Warning : Hacked account by Phising forum

[ayoza Alcove]

This night a person had hacked my account with Phising link. 

One week ago i had recieve im sayed me : " Someone wrote bad thing about u in the second life forum " I request to him the link, and he send me a link begin with   http://secondlifeforums.......................

This night he had hacked my account and send the same message at my friend : " someone had write bad thing about you ........ " 

 

Is not necessaryto say what he had doing about my Money ...

 

So do attention at false link, becuase i had research in google the information of the false link. I am not the first with this probleme, some people had notice this site in phising link, but this not closed ....... 

 

 

Take care . 

[Hippie Bowman]

---

ayoza Alcove wrote:

This night a person had hacked my account with Phising link. 

One week ago i had recieve im sayed me : " Someone wrote bad thing about u in the second life forum " I request to him the link, and he send me a link begin with  

 

http://secondlifeforums.......................

This night he had hacked my account and send the same message at my friend : " someone had write bad thing about you ........ " 

 

Is not necessaryto say what he had doing about my Money ...

 

So do attention at false link, becuase i had research in google the information of the false link. I am not the first with this probleme, some people had notice this site in phising link, but this not closed ....... 

 

 

Take care . 

---

I would like to ask you.  How could the person hack your account if you did not give the password?

 

Peace!

[ayoza Alcove]

I was connected in this phising link for see waht was this post about me. 

So i had write my pass.

 

I can't type the entiere adress of the link, but when we go in the false link, is the same image of the second life forum, and u can thinking is the true forum. 

[phaedra Exonar]

In cases like this you can email LL security directly, but it's only for reporting the security issue, other account issue caused by it would need to be dealt with separately.  Not sure if you did that or not, but thought this would be good for others to know to.

http://wiki.secondlife.com/wiki/Security_issues

http://wiki.secondlife.com/wiki/Linden_Lab_Official:Email_Scam_%28Phishing%29_FAQ

[ayoza Alcove]

I had doing the necessary for this, , have post 

but i am surprise when i want say the complete ink taht my post is delete .

 

Is important information poeple can see the flase link, and reporte this to second life,. Because whe i search in google i saw in site mywot.com that one person had write this page in phising . 

So why second life can't close this page ? 

[Dillon Levenque]

---

ayoza Alcove wrote:

So why second life can't close this page ? 

---

 

Second Life can't 'close' the page: it isn't their page. The forum is at http://community.secondlife.com/t5/Forums/ct-p/Forums.

[ayoza Alcove]

They can ask to close the link, because the hacker use logo second life, and redirect to this forum with the link . 

 

 

[MoiselleErin Teardrop]

if someone told me that someone on the forum said something bad about me, my question would have been - "What else is new?"

[Innula Zenovka]

And, assuming that you've reported the matter to LL (posting about it here isn't the same as reporting it; this is a resident forum where posts are unlikely to be seen by Lindens), they will go about having the phishing site taken down.   But it's not up to LL how quickly the phishing site's hosts respond to the request.

[ayoza Alcove]

Yes i know, and i am doing the necessary to LL for resolve the problem. 

 

I just say this problem here for people will be vigilent about this problem, are send me practice soltuion, because i had searched ton make this link in " phising site " in my Kapersky virsu wall, and i can't . 

 

 

[Amethyst Jetaime]

The practical solution is to NEVER click a link that someone that you don't know and trust gives you and NEVER enter your passowrk anywhere but on official SL sites that you have been on before or that you went to through your dashboard. to get to.

 

[Dilbert Dilweg]

Never enter your password unless you went to the correct site your self. If somone sends you a link to Sl and says to log in and check it out. do not use their link . Goto Secondlife.com and log in and then search for the forum post. You gotta secure your self.. Never ever enter a password to a link that was given to you........

You can also report the bad site to the HOST of the website. doing a whois search for the site and follow the abuse link to report phishing abuse... Your report to the ISP would have it removed

 

There is money in SL. that means there will be scammers and hackers who will make attempts to steal your account and take your money. Always have that in the back of your mind when somone sends you a link

Enable your browser to also warn you when a site is trying to redirect you to another site

 

[ayoza Alcove]

i give some site to declare the phising : 

 

http://www.phishtank.com/

 

http://www.google.com/safebrowsing/report_phish/

 

From France : http://www.phishing-initiative.com/

[HarleyRainn]

People just need to realize that having a password looking like ************* makes it much easier to log in anothers account when a password should look like this ****************************************   :matte-motes-sunglasses-3:

[Innula Zenovka]

I strongly recommed a password generator, like https://lastpass.com/

[GothGirl Demonia]

Submit the Phishing link to the following.

