Hello people,
Today I was alerted via @cryptoempire about a phising scheme that almost tricked @sames.
@Sames didn't fall for it, although he was close, and @eonwarped already flagged the guy, and he wasn't the first since his rep is 0.
However, this alerted me to the fact people need to be alerted not only towards basic phishers, but advanced ones using smart tactics as well.
I thought about it and since even basic phishers stole loads of accounts not long ago, people should be warned about smarter "hackers" who will try to steal their accounts.
Read below to learn more...
Basic Phishing: The Bread and Butter of STEEMit scams!
Now, first of all, do you remember when there were those comments taking you to steemil.com or something like that to get your password?
Well, those were basic phishers.
They were leaving comments from random accounts that linked to an external site to take your password.
And there were loads of victims.
Now, you may notice that STEEM now has a symbol that tells people that you're going towards an outside link or page... like this one.
Notice the little arrow?
That tells you you're going to go to an off-blockchain site.
But there are now new tactics, the one that @sames encountered and warned us about was one from the next category.
Advanced Phishers: Stealthy, Sneaky "Hacks"...
Now, advanced phishers worry about framing their little scheme just right.
They give authors a valid reason to click the link, and they highly customize the pages to try and look like SteemConnect or Steemit itself.
Here's the comment the phisher left @sames:
So, the comment refers to someone stealing @sames's content and the link apparently goes towards a report.
Not only that, do you see the little arrow pointing out you're going to an external site?
- NO!
Why?
Well, that's what made me laugh at the resourcefulness of these people... they found a "homemade workaround".
Here's why you didn't spot it:
They spaced it and spaced it and spaced it to push the symbol to the page's footer.
At a first glance it looks legit, and people usually don't go peek the footer.
What a smart guy... but there are even more advanced phishers to be careful about.
Read below...
Smart Phishers: They Aren't Only Resourceful, They Know How to Segment Their "Markets"
Now, there are phishers out there who start via the advanced tactic, but they switch it up as soon as they get 1 or 2 bites.
After they successfully get access to an account, they use that person's identity to phish other people.
What does that mean?
Well, imagine if that above comment wasn't made by that 0 rep person, but by ME!
I'm a person @sames trust, I'm reputable on the blockchain, and I'm even the leader of the crypto empire community.
@Sames wouldn't have scrolled down to the footer, he wouldn't even read the link or search for the arrow, he would click right on it...
...and that's what a smart phisher do.
People, now matter how good a certain person is, don't click their links without checking it twice... it may be a smart phisher.
BE CAREFUL!
In Conclusion:
No matter how much you trust someone, never ever log in anywhere from a link, especially one marked as external.
Be sure of where you are, look at the URL and the page's certificate, or you may help spread the disease.
Cheers!
Join the Crypto Empire Community
Bucket of Goodies:
- Trade Your STEEM: Binance Exchange
- Hire Me on STEEMGIGS
- Get Universal Basic Income - Free Tokens
- SEED Airdrop: Farmville for Crypto
- All Images Copyrights Free From Pixabay