Pamela Galli Posted September 5, 2011 Share Posted September 5, 2011 Got this notice in the Content Creators group -- an avatar with initials MM (and could be anyone really) IMs and says something like someone is selling your stuff on MP, and gives you the link, which takes you to a fake login page. Link to comment Share on other sites More sharing options...
Jaylin Whitewood Posted September 5, 2011 Share Posted September 5, 2011 Ouch, thats really tricky... Link to comment Share on other sites More sharing options...
Jesseaitui Petion Posted September 5, 2011 Share Posted September 5, 2011 Sadly, "MM" is one of the stolen accounts. The original owner of said "MM" account must have clicked on one of the phishing links and entered in his username/password. Everyone needs to be alerted and be careful. The phishing IM`s prompt people to "Click this link for 50% off sales!" Or, if you`re a content creator they will IM you with legit looking customer accounts they have stolen saying things along the lines of: "Your hairs are stolen , look here" and paste a phishing link. Of course, the link is an unofficial SL website that prompts people to log-in. Once "Logged in" their user name and password have been successfully stolen. Thief then uses the stolen accounts to make more notices. Such as in the case of "MM". Feel horrible for the original owner of that account. But that isn`t the first or only account that has been stolen (He takes your linden balance, too). Whoever is behind all of this has been phishing at my sim for awhile now. LL has been lighting fast with banning the accounts, and for good reason: With $L balances and credit card information on file, this is opening a big big big can of worms. Shoppers and merchants need to be careful. In my case, the phisher has registered loads of *very* similar user names to mine, hangs out on my sim on multiple accounts, and IM`s customers claiming I (read: him posing as me) am having a sale. Customer clicks link..and the cycle continues. Here are a few screenshots from phishing attempts at my store "AITUI". Note the "aitui" usernames he has created in attempt to fool people shopping at my store. Obviously, do not submit your user name and password if you should choose to check the links out. Link to comment Share on other sites More sharing options...
Pamela Galli Posted September 5, 2011 Author Share Posted September 5, 2011 I am sending a notice to my group. Thanks for the info! Link to comment Share on other sites More sharing options...
Lynda Klossovsky Posted September 5, 2011 Share Posted September 5, 2011 interesting....the internet suffix is .gp, which is guadelope, which is in the carribean. Link to comment Share on other sites More sharing options...
Pamela Galli Posted September 5, 2011 Author Share Posted September 5, 2011 bump Link to comment Share on other sites More sharing options...
Tiffy Vella Posted September 5, 2011 Share Posted September 5, 2011 This is a new low. Thanks for letting people know. Knowledge is really the best first defence. Link to comment Share on other sites More sharing options...
Taureanne Trudeau Posted September 6, 2011 Share Posted September 6, 2011 Pamela, thanks for posting that group notice! When I opened SL tonight I had a message from Xstreet SL Centeal Authority, advertising MyDear Skin Store. Since Xstreet quit operating some time ago, it seemed scammy to me, but your group note definitely prompted me to delete it. Link to comment Share on other sites More sharing options...
Lavim Feld Posted September 6, 2011 Share Posted September 6, 2011 Sadly I have been waiting for this to happen for a while now. Thanks for the samples, will be adding those to my hosts files on mine and a few dozen other pals machines. If we can keep bogus urls coming in we can make sure of some level of protection at least for those not keen or adept enough to make sense of the urls and such. As always with these information is the best defence, thanks again for bringing it to the attention of others. Link to comment Share on other sites More sharing options...
JoyHope1488311623 Posted September 6, 2011 Share Posted September 6, 2011 thats why i dont keep mony or even my credit card info on file. a pain yes to put that in everytime i need money but if my account gets hacked they wont get nothing. Link to comment Share on other sites More sharing options...
JoyHope1488311623 Posted September 6, 2011 Share Posted September 6, 2011 thats why i dont keep money or even my credit card info on file. a pain yes to put that in everytime i need money but if my account gets hacked they wont get nothing. Link to comment Share on other sites More sharing options...
Unsightly1488311623 Posted September 6, 2011 Share Posted September 6, 2011 I sent a notice in my group as well. I'm sorry that is happening to you and this needs to be put to an end. Yikes. Link to comment Share on other sites More sharing options...
Seagon Segall Posted September 6, 2011 Share Posted September 6, 2011 I just messaged ripway that they have a phishing website on their domain... would that work? Though, it keeps amazing me by how succesful these scams are, guess it's true that some people don't look up, though in this case it would be not looking at all. Sidenote... the .co.gp address is hosted in germany, also sent them an alert message. Link to comment Share on other sites More sharing options...
Pamela Galli Posted September 6, 2011 Author Share Posted September 6, 2011 What's so tricky, tho, is that the IM could come from a friend or customer -- without the warning I can see myself just clicking the link. Link to comment Share on other sites More sharing options...
Bill Woodland Posted September 6, 2011 Share Posted September 6, 2011 this has been passerd thru our group as well. Thanks so much for the heads up on this. Club Bonified Staff and VIP group Link to comment Share on other sites More sharing options...
seductressluscious Francoi Posted September 7, 2011 Share Posted September 7, 2011 if everyone forward to friends today and post on sl facebook the msg will go around linden labs need to post it on log in like they do everything else less important Link to comment Share on other sites More sharing options...
kryptic Zarco Posted September 8, 2011 Share Posted September 8, 2011 I got a IM about this the other day for my old business saying somone was stealing my wepon creations.... I was like uhm I used to do that 2 years ago I dont care if somone is stealing them..... but I noticed the link after (if your like me and use chrome or firefox itll auto tell you that the page isnt safe when you copy the link in) so I didnt click it..... this is why I dont touch the SL browser cause it has no filters like that Link to comment Share on other sites More sharing options...
Miyo Darcy Posted September 8, 2011 Share Posted September 8, 2011 I did send out a blogpost to inform every of my readers. Thanks. Link to comment Share on other sites More sharing options...
SpiritSparrow Skydancer Posted September 10, 2011 Share Posted September 10, 2011 I use frefox to, it's wonderful for that. I dont recall is IE does it. But since that redzone scam I don't click to many links in SL. And that one given at random would have set off flags to me. I hope LL is taking this serious. AND DO give a MOTD warning same with phoenix and other browsers. Link to comment Share on other sites More sharing options...
Pamela Galli Posted September 12, 2011 Author Share Posted September 12, 2011 Don't click any spam links at all, is my advice (like the ones in every thread today). I would not be surprised if that avi got hacked and is being used to send spam. Link to comment Share on other sites More sharing options...
Recommended Posts
Please take a moment to consider if this thread is worth bumping.
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now