Soo...my account got hacked

in steem •  7 years ago  (edited)

Hello my steemit friends!

Couple of days ago (Saturday to be exact) I opend my Steemit account. I posted introducting post right away followed by my first real post couple of hours later.
Being new to the platform, I explored a little bit and I was excited people are actually upvoting and commenting my post. As I was reading some comments on my post, I noticed someone posted a comment about how my post is plagiarism with the liknk that allegedly I coppied content from. Out of curiostiy I foolishy opened it assuming that Steemit security system is on a much higher level that it actually turned out to be.
As soon as I opened the link, I got logged out instantly and when I tried to re-log it said that my password was incorect.

I am making this post with a goal of raising awareness about phishing scams on the platform, but also to turn your attention to some details I learned the hard way.

the hacker was using a pretty simple bait. What he did is basicly putting the url to a place he wans't you to enter with using "<.a .href=.....>" commands(the same like HTML code). But the link you see says something different. In this example he made it appear as a link to one of my actual posts, or just a link to my account. The url he hid leads to a website called „sleemit(dot)com“, which looks very similar to Steemit but is used to steal passwords. (I noticed these things when I was editing the comments in order to erase the dangerous content he left)

To make things worse, he used my account to bait others after he stolen my account.

So please keep in mind that there are lot of these kinds of scams on the platform and don't click on any links unless you are 100% sure they are legit. Also if you see this little icon right after the link, be even more careful cause it says that the link is taking you away from the site(it actually says that if you hover over it as you can see in the screenshot below). The most obvious clue is if user is having 0 reputation. It usually means the account is flagged for spamming, plagiarism or phishing.

Furthermore, if you notice someone is using theese links, make sure to report him, flag him and warn other users of him.
However, if you do click on those links and get hacked(like I did), you can recover your account (also like I did).
What you need to do is start the account recovery system where you enter your username, the last password you had in possesion, and your email adress.

The next thing I highly recommend is visit steemit.chat webpage. For those who don't know, steemit chat is a site where you can chat and talk to other steemit users about a lot of topics.Every topic has it's own chat room and the good thing is that the website is not linked with steemit, so you don't need a steemit account to join.

There is a chat room called #steemitabuse where you can share your problem. I did that and got contacted by a moderator there who told me everything I need to do to recover my account.
Huge thanks to @guiltyparties, (the moderator) who helped me with the process.
After I got my new password, I had to edit(not delete) every comment the hacker posted so I remove all the phishing links.

Lastly, I would like to apologise to everyone who's accounts got endangered by a hacker through my profile and I sincerely hope no one fell for the scam like I did. But at least I learned my lesson and you learn the best on your own mistakes.
I hope you understand.
That is it for now, I will continue posting as planned, but on some much more fun topics.
Best regards.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

WARNING! A link in this post by @purpleandgold leads to a known phishing site that could steal your account.
Do not open links from users you do not trust. Do not provide your private keys to any third party websites.

He is not a scam, he is a victim...

Hi, I made this post to raise awareness to phishing. This account was indeed hacked, but it got restored and all the content that was suspicious was removed. Best regards

Please edit the phishing link to "sleemit(dot)com". Some browsers & browser extensions will make that link clickable and will spread the infection.

Edited, didn't know. Thank you for noticeing!

@patrice
i was flagged in error by @mack-bot
my post was sent to expose spam links and instead your bot flagged me
see post here...
https://steemit.com/scam/@kenhudoy/scam-alert-beware-of-this-trending-style-of-i-d-thieves-in-steemit

please look into this asap.
thanks

I'm also new to the platform and didn't know things are that serious. This is a very useful post. Good luck in the future :)

I was really shocked that anyone can just leave the post with malicious link unnoticed. Guess that the community needs to strike these people themselves. Thak you for the support and good luck to you too!

I know that sucked dude glad you got everything straightened out

You have no idea how annoying it was. Thank you very much, I realy appreciate it!

No problem

Good to know. Thak you for sharing your story. Best of luck!

Really informative, thanks for the heads up!

Great job editing those links and recovering. Also thanks for the shout-out.

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by purpleandgold from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.

Very good post dude. Raise the awareness of these scams and I could have benefited from this if I knew about steemit chat rather then waiting for email from them .

I'm in the same boat as You currently. I got my account phished by sleemit...I would really love some tips on how I could go about trying to recover my reputation to at least let's call it "non-toxic" status where every comment or post I make gets flagged. It is really discouraging to try and continue on with this platform.

Thanks for this... Really helpful