Phishing attempts are running and use fake comments with images

in #steemit6 years ago (edited)

You must be particularly careful because this pernicious phishing attempt is spreading again on Steemit!

I already warned you last month about this scam attempts. It seems that scammers are taking advantage of the fact that the network is currently weaker and that many of the protectors of the platform are busy putting their servers back in order to reactivate the old phishing campaign.

Unfortunately, because of the recent infamous HF20 crash, my warning bot is not working at the moment and you might get my usual warning a bit late. So, be particularly careful and careful!

Scam Description

The scammer will send you a comment like this:


NOTE: the author or the content of the comment may be different from the above screenshot

If you look closely at this comment in detail, you will notice that it is actually composed of texts and images that serve to mislead the user:

How does the scammer wants to trick you?

  1. He uses a fake “upvote/reply” image to simulate the end of his comment.

  2. He uses an image containing a well known user name with a high reputation, in our example it is @exyle. Did you noticed there is no avatar in front of @exyle's name?

  3. He adds his phishing comment with the poisoned links. You may think this is a comment from @exyle.

  4. He adds a fake “upvote” arrow and “reply” link, embedded in an image with an underlying link to the phishing website.

  5. He adds a a bunch of blank lines at the end of his crafted comment to hide the real Steemit’s “upvote/reply”

his account has not been compromised!Of course, @exyle as nothing to do with this scam. He confirmed that

If you click on the link in the comment (the one that contains your supposedly copied post) or if you want to “upvote” or “reply” to “@exyle’s comment”, you will be redirected to a fake Steemit website:


NOTE: the domain name displayed may be different from the above screenshot

After a while, the page will fade out and a popup will appear, asking for your credentials:


NOTE: the domain name displayed may be different from the above screenshot

If you enter your credentials (DO NOT DO IT), you will be redirected to the the real steemit.com website.

The goal of the creator of this website is to steal your credentials to hack your account and funds!

Preventive action activated

I will add any account sending phishing links to the black list of my Warning-Bot and it will issue warnings with a link to this post, notifying users of the malicious activity of those accounts.

If you find similar phishing attempts, contact me on steem.chat

To protect yourself, you can:

  • always double check before clicking on a link, especially if this links take you away from steemit.com.
  • verify the reputation of people writing comments on your posts. A user with a low reputation should trigger you attention.

Previous threat alerts

If you missed them, please find here the previous alerts I published:

reminder

A bit of paranoia is the basis of security.
There are a few simple rules to follow in order to avoid having your account hacked:

Rule 1: NEVER, I repeat, NEVER use or give your owner key or password!

Rule 2: Use your posting key to login, post and vote on trusted websites like steemit.com or busy.org.

Rule 3: NEVER give your active key as this key allows to control your funds! Only use your active key for special operation like money transfer or account update on trusted websites like steemit.com.

Rule 4: Anywhere else, if you are requested to provide any of the above key: RUN AWAY!!!

4 simple rules. It's not much to remember. Follow them scrupulously, and you will only have to laugh at unsuccessful attempts from scammers.

Spread the words, resteem this post to your friends, and you will make the platform safer.

Thanks for reading!


If you notice any new suspect activity like the one described above, drop a comment on this post or contact me on steem.chat



footer created with steemitboard - click any award to see my board of honor

Support me and my work to protect the Steemit platform.

Vote for my witness

Sort:  
There are 2 pages
Pages

Thanks for helping to keep our community safe...This makes me angry! we Steemians don't tolerate that kind of crap here! they can go back to one of the other crappy platforms where that stuff belongs :)

Great job in outlining how scammers format comments to lure victims to malicious sites! Attackers are creative. Keep up the good reporting.

If only that guy used his brains in something positive! That's a masterpiece phishing attempt but sadly it's not gonna do any good to anyone! Upvoted and Resteemed @arcange.

I have to admit I have always been impressed by the creativity of these people, despite the fact that it is actually misused. Thanks for spread the warning @hungryhustle.

Cheers @arcange! Thanks for your commitment to safeguard the blockchain.

There should be an easily identifiable sign that "text" is actually an image, anytime images are posted in comments. For example, the word image should automatically appear beneath any image that anybody posts in a comment, malicious or not. This will alert users right away if an image is disguised as a comment.

This is a good idea. I will forward it to the devs.

These scum will stoop to any level for a quick buck. People have to be so careful as it's easy to be caught out. I really recommend using a password manager like Lastpass as that won't supply your passwords if the site URL is wrong, but even so there may be cases where even that can be fooled.

HERE@themarkymark has a post with many options of password managers. More info about these latest phishing attempts.

Thanks for useful info!...:)... Resteemed!

