At present, cybercriminals use various fraudulent tactics to steal information. Experts advise being aware to be safe from their hands. Experts from the US cybersecurity firm Phishlab say irresponsible online security practices are the reason for hacking accounts.
Recently It has been seen, a lot of scammers or maybe a group of scammers become active again in steemit. They dropped a phishing link on various account's post comment section. Inside that link, there is an offer of some tempting airdrops of crypto.
To get this airdrop, they asked for access to your blockchain wallet. Once you allow it, they got the keys of your wallet they take whole control of your wallet.
When these scammers are active?
It has been every 5-6 months later this scamming activity increases. Especially when the price movement happened in the exchange market, these scammers got active. The last time they became active when the SBD price rises. Now the steem price is high comparing to the last one and half year resistance.
Why do our people fall into this booby trap?
As in the crypto-world, almost every newborn crypto introduces through airdrop techniques. This is the easiest way to get attention. So, scammers use this, and they usually target growing accounts.
At first, they create a fake URL that looks almost similar to the originals. These links are created, targeting mobile devices. The original URL-like link(fake) in the narrow URL bar is not easy to understand because of the mobile's small window. I guess a major % of the mobile user avoid this part.
Fake scammer link:
https://justhive.blogspot.com/ It's a phishing link. Recently scammers are spreading this link on steemit.
Secondly, it is natural that people's subconscious minds always love to gain something momentarily. When anyone enters this site, they first noticed the 500 steem claim now button's handsome airdrop. They click on it.
Thirdly, When people click on the claim now button, they saw an interface of steemlogin/steemconnect. It's convinced the user to go ahead.
Fourthly, lack of knowledge and carelessness about using specific keys. (posting keys, Active keys, memo keys, owner keys, etc.). It has been seen a lot of users use to login by their master key.
When a steemit put the private keys in that sites, the sites take control of that account.
Is my account going to be hacked? If I click this type of link?
The answer is No. Today world blockchain technology is one of the most secure network technology. And it's almost impossible to hack your steem account until you give any permission to access any keys. If you give private keys So, be careful before sharing your keys anywhere.
What should you do if you find out this kind of link?
- First checkout @steemitblog's latest blog or last weeks' publications; if there is any airdrop/prize/anything, it must indicate there. So it would be wise to follow the @steemitblog to become updated.
- Secondly, Use your private keys precisely. Such as use posting for posting purpose, Active key for any transaction related term.
- Avoid saving your login details on any third party website/cloud.
- Before entering any link/site, make sure the site is official or scam. The easiest way to find the official site is to follow the social(Twitter, telegram etc...) blog. From there, you can see their latest update and also their official link. Example: https://twitter.com/steemit for steemit and https://twitter.com/defi_just for just network.
- Inform your CR and community moderator to take initial steps.