Phishing site reported - Steembottracker - steemit24(dot).ml

in #steemit6 years ago (edited)

Phishing websites and scammers are back!

After the HF20, the activity of the scammers seemed to have been stopped thanks to the new Resource Credits system. It was too good to be true and it looks like are back. Be careful!

I already warned you about several scam attempts (see bottom of this post for a list of them). Here is a new one.

Scam Description

The attacker publish the following comment on user’s post

NOTE: the author or the content of the comment may be different from the above screenshot

If you click on the link in the comment, you will be redirected to the following website:


NOTE: the domain name displayed may be different from the above screenshot

The site is a simple “static” website created using the gooyaabiteloates.com website creator.

On the website, your are invited to click on a “Join Now” button to get 30 free STEEM.

If you click on the “Join Now” button, you will be redirected to a FAKE SteemConnect page

The website looks EXACTLY like steemconnect.com, but its behaviour will differ as it clearly want to steal your credentials to hack your account!

What is Phishing?

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

source: Wikipedia

The goal of the creator of this website is to steal your credentials to hack your account and funds!

Preventive action activated

This phishing scam has been added to the black list of my Warning-Bot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.

If you find similar phishing attempts, contact me on steem.chat

To protect yourself, you can:

  • always double check before clicking on a link, especially if this links take you away from steemit.com.
  • verify the reputation of people writing comments on your posts. A user with a low reputation should trigger you attention.

Previous threat alerts

If you missed them, please find here the previous alerts I published:

reminder

A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:

Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!

Rule 2: Use your posting key to login, post and vote on trusted websites like steemit.com or busy.org.

Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like steemit.com.

Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!

4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.

Spread the words, resteem this post to your friends, and you will make the platform safer.

Thanks for reading!


If you notice any new suspect activity like the one described above, drop a comment on this post or contact me on steem.chat


Support me and my work to protect the Steemit platform.

Vote for my witness

Sort:  

Thank you. That is very helpful.
I'm always concerned that so many applications even ask for master passwords even though they clearly don't need it.
Maybe it could be encuraged to not ask for it in general.
So you would think twice when you are asked.

Posted using Partiko Android

Great work!

Thanks for helping to keep us all safe.

You are welcome. I am happy to help and inform the user on how to protect themselves.

The scheme varies a bit... but not much, their technique is always the same. Convince the user to go to some other site - most times a clone of SteemIt.com - and then ask users to login with their Steem Account.

It's a pity that many users keep falling for this trap. Well, but at least, now the scammers will have a little more trouble replicating all the messages, since they will exhaust their RC very fast.

It's a pity that many users keep falling for this trap.

This is why we must continue our education effort and continue to inform users again and again.

at least, now the scammers will have a little more trouble replicating all the messages, since they will exhaust their RC very fast.

That's one of the positive aspects of the HF20

I always stick to the old adage 'if its to good to be true then it probably is'

also anyone with a rep below 25 automatically arouses my suspicion - especially when they are giving something away!

Thanks for info.. I will resteem to my friend

Posted using Partiko Android

Thanks for spreading the info @siipank

Thanks for the warning, there are some real pieces of shit in the world :-(

Hi @arcange!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your UA account score is currently 7.762 which ranks you at #41 across all Steem accounts.
Your rank has improved 1 places in the last three days (old rank 42).

In our last Algorithmic Curation Round, consisting of 299 contributions, your post is ranked at #34.

Evaluation of your UA score:
  • Your follower network is great!
  • The readers appreciate your great work!
  • You have already shown user engagement, try to improve it further.

Feel free to join our @steem-ua Discord server

Thank you for alerting us.

Posted using Partiko Android

Thank you for warning us about this!

Resteemed!
Hope that no dedicated users will be victims of such scam

Posted using Partiko Android

Thanks for spreading the info

You are doing the actual thing. We are just taking advantage and doing easy one!

Posted using Partiko Android

Thanks for the heads up!

Posted using Partiko Android

Hi @arcange,

Though I've sent you several messages regarding your auto comment bot related to some phishing account that seems a bit similar to my account but did not hear back from you. This is really depressing that a person like you who is witness at Steemit is spreading such comments about someone who never did anything wrong and his only crime is that he has few characters similar to the name of the scammer. Do you really do your job this way without checking and confirming something really serious and still declaring others 'confirmed scam'. Please stop this bullshit and spread the messages about the real scammers. I'm not sure about others in the list and I'm not even in the list but you're autocommenting about me and it's wasting my time just because you did not check properly and your system/commenting bot is not up to the mark. So, please update it help the system after all you're a witness.

Do your own research! I replied 3 times to you!