of your account.

The master password should be kept somewhere safe. You only need it to change your password.
You can find this info in the FAQ:
https://steemit.com/faq.html#How_can_I_keep_my_Steem_account_secure

$0.00

[-]

romeo-chimezie (36) · 7 years ago

Thank you so much.

I followed your post guideline to my permission tab, saw the public posting key and thought it to be the private posting key...hehe... minnow's ignorance. But now, think i have been properly schooled and cleared of all ignorance as regards the security keys stuff.

A big THANKS!

$0.00

[-]

simplymike (67) · 7 years ago

You’re welcome.
Glad I could help

$0.00

[-]

olutobi (43) · 7 years ago

thanks very much, with this information, I'm not getting hacked. Thanks again 😊😊

$0.00

[-]

simplymike (67) · 7 years ago

You’re welcome

$0.00

[-]

artgirl (66) · 7 years ago

I'm bookmarking this. Thanks for letting us know the process!

$0.00

[-]

simplymike (67) · 7 years ago

I hope you’ll never need it... ;0)

$0.00

[-]

artgirl (66) · 7 years ago (edited)

True. :) If someone I know needs it I can share it too.

$0.00

[-]

joyrobinson (60) · 7 years ago

@simplymike Lucky you, you get your account back right ahead.

I did experience the same and had no choice but to make a new account as I didn't get a response for my account recovery request.

Anyhow, your recovery process guide is very informative. Resteemed 👍🏻

$0.00

[-]

simplymike (67) · 7 years ago (edited)

Did you create your old account through SteemIt? Someone told me it could take up to a week for the recovery mail to arrive. I don’t know if this is true, though.
Maybe it will still arrive in a couple of days, and you could get your account back.
If not, I admire the way you refuse to get the hackers let you down. I just went over to your blog, and noticed that you were still fully motivated. Keep it up!

$0.00

[-]

cryptosharon (69) · 7 years ago (edited)

You should do this for EVERY SINGLE PHISHING COMMENT.

Mmmm, a bot could be made for this. Just send it the permlinks and it edits comments inside to [Deleted comment]

After the e-mail verification, does Steemit also require to verify the phone number?

$0.00

[-]

simplymike (67) · 7 years ago (edited)

I’m not sure about the phone number. I would need to ask someone. @drakos, maybe? (I had my account created and recovered by @blocktrades, so I didn’t go through the SteemIt recovery proces.)

As for the bot, I remember now there is one. Right after I had edited all the comments (go figure) someone came up with one. I completely forgot about this.
Maybe I should look it up and make another post as an addition to the first guide...

$0.00

[-]

melinda010100 (73) · 7 years ago

Thank you. Resteemed

$0.00

[-]

simplymike (67) · 7 years ago

Thanks

$0.00

[-]

antigenx (56) · 7 years ago

@simplymike wow good to know that you are back

As you can see, I recovered my account and got my reputation score back up, so it is possible to get out of this with just little damage.

I must commend you on the efforts you put in to get back on board.

Thanks for this beautiful post, it will always come in handy when i need to use it as reference.

You have done well sir
@antigenx

$0.00

[-]

simplymike (67) · 7 years ago

Thanks!
Actually, it was a community effort
I truly hope you will never need this guide - not even as a reference...
(Btw, it's not 'sir', it's ma'am ;0) )

$0.00

[-]

wizardave (59) · 7 years ago

@richardman needs shut down!

This person was scammed. It may still be going on. What should we do?
https://steemit.com/information/@arslanq/steemit-account-hacked-and-stolen-sbd-information-big-scam

The bad account is https://steemit.com/@richardman/transfers

$0.00

[-]

simplymike (67) · 7 years ago (edited)

I know about that account for a while, so do the people over at Steemcleaners. There are plenty more like that...
Accounts can’t be closed, so there’s nothing that can be done..

$0.00

[-]

wizardave (59) · 7 years ago

Dang scammers!

$0.00

[-]

brupvoter (62) · 7 years ago

You got a 43.20% upvote from @brupvoter courtesy of @simplymike!

$0.00

Got Hacked? Here's How To Get Your Account And Reputation Score Back!

It Can Happen To Everyone

What’s Going On?

Protection Measures

Don’t Go Around Blaming People

What To Do When Your Account Has Been Hacked

1. Start the account recovery process.

2. Editing the comments

3. Get the flags removed

How To Prevent This From Happening Again

Never use your master password for daily logins.

Always triple-check the URL to see that you’re actually on SteemIt before you enter your credentials.

More Info

More Posts You Might Like

UPDATE

MINNOW OF THE WEEK!

.........................................................................................................

MBC DISCORD!

Send 0.100 SBD/steem For resteem over 4400+ followers / send 0.200 SBD/steem resteem over 10,400+ Follwers Send your link in memo ! @boostupvote Attached !

@richardman needs shut down!