Scammers and Hackers

CM Gilgamesh
CM Gilgamesh
  • Updated

 

Please note that the STEPN Whitepaper provides thorough information regarding the STEPN App's functionalities.

The App Issues page also lists known/announced issues that may be affecting STEPN at the moment.

You may also use the "Submit Request" button at the bottom of this article to reach out to our Customer Support team for further assistance. 

=======================

 

🔸 How do I know if I've been scammed/hacked? 
Scammers often pretend to be Admins, moderators, or support people representing STEPN. They will even warn you not to give your personal details, but that's because most people associate "personal details" with first and last names, phone numbers, or physical addresses. Unfortunately, scammers don't need any of those details to get what they want-- all they need is your email address, seed phrase, and most of all, your STEPN Verification Code.

 

Below are possible hacking/scamming situations in STEPN: 

 

ACCOUNT TAKEOVER (HIJACKED ACCOUNT)

=====================================

SYMPTOMS: The member reports being logged out, and when they log back in using their email address, the system acts as if they're a new user-- it's even asking for a verification code. If the member proceed with registering, they log into an account that has no sneakers/tokens at all.

ROOT CAUSE: This happens when the hijacker gains entry to the victim's account, then replaces the email address of the real owner with the email address of the hacker. This effectively kicks out the customer from his own account.

If the real owner tries to sign back into STEPN using their own email address, they are treated like a new account, i.e. STEPN will even ask for a verification code. That's because as far as STEPN is concerned, this email address no longer has any account associated with it-- because the old account is now under the email address of the hacker.

When the customer then tries to log back in, The telltale signs of a hijacked account are:

  • You are logged out for no reason in the middle of an activity, such as sleeping, walking or jogging, and there IS NO MAINTENANCE/UPDATE going on. 
  • You check the run history under profile > total distance, and the run history is zero, even if you've ran using STEPN in the past.
  • You have given away activation codes in the past, but don't have any used codes in the activation code section.
  • You had mystery boxes waiting to be opened, but now they're all gone.
  • There are verification code requests in your inbox that you did not request for.
  • You have provided your verification code/seed phrase via DM in a social media channel in the past. 
  • You remember logging into a 3rd party website with your STEPN email address, verification code, or seed phrase.
  • HOW TO PREVENT: Enable 2FA protection. Do not give your account details to anyone, especially your Verification Code. 
  • HOW TO RESOLVE: There is no resolution possible for hijacked account cases. Once the hacker has replaced the email address of your account with another email address, it would be difficult to prove ownership of the account. 

NOTE: If you log into your account and all your assets are gone, and even your Total Distance is back to 0, one other possibility is that you may actually be logging into an Incorrect email address or account.

 

STOLEN ASSETS (HACKED/SCAMMED ITEMS)

=====================================

SYMPTOMS: Usually involves the loss of digital assets, without the victim losing access to his account. The member reports some or all sneakers disappearing from their account, along with some or all of their tokens.

ROOT CAUSE: This happens when the hijacker gains entry to the victim's account, gets all the items in it, then leaves.  are waiting for the victim to acquire more assets, with the goal of stealing them again. The telltale signs of a hacked account are: 

  • Your assets have disappeared without you doing anything (you were walking, jogging, sleeping, etc. when the assets disappeared). 
  • You have been forcibly logged out of your account (sometimes 2 or 3 times).  
  • You check the run history under profile > total distance, and your run history is still there. 
  • Your used activation codes are still visible in the activation code section.
  • You have provided your verification code/seed phrase via DM in any social media channel in the past. 
  • You remember performing a person-to-person trade via direct messaging in any social media channel.
  • You remember logging into a 3rd party website with your STEPN email address, verification code, or seed phrase.
  • HOW TO PREVENT: Enable 2FA protection. Do not give your account details to anyone, especially your Verification Code. 
  • HOW TO RESOLVE: There is no resolution possible for hacked/scammed cases. Once the assets have been transferred to a decentralized wallet, the assets are considered irrecoverable. 

 

If either your wallet or your STEPN account has already been compromised, we regret to say that much as we would like to help, we cannot retrieve stolen NFTs, tokens, and other currencies. 

 

Please note that STEPN Moderators in Discord, Telegram, Facebook, and Reddit will:

  • NEVER message you directly
  • NEVER ask for money or tokens
  • NEVER ask for your personal information such as email address, verification code, or wallet address.

Please be careful in crypto space, and always exercise due diligence when handling your crypto assets and/or information.

Have more questions? Submit a request