Scammers and Hackers

CM Gilgamesh
CM Gilgamesh
  • Updated

 

Please note that the STEPN Whitepaper provides thorough information regarding the STEPN App's functionalities.

You may also use the "Submit Request" button at the bottom of this article to reach out to our Customer Support team for further assistance. 

=======================

 

🔸 How do I know if I've been scammed/hacked? 
Scammers often pretend to be Admins, moderators, or support people representing STEPN. They will even warn you not to give your personal details, but that's because most people associate "personal details" with first and last names, phone numbers, or physical addresses. Unfortunately, scammers don't need any of those details to get what they want-- all they need is your email address, seed phrase, and most of all, your STEPN Verification Code.

 

Below are possible hacking/scamming situations in STEPN: 

 

ACCOUNT TAKEOVER (HIJACKED ACCOUNT)

=====================================

SYMPTOMS: You are logged out for no reason, and when you try to log back in, the app treats you like a new user-- asking for a verification code, asking you to set up 2FA all over again, etc. Should you proceed with the registration, you are logged into an account that has no sneakers/tokens at all.

ROOT CAUSE: This happens when the hijacker gains entry to the victim's account, then replaces the email address of the real owner with the email address of the hacker. This effectively kicks out the customer 's email address from the STEPN system (deleted from STEPN). 

So when the user tries to log back into STEPN, the app will assume that the user is creating a new account-- because the user's email address is now deleted and whatever old account they had, is now under the email address of the hacker.

The telltale signs of a hijacked account are:

  • You are logged out for no reason in the middle of an activity, such as sleeping, walking or jogging, and there IS NO MAINTENANCE/UPDATE going on. 
  • If you try to log back in using the hijacked email address, and check the run history under profile > total distance, the run history will be zero, even if you've ran using STEPN in the past.
  • You don't have any used codes in the activation code section, even if you have given away activation codes in the past, 
  • You had mystery boxes waiting to be opened, but now they're all gone.
  • There are verification code requests in your email inbox that you did not request for.
  • You have provided your verification code/seed phrase via DM at any point in the past. 
  • You have logged into a 3rd party website with your STEPN email address, verification code, or seed phrase (or all of the above) in the past.

HOW TO PREVENT:

  • Enable 2FA protection.
  • Do not share your phone with anyone you do not trust. 
  • Do not give your account details to anyone, especially your Verification Code. 

HOW TO RESOLVE:

  • Please reach out to CS to prove ownership of the account. We may not be able to restore any assets that have already been sold/taken out of the account, but we can restore account ownership if you meet our criteria: https://support.stepn.com/hc/en-us/requests/new.

NOTE: If you log into your account and all your assets are gone, and even your Total Distance is back to 0, one other possibility is that you may actually be logging into an Incorrect email address or account.

 

STOLEN ASSETS (HACKED/SCAMMED ITEMS)

=====================================

SYMPTOMS: You are able to log into your account, everything seems to be normal, except your assets such as tokens, sneakers, scrolls, gems, etc. are gone. 

ROOT CAUSE: This happens when the hijacker gains entry to the victim's account, gets all the items in it, then leaves.

The telltale signs of a hacked account are: 

  • You have been forcibly logged out of your account at some point, but are able to log back in again at some point. 
  • Your account details seem normal/unchanged, but your assets have disappeared without you doing anything (you were walking, jogging, sleeping, etc. when the assets disappeared). 
  • You have provided your verification code/seed phrase via DM in any social media channel in the past. 
  • You remember performing a person-to-person trade via direct messaging in any social media channel.
  • You remember logging into a 3rd party website with your STEPN email address, verification code, or seed phrase, or all of the above.

HOW TO PREVENT:

  • Enable 2FA protection.
  • Do not share your phone with anyone you do not trust. 
  • Do not give your account details to anyone, especially your Verification Code. 

HOW TO RESOLVE:

  • Please reach out to CS to prove ownership of the account. We may not be able to restore any assets that have already been sold/taken out of the account, but we can restore account ownership if you meet our criteria: https://support.stepn.com/hc/en-us/requests/new.

 

REMINDERS

=====================================

Much as we would like to help, we cannot retrieve stolen NFTs, tokens, and other currencies that have been taken from a compromised account. 

 

Please note that STEPN Moderators in Discord, Telegram, Facebook, and Reddit will:

  • NEVER message you directly
  • NEVER ask for money or tokens
  • NEVER ask for your personal information such as email address, verification code, or wallet address.

Please be careful in crypto space, and always exercise due diligence when handling your crypto assets and/or information.

Have more questions? Submit a request