@Plentyofphish is the Hive account that holds the list of hacked (phished) accounts or accounts spawned by hackers.
It operates in conjunction with @hivewatchers, @spaminator, @keys-defender accounts.
This repository is maintained by @guiltyparties from the @hivewatchers team.
- Hive accounts deemed as being under hacker control are added to the Phishing.txt list.
- Hive accounts confirmed as recovered by their legitimate owners are removed from the Phishing.txt list.
3. The Phishing.txt list is automatically synced with the "Mute" function of the @plentyofphish account on a regular basis.This feature has been depricated. - The @plentyofphish "Mute" list is regularly synced with the Phishing Masterlist managed by the @hivewatchers team.
- Suggested additions/removals from Phishing.txt will be reviewed on a regular basis.
The Plenty of Phish team will manually downvote Hive accounts to zero reputation, with @hivewatchers and/or @spaminator, under the following circumstances:
- The account is actively posting phishing messages;
- The account will likely be used to post phishing messages in the near future; and
- The account was created solely for the purposes of phishing.
The Plenty of Phish team will automatically downvote Hive posts and/or comments with @spaminator, irrespective of which account posts them, under the following circumstances:
- The post/comment contains a short-link that, once unfurled, directs users to a phishing website;
- The post/comment contains a direct clickable URL to a phishing website; or
- The post/comment contains a masked, non-clickable URL to a phishing website.
The Plenty of Phish team will automatically downvote Hive posts and/or comments with @spaminator where accounts are deemed under hacker control.
The Plenty of Phish team will remove downvotes made by the @hivewatchers-related accounts and/or @spaminator-related accounts, where possible, under the following circumstances:
- The account owner has restored full control of the account and has removed the malicious URLs; or
- The account owner has restored full control of the account and the existing instances of malicious links are defunct.
The Plenty of Phish team will not remove downvotes made by @hivewatchers and/or @spaminator under the following circumstances:
- The downvoted post/comment is <12 hours to payout (6+ days old), making removal impossible;
- The downvoted post/comment has been deleted, making removal impossible;
- We have reason to suspect the account is still compromised; or
- The account was created solely for the purposes of phishing.
The Plenty of Phish team will not remove downvotes by default unless:
- Downvote removal is necessary to reverse severe* reputational damage to the account; and
- The account owner has restored full control of the account and has removed the malicious URLs. *Reputation lowered to zero or thereabouts.
The Plenty of Phish team and designated community members will review all reports of compromised and restored accounts on an individual and objective basis.
The nature of the account or it's prior contact history with Cheetah or Hivewatchers will not bear any effect on its treatment by the Team under the anti-phishing initiative.
The following account holders may use the "Mute" and "Unmute" feature of the @plentyofphish account, which allows for syncing with the phishing.txt list: @guiltyparties
Q: My account was recovered but it is still on the list. How do I get it removed?
A: Open an Issue here or let us know on the Hivewatchers Discord https://discord.gg/W2ykxCY
Q: My reputation is zero because I was downvoted by @hivewatchers or @spaminator. What can I do?
A: Please make sure you edited out malicious links that hackers posted in the posts/comments they made using your account.
Q: Can you take @guard or @spaminator downvotes off my comments?
A: No. @spaminator downvotes are small enough to not cause undue reputational damage to an account. They are not removed unless severe reputational damage has occurred regardless.
Q: How do I remove posting authority from a 3rd party Hive service or app?
A: https://hivesigner.com/revoke/appnamehere
Q: How do I avoid becoming a victim to phishing?
A: Do not click on random links or trust websites that ask you for your keys/password unless you're 100% they're legitimate.
Q: Can my account become compromised from Hive-related mobile apps?
A: There are many phishing mobile apps out there. Do not install them unless you verified them. Never log in with your password.
Q: How do I keep my money safe?
A: Use your private posting key and do not trust any website or app that asks for your password.
Q: What do I do if hackers use my account to spam but I can still log in?
A: Change your password and revoke all app permissions using https://hivesigner.com/revoke/appnamehere if you start seeing strange comments.
Q: What do I do if my money was moved to someone but I did not move it myself?
A: Change your password immediately.
Q: Should I wait to fill out the Stolen Account Recovery forms?
A: No. Ask to restore your account immediately after being locked out -- it can take well over 24 hours.
Q: What do I do if my account was created by Steemit Inc @Steem?
A: There are no known mechanisms to recover @steem-created accounts at this point.
Q: Should I delete all the comments the hackers posted?
A: Do not delete downvoted comments -- just edit them to change the text.
Q: I deleted the comments, can you take the downvotes off?
A: Deleted comments cannot be unvoted.
Q: How do I get back the HBD/HIVE the hackers stole?
A: Stolen money can't be returned.