Steem Funded Browser Extension To Prevent All Phishing Attacks

in #steem7 years ago

Are you sure that was steemit.com not steelitdotcom?
Steelit.com? What are you talking about? There have been more than 15 steemit clones in the past two months and their only purpose is to steal as much accounts as possible. The clones are indentical to steemit.com but have different names like sleemit, steewit, steelit, etc... Once you get redirected to the clone by clicking on a link on steemit (commented by the hacker spamming from stolen accounts) everything will look exactly the same as here but when you try to upvote or comment, you'll realize that you aren't logged in and that's when you unknowingly give your account info and lose everything you had in the wallet.

Is your account safe?

Judging by the scale of the attack, chances are that you have seen the spammy comments leading to the phsihing sites at least a couple of times. But did you follow them them? YES, NO? How can you be sure? Some of the messages wren't that obvious and seemed somewhat genuine. Think again. Did you get "logged out" of "steemit" recently? That's something that can happen on steemit sometimes but usually you just need to refresh and you are back in. When on a steemit clone, you will always be logged out as the goal is to get you to enter your account information. How can you be so sure that the last time you got logged out of steemit you werent on a clone? You can't, because you didn't check the URL to see if you are actually on Steemit.com or on Steewit.com.

How to protect your account?

The first thing I would suggest everyone that is in doubt to do is to change your password immediately. That way you can be sure that no one can change it, even if they had the old one. Next download Steemed Phish. It's a browser extension made by @quochuy as an answer to my request 50 SBD Bounty To Make an Anti-Phishing App For Steemit
That's pretty much it. You can now carelessly browse through Steemit without paranoya of constantly fearing and checking URLs to ensure you are not on a scam website because as soon as you land on it or encounter a link promoting it, Steemed Phish will give you a message and a full page warning.

About Steemed Phish
The extension works with:
a whitelist of friendly Steemit websites
a blacklist of known scam websites
checks of external links on friendly websites and make them obvious
This extension will validate Steemit related websites by changing its icon color:
red is for blacklisted sites
green is for recognised friendly sites
grey is for unrecognised sites
When a site is neither whitelisted or blacklisted, Steemed Phish will try to check the URL structure to find known patterns and flag a link as supsicious by coloring it in pink.

There are currently 19 blacklisted websites and 31 whitelisted websites.

Phishing Alerts
If a user lands on a phishing website, Steemed Phish will display two types of alerts:

a dialog that shows up even if the page was loaded in a tab in the background
a full page alert, that covers the whole phishing page and offers a link to go back to Steemit.com. The full page alert also reminds the user of not using their Steemit Keys on unknown websites and keep their password (Owner Key) safe.
When landing on a phishing site the app will warn you and prevent any action untill you confirm the warning message
DQmRuG9kBJzjNFs9cS2YNF7r9yjtEojjBVnHRckYBdcPbVg.gif

Once the page is loaded the app will display a full page warning when possible
DQmUQKpjuMK1RXdYULFRkyAYZvjBZqWcqc1Yg1bbcL6j9yG.gif

Expand shorten URL
Some links are shortened using services such as bit.ly, this prevents people from easily analysing the URL of the link. Steemed Phish uses a link expanding API to determine the destination URL of a link and then compare it again against the white/blacklist logic above.

Making external links more visible
Ideally, a user should be more careful on links they are clicking on by always paying attention to the URL of an anchor. But this is easier said than done and even the most experienced user can let down their guard sometimes and get tricked by the scammers.

Recently, Steemit.com, has added a feature that marks external links with a grey icon on the right of each links. Steemed Phish will make that icon more obvious by coloring it in purple. On top of that, it will make a bubble appear next to the mouse cursor with a text explaining the fact that clicking on the link with leads you away so don't use your password. This bubble won't show up on friendly (whitelisted) websites.

Roadmap and potential ideas
make a bot that browses steemit for reports and extract URLs to be added to the blacklist
make a bot that follows another bot (@guard) and listens for its downvotes and update the blacklist accordingly
monitor the https://steem.chat/channel/steemitabuse channel for more URls to be added to the blacklist
If Steem Guard project goes live, use its API to update the blacklist: https://steemit.com/steem/@hernandev/proposal-steemguard-phishing-and-scam-protection-tools
Big thanks to @quochuy for making the app and @ebargains for donating 25 SBD to increase the reward pool!
Show your appreciation by voting him as a witness or by directly donating Steem/SBD to his steemit account. To vote, go on the Witness Voting page, tipe in @quochuy and cast your vote.

I'll make a PR campaign that anybody can join with the goal of warning people about the ongoing attacks and introducing them to Steemed Phish Everyone that participates will be rewarded.
You'll be able to write a post or make a dtube or dlive video and even a meme as I did here and let everyone know about the problem and solution. Every contribution will be rewarded with an upvote while top 3 will split a 10 SBD bounty. Quality posts and those that reach more people will get bigger upvotes and have a higher chance to land in the top 3. If that's something you would like to participate in, stop by my blog tommorow evening or the day after in the morning hours.

https://steemit.com/steem/@runicar/steem-funded-browser-extension-to-put-an-end-to-phishing-attacks

Sort:  

WARNING! A link in this post by @haiduong197917 leads to a known phishing site that could steal your account.
Do not open links from users you do not trust. Do not provide your private keys to any third party websites.