ATTENTION! Steemit Comment Phishing EXPOSED! Take a look how this guy try to steal passwords!

mightymicke (56) in steemit • 7 years ago

As experienced IT security specialist this things always take my attention. When I see that someone try to break system I want to analyze in detail how and what is he doing.

After I read @denmarkguy 's post *** WARNING! *** New Steemit Phishing Scam -- Be Very Careful with Certain Comments, I decided to make more investigate on this case.

Warning! Take this serious and you should be very careful. Share it with others because someone could lost his Steemit account.

Explanation:

What is phishing?

There is no one who is not heard for this term. In short, phishing is way of stealing usernames, emails, passwords etc. with FAKE page (website) for which you think that is real.

Now, this guy leave comments like this:

What he do?

He uses markdown to try to fool Steemit users. As you know if we post link in our blog posts or in comments, we can make it with markdown like this:

[Title of link](Url of link)

He simply puts FAKE Steemit URL as 'Title of link' and phishing page in 'Url of link'. Than it just looks like real web URL but it's clever masked with Steemit url writed as 'Title of link'. So when someone click it redirects on page who ask for username and password from you.

Take a look at URL in address bar! Obliviously this is not Steemit!

If I leave my username and password here, and press Login button I will lost my account definitely, so be very careful!

How to defend?

Always, but always look at address bar and url of website you are on. If you find it suspicious leave it without any actions.

Hope this will help as educational and prevention tips for making Steemit community safer!
Thanks!
@mightymicke

steemit steem news life blog

7 years ago by mightymicke (56)

$2.12

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!

Sort Order:

Trending

[-]

dafro (49) · 7 years ago (edited)

It is very easy to fall for those scams if you dont know what to look for. Very important post, lots of people still fall for phishing

$0.12

1 vote

[-]

mightymicke (56) · 7 years ago

Truth to be told. Thanks for your comment.

$0.16

2 votes

[-]

petermarie (57) · 7 years ago

Thanks for this... never paid much attention before. Think I'll just not enter my username and/or password anywhere except during transfers. Should be safer.

$0.05

1 vote

[-]

mightymicke (56) · 7 years ago

On Steemit and steemconnect should be fine.

$0.00

[-]

tibra (58) · 7 years ago (edited)

Thank you for bringing this to my attention. Always wary of such things but people are often tired after doing something else and get careless.
Perhaps Steemit should have a "You are now leaving Steemit!" page scripted to popup when clicking a link taking the user from Steemit to Offsite. Like on many social media websites now.
That might be useful. However only the developers can implement that . . .

$0.00

1 vote

[-]

mightymicke (56) · 7 years ago

That could be one of solution, good point of view.

$0.04

1 vote

[-]

vangie (55) · 7 years ago

Thanks for sharing!

$0.00

[-]

mightymicke (56) · 7 years ago

You re welcome Vangie.

$0.00

[-]

ginquitti (51) · 7 years ago (edited)

WOW. That’s scary. It is so simple for someone to steal your stuff

$0.00

[-]

petermarie (57) · 7 years ago

Very scary!

$0.05

1 vote

[-]

mightymicke (56) · 7 years ago

It could be simple if someone don't take attention. Good thing is that we are well organized and always inform each other about this stuff, because all of us care about Steemit ecosystem and protect it.