(Thief uses name of Leo Finance)
(Thief uses name of a top witness)
Recently, STEEM / SBD theft has become rampant again in Steem platform. This is done by thieves with the modus operandi of distributing gifts for free.
First, thieves will comment on user's posts about free opportunities scam such as prize giveaways, airdrops, faucets, and bonuses, along with a link to a trap (phishing) site.
The trap site will ask user to enter his private key as a condition to claim the prize.
And those who are not aware simply give the private key to the thief, expecting to receive the promised gift.
After the thief gets user's private key, he will immediately do the following:
- Changes the password so that user can no longer log into his account.
- Sends all user's STEEM / SBD to his account.
- Powerdowns all user's SP and send the STEEM to his account after payout in a week.
Usually, thieves send trap comments to the posts of new, inexperienced users who are unaware of this mode of theft.
Thieves will also use famous figures from the Steem and Hive platforms, such as Leo Finance and top witnesses to convince user.
And then, thieves often use other people's accounts they stole to post comments and spread trap sites to steal other accounts.
Ouch, He's Done!
What happens if user have already clicked on the trap link and given his private key to the thief?
There are two things user may still do to save his account.
1. Change his password as soon as possible.
If the thief didn't have time to change the password yet, it's chance that user can still log in, change the password immediately, and save the account.
However, unfortunately this cannot be done if the thief has already changed the password, as user will not be able to log in.
User can change the password himself using the method described in this post.
2. Contact Steemit.com as soon as possible.
If the thief has changed the password and user are unable to log in, contact Steemit.com immediately.
They may still be able to recover and get the account back from the thief if it's within 30 days.
However, user will not be able to retrieve any STEEM / SBD that the thief has already sent to his account. Even Steemit.com itself can not confiscate the stolen money from the thief.
How to contact Steemit.com is explained in the next post.
https://steemit.com/steemit/@firepower/4-tips-for-steemit-account-recovery-and-wallet-security
Therefore, please be very careful of comments on the posts that contain free opportunities scam such as the ones mentioned above.
Be it distribution of prizes, airdrops, faucets, bonuses, etc., everything is a lie and the link is just a trap site to steal user's private key.
So, don't click the link, don't give the key. Thieves are after user's wallet!!