Got Hacked? Here's How To Get Your Account And Reputation Score Back!
This step-by-step guide will show you how to recover your account and your reputation after getting hacked.
It Can Happen To Everyone
If you’ve been following my blog, you probably know I got hacked last week. If you haven’t read my post/ warning yet, please head over to: ‘The Most Important Thing I've Learned From Getting HACKED!!.
Unfortunately, the phishing scam is still going on, and people are still falling victim to the hackers.
What’s Going On?
In case you haven’t heard the news yet: hackers are compromising accounts by sending out phishing messages with a fake link.
The phishing messages take many forms.When you click the link inside, you’re taken to a fake website (like for example steemil.com or steewitt.com) which resembles SteemIt.
You’re then asked to log into your account. Once you do, the hackers have access to your credentials.
Once the hackers can access your account, they use it to send out their phishing message to others, trying to get more people to click their fake link.
When you’ve exposed just your private posting key, that’s all they can do and your money is safe. However, if you’ve exposed your private active key - or even worse: your master password - the hackers will withdraw your SBD and initiate the power down of your SP.
Protection Measures
Once the phishing comments that were sent out from your account are detected, the people over at @steemcleaners will start flagging them. When a comment has been flagged, it is hidden from the public. This way, the risk for others to click one of the phishing links is reduced to almost zero.
The downside of this is that your reputation score will go down to -1.
Don’t Go Around Blaming People
I’ve seen several posts in which people are pointing their finger at the owner of the account that was used to post the phishing message.
Please don’t do this. The account has been hacked, just like yours. It’s the hackers that are sending out the phishing messages. The only thing you can blame the owner of is of being stupid enough to get his account hacked. By blaming the owner, you’re increasing the damage that has already been done.
What To Do When Your Account Has Been Hacked
I’ve noticed quite some people have abandoned their hacked account and created a new one, or still have their reputation score at -1.
As you can see, I recovered my account and got my reputation score back up, so it is possible to get out of this with just little damage.
Below, you can find the steps to take to get everything back to normal.
1. Start the account recovery process.
How to do this depends on how you’ve created your SteemIt account.
- If you’ve created your account through the SteemIt website itself, you need to initiate the account recovery process by clicking the ‘Stolen Accounts Recovery’ link in the menu you can open by clicking the menu item at the top right of your screen.
You’ll have to enter your account name and your password before you can click the ‘Begin Recovery’ button. Then, you’ll have to enter the email address associated with your SteemIt account. Once you’ve done that, you’ll have to be patient, because it can take up to 24 hours for the confirmation email to arrive.
Once you’ve received it, simply follow the instructions given.
If you’ve created your account through Blocktrades, you’ll need to send an email to the Blocktrades support service. Someone from @blocktrades will then contact you. You’ll be asked to confirm your Blocktrades email address and you’ll need to send your password. They will then start the recovery process.
In case your account has been created through AnonSteem, you’ll have to follow the guidelines for their ‘Stolen Account Recovery’ process, which have been outlined here.
2. Editing the comments
Once you are back in control of your account, you need to make sure the flags will be removed. @steemcleaners will do this for you, providing you edit every single phishing comment that has been posted from your account so it will become harmless.
This will take some work and time, but if it can help you to get your reputation score back up, it’s definitely worth it.
To get started, go to https://steemworld.org/@yourusername.
(Change ‘yourusername’ to your actual username)
Scroll down to ‘account operations’ and find the spam comments that have been posted from your account.
Click to enlarge
Click them to reveal more info.
Then, click the permalink.
Click to enlarge
This will bring you directly to the comment that was posted.
From here, you should be able to edit the comment. Replace the existing text with ‘comment deleted’
Click to enlarge
Save your changes.
You should do this for EVERY SINGLE PHISHING COMMENT.
(I told you it would take some work...)
3. Get the flags removed
Once you’ve edited all comments, visit the Steemcleaners Discord channel and tell them you’ve edited all the comments.
Be patient, it can take a while before someone is available to help you out.
Someone from @steemcleaners will then remove the flags so you can get back your reputation score.
If you’ve received flags from others, contact these people, explain the situation, tell them the comment has been edited to make it harmless and ask them to take away the flag.
That should do it.
When your account and reputation score are back up, you can decide whether or not you send all the people who got commented on a short comment with your apologies.
