PSA Alert: Be Aware of new Apps being used to steal your Steemit/Dtube Information
Dear Steemit Friends,
Many, if not most of us all know that there are many phishing scams spread across the Steemit ecosystem. Where money is involved, you can expect that there will always be people who want to take advantage and cheat the system by taking advantage of users. Unfortunately, it's just the way the world works. Nothing good comes without a bad element.
In my last PSA alert, I warned of a new scam that takes advantage of users by utilizing sites such as
steemil.com, and various other adaptations of the Steemit name to attempt to trick users into logging in to steal the users login information. Despite the number of alerts from myself and others, people continue to report that they have been hacked and are victims of these and similar phishing scams. Our notices don't often reach everyone given that Steemit has millions of users and new people signing up every day.
You can find my first alert with information pertaining to the above-mentioned phishing scam using the link below:
Another Phishing Scam has arrived
Because a number of Steemit users are in regions where either a PC is not an affordable expense or people are frequently on the go and need a mobile solution, Smartphone Apps have become a popular and increasingly growing method for users and content creators from across the world to access the Steemit platform. We are beginning to see a number of mobile apps being developed which connect directly to the Steemit platform and the Steem blockchain.
DTube has become an increasingly popular platform built on the Steem blockchain where content creators can share their life experiences with others. It is quickly growing and becoming a more popular alternative to YouTube with regular updates and added features.
This has recently become a popular target for scammers as well. There are a number of people who have been fooled by a new app that is available on the Google Play store portraying itself as a legitimate DTube App. A number of users who have downloaded it and have tried to log in and post content from it have already become victims of this phishing scam. What makes it worse is more-and-more people are falling for this scam because of its availability on a well-known App store which people assume they can trust when it comes to safe applications.
In order to ensure safety, you will not find the link to the App here, however it is easy to find using search on google and the app store.
Because mobile apps are the only alternative to small sized browsers for people in certain regions and for people on the go, a number of people end up using the app due to its potential convenience and claims to be able to connect to the blockchain. A number of people have already reported that they have tried to log in using their credentials and as a result, have had all of their earnings withdrawn and in some cases, their passwords reset and accounts stolen.
Here is an example of someone who recently had all her funds stolen due to the App.
Reading the comments associated with the App, you will see a number of people reporting that their accounts were hacked.
What is worse is that regardless of the number of reported incidents of users getting hacked, the rating of the app remains relatively high, which means people who do not take the time to read the reviews end up getting scammed. Some people even tend to ignore warnings and proceed anyway just because the App is on a trusted platform and has a number of positive reviews.
A little research goes a long way
I looked into a number of the positive reviews and posts on Steemit promoting the App and what I found, was a majority of the people promoting the App are either day old accounts or fake accounts created using profiles of real people.
Many of the people on Steemit who have posts announcing or supporting the app are your typical bot and daily spam generating posting accounts that were created in the last month and add no value or substance to Steemit and probably belong to the creator of the app.
I decided to look up a number of the people who made positive comments supporting the app using a simple google image search on the profile pictures which led me to accounts on other platforms for these users and decided to contact some of them. Most of those that have replied had not even heard of the app and were not even users of Steemit or DTube.
As I am researching and typing this post, a number of the Apps that I am referring to our being removed from the Google Play Store, but even after, a new one is uploaded with fresh new account and a clean slate in terms of reviews, which means a fresh new batch of users who will potentially get scammed.
My heart does go out to those who have been scammed. I'm sure most of us have been scammed in life one way or another and it is not a good feeling. My warning and advice to everyone is to be careful. Be vigilant and show some awareness in who you give your information and login credentials to. Unfortunately, when it comes to warning people about potential scams, we are always on the reactive side since visibility only happens when someone is already scammed and reports it.
Think before you act. There are a number of clues and things you should look out for which indicate if something is legitimate or not. If you have a gut feeling that something might be off or any kind of hesitation at all, it's probably best to avoid it. Generally, most apps and projects tied to the Steem blockchain utilize SteemConnect when dealing with your credentials. This, however, should not be your one true comfort that something is legitimate. Take some time to do a little research and ask around before jumping into something unknown. This is the wild west all over again.
I hope this serves as continued advice and is timely and repetitive enough to help get the word out before more people are taken advantage of.
Thanks for reading
If you have any questions, inputs, or feedback, please feel free to post a comment below. Please also help me spread the word by upvoting and resteeming this post. Thanks and be safe!