Thank you @acrange for your help and support we all have to make a team to find these hackers.Resteemed the more people read it the more they are awake.You are doing a great job by fighting against scammers I am going to vote for your witness too

Thank you for your support @lovepreet2511, really appreciated!

Thanks for the detail. Upped and Resteemed.

Thanks for spreading the info.

Resteemed for awareness and upvoted. These scammers tried a similar approach already where I was reporting some via comments - but using photos of known Steemians as a new step they try - be careful when adding any keys on any site. Always check the URL and never give out your master keys please!

Thank you @arcange for this and the work you do to try to secure the network.

So basically if you're redirected and asked to log back in .... don't..... close out and go back to steemit home page and log back in? Thanks for the info. Much appreciated!

Clever hoax, I'll give him that.

Wow that is sooo tricky and would be super easy to fall for. I feel terrible for @surfermarly and I hope she is able to gain control of her account again soon.

Thanks for spreading the news on this scam. re-steemed.

@arcange, thank you a lot for this extremely important post! Upvote and resteem! I hope some of my followers will read it!

Posted using Partiko Android


73 Reputation, more than 10 000 followers (10 302 followers at the moment), more than 2400 Steem Power (2400.079 Steem Power at the moment), and her account got hacked!
Sad to see what is going on on Steemit nowadays.Be careful about what links/images do you click on on Steemit, because you can end up hacked, like @surfermarly.

OMG 😱

Thanks for doing this!!

Posted using Partiko Android

WTF, THEY ARE USING EXYLE'S NAME :/

they seem to pop up whenever the STEEM price goes up a little

Jokes on them. no one wants to steal my shitposts

That's incredibly detailed info on this scam shit, will share it within my communities. Thanks!

Thank you So much @arcange. This is an enormous help to the community

Resteemed and shared on Utopian Discord server. Thanks @arcange

Thanks, this is very important to know, Can i Resteem?

Can i Resteem?

Of course. The more informed people are, the better!

I remember this exact type of phishing appearing not so long ago. I guess they have on and off periods, to lower people's vigilance.

Hay que estar pendiente de no abrir link extraños , debemos asegurarnos que no es fraudulento . Saludos

thank you so much for the alerts. we love you @arcange

Thank you for your unfailing support @banditqueen

I have found this article very useful. It will help me be in good shape and become more careful in my dealings with scammers. Thanks so much @arcange for the update.

I just don't click links people send me. =\ Reason being? I'm from the deep web, I don't trust a god damn thing.

Oh my god, to what extent can a twisted mind be smart just to hurt othersand steal their efforts. I never click suspucious links yet would candidly upvote a comment. Does it show white on night mode? Maybe it is safer.

Thank you very much for very useful information!

Posted using Partiko iOS

Thanks for the heads up! Resteemed to help spread the word

Posted using Partiko iOS

Why can't these scanners use the knowledge they have for doing something good. They make my blood boil taking what's not there's. Thanks for the warning :)

thanks for the tip, i will take more care now.

Thank you @arcange. We must just think and follow your guidelines. Think before you click anything and do not hand out keys.

Dang that's clever. I didn't notice a profile pic was gone until you mentioned it. Thanks for watching out for us.

Posted using Partiko Android

Merci pour ce post très utile, je vais en parler aux personnes qui utilisent steemit! 😊

Lo que tenemos que tener en cuenta es que ante de dar clic a una vinculo hay tener muy presente de done proviene ya que eso vinculo se puede prestar, para mucha cosa gracias por esta información.

Yikes thanks for the warning. This kind of behavior is completely vile, and I hope we can stamp it out to discourage people from taking advantage of honest, hardworking people.

woww this is something really nice by you brother thanks for letting steemian knows

Thanks for the warning @arcange! Resteeming the warning.

Thank you very much for all you do to protect our Steem blckchain @arcange!

Excellent post about the latest scammy attempts to steal from those who clearly have no principles ...

Upvoted and resteemed. Keep up the great work!!

Posted using Partiko Android

Bastards! Thanks for the warning mate, will definitely resteem.

Damn. These criminals are getting really creative now. 🤔

Thanks for the Info

They are becoming more dangerous and professional. Many users will fall for it. I will resteem it and hopefully people will be careful. It is very sad. They stole a lot of money lately.
Like this account :

https://steemit.com/@clementin/transfers

They all try to trick us!

nygma_comment.jpg

Thanks for this write up. We have submitted a take down request with the infringing website hosting provider.

I'm a newbie and posts like this are really helpful. Thank you so much for the initiative. 👍

WTF! This is another level. Now I'm scared.

There are 2 pages
Pages