This may sound like another truckload of work, but by doing this you can clear your name entirely. I do recommend it, but it’s totally up to you.
How To Prevent This From Happening Again
It’s a shame it took such a drastic event for me to learn a couple of important things concerning account security.
First of all:
Never use your master password for daily logins.
As I’ve stated in my other post:
Next:
Always triple-check the URL to see that you’re actually on SteemIt before you enter your credentials.
Better be safe than sorry!
More Info
Below, you’ll find the links to some other posts about this situation.
Beware of Clicking Links in Phishing Comments Pointing to STEEMIL.COM by @drakos
Public Service Announcement (PSA) - FAKE SITE: STEEMIL - PHISHING ATTACK ! ! ! BEWARE ! ! ! by @goldkey
Scam Alert #2 - I was Scammed 663.843 SBD - Update For You - Enjoy with Troy! by @enjoywithtroy
Phishing Scam Warning ! by @arunava
Please take the necessary precautions so your account will be secure.
If you know someone who has been hacked, feel free to refer to this guide.
More Posts You Might Like
Airdrop: Farmville for crypto
This is an affiliate link. I will receive free SEED if you join this airdrop through the link above.
🏆 [CHALLENGE] What Did You Learn About SteemIt Today? (@steembasicincome Giveaway)
The Most Important Thing I've Learned From Getting HACKED!!
FIGHTING THE GOOD FIGHT ~ HOW YOU CAN DO YOUR PART IN THE BATTLE AGAINST REWARD POOL ABUSE
I'll Show You The One Thing You Need To Do To Never get Bitten By Cheetah Again!
Image Sources:
Pixabay
Giphy
Screenshots taken from Steemworld.org
UPDATE
After I wrote this post, a MASS COMMENT REPLACER script was released.
With this script, you don't have to spend hours editing the comments.
You can read more about the script and how to use it in my update post here:
https://steemit.com/steemit/@simplymike/got-hacked-this-mass-comment-replacer-script-will-help-you-to-recover-quickly-video-tutorial-included
@fionasfavourites
Thanks, @simplymike - will include this in my post in due course.
Very Well Done
Nominating this for MOTW ;)
Thanks a lot
Another little bonus from your Drill Sargent...
thanks
What's MOTW?
MINNOW OF THE WEEK!
You should join us...
.........................................................................................................
Join the new @MBC-MEPS bot at Discord!
MBC DISCORD!
Mikey did get this, btw ;)
This post has been revived by steem-forever and will get extra rewards. This happens when a post is upvoted on steem-bounty.com after the 7 day post life.
Users can simple upvote via steem-bounty.com continously, so posts can live and earn rewards forever.
Authors can share their steem-bounty.com links and get upvoted forever.
We hope this will allow everyone to earn more meaningful rewards over longer timeframes than before.
You got a 24.00% upvote and resteem from @ebargains courtesy of @simplymike. Thank you for using the @ebargains UPVOTE and RESTEEM bot.
If you are looking to earn a passive no hassle return on your Steem Power, delegate your SP to @ebargains by clicking on one of the ready to delegate links:
50SP | 100SP | 250SP | 500SP | 1000SP | 5000SP | Custom Amount
You will earn 80% of the voting bot's earnings based on your delegated SP's prorated share of the bot's SP pool at the end of EACH voting round! That is over 38.5% APR! You can also undelegate at anytime.
Tq for this kind info it may so helpful for us
I hope you’ll never need it...
Thanks for this caution & fix.
I've been using the wrong password.
Glad My aweful experience can be of so much help to others ;0)
Great article... and congrats on becoming MOTW....
I upvoted this comment because your post has expired and I wanted to support you :)
Thanks. I consider it an honour. I’m happy everything turned out fine, and that I can help others through sharing my experiences.
nice post
Very well written, and very much in need. It is so hard to find the information need to recover an account for a lot of people and what the process is like. I think you did an excellent job on that count.
Thanks. I kept bumping into people who simply created a new account. I hope they'll still be able to save their old one with this guide.
This is what every one on steemit should read, some actually don't pay attention to security issues, I used to be one of them. :)
Me too. This situation has thaught me some valuable lessons.
So enlightening , everyone ought to read this
Am resteeming
Great work @simplymike
Thanks @adorablechi!