1. Linden Lab, Make a ticket.
2. www.ic3.gov under phishing
3. Use internet explorer, and mark the website as unsafe Tools, Smart Screen Filter, Report unsafe website.

Be aware that with the current linking systems that allow short links, and link redirects it is easily possible to fool the common user of logging in, or even registering with their same information as they use on Second Life, so don't use your same User/PW across services, and always check the weblink.

[GothGirl Demonia]

For the common user Last Pass might be a good buy, however I remember the days with Last Pass, and Gator.

I don't trust any of these services, if you watch the video ENCRYPTED and DECRYPTED Locally....

1. I wonder how hard it would be to find out the encryption keys used with the program, in additon the program locks in on websites it says The next time you visit the site it types the password for you, and so that tells me the program types it in for you...

If I had physical access to your computer and setup a fake login to a site or service I wonder how easy it would be for me to see your password then just login with it from any computer, even this isn't needed because there are backdoors like Team Viewer for example, or Go to my pc, or remote services which people sometimes leave open Microsoft remote assistance.

2. Nothing is really secure on the net this is true, but generally as I am trying to say I don't trust programs that remember passwords I would rather keep my password on a secondary disc aka my iron key https://www.ironkey.com/ and keep it with me at all times its more secure that way in my view.

Generally, look how many companies out there have been compromised.

Blizzard, Sony, Aeria Games, EA Games, Bioware, How much user information has been compromised in fact I have seen the data leaked from these companies on the net, including some software programs and things from AT&T an ISP that was hacked, even NORTON, my point being that these companies are supposed to be top notch security they are million dollars richer than Linden Lab, yet still compromised, so see what I am saying when I say it isn't secure.

Lets not forget about the millions of gamers that use Punk Buster, everytime they play a game and don't physically disable it after playing a game that requires it...

I will never touch a program or use a program like this for these reasons that it is unsafe, the only thing I would use in addition to a password, is a secret question, and when I say secret I mean secret something not thought of, and on top of this I would use a Thumb print scanner, yeah its possible to get past those too and believe me ive watch enough CSI to understand how, but likely chances of that are slim unless the government wanted to SPY on me or something even then all you need is access to a **NOC** and you see every packet and byte going in and out of a users computer.

Lets talk about **STEAM** Games... "Encryption FAIL."

Bioware, and EA decided to use STEAM because using Steam was impossible to do PIRACY on games, yet some google searches I was able to find out how to Crack and decrypt any steam game I wanted in a matter of Seconds without even using the steam client, then add patch to the game and bam im playing it no questions asked. Their security didn't work, and we are talking about a game with over 4GB of code encryption on its files compared to a 16 digit password. In addition to this the games were able to be played before even released to the public, before even the user could buy them at gamestop which was pretty funny.

[Perrie Juran]

---

GothGirl Demonia wrote:

Lets talk about **STEAM** Games... "Encryption FAIL."

Bioware, and EA decided to use STEAM because using Steam was impossible to do PIRACY on games, yet some google searches I was able to find out how to Crack and decrypt any steam game I wanted in a matter of Seconds without even using the steam client,

then add patch to the game and bam im playing it no questions asked.

Their security didn't work, and we are talking about a game with over 4GB of code encryption on its files compared to a 16 digit password. In addition to this the games were able to be played before even released to the public, before even the user could buy them at gamestop which was pretty funny.

---

 

Well what do you know.  "Miss **bleep** about the Griefers, Hackers, Thieves and Copybots" doing the very things she claims to be on a crusade against!

Ever hear of a thing called "double standards?"

There is another word for that but I will refrain from using it here.

 

[GothGirl Demonia]

---

Perrie Juran wrote:

---

GothGirl Demonia wrote:

Lets talk about **STEAM** Games... "Encryption FAIL."

Bioware, and EA decided to use STEAM because using Steam was impossible to do PIRACY on games, yet some google searches I was able to find out how to Crack and decrypt any steam game I wanted in a matter of Seconds without even using the steam client,

then add patch to the game and bam im playing it no questions asked.

Their security didn't work, and we are talking about a game with over 4GB of code encryption on its files compared to a 16 digit password. In addition to this the games were able to be played before even released to the public, before even the user could buy them at gamestop which was pretty funny.

---

 

Well what do you know.  "Miss **bleep** about the Griefers, Hackers, Thieves and Copybots" doing the very things she claims to be on a crusade against!

Ever hear of a thing called "double standards?"

There is another word for that but I will refrain from using it here.

 

---

http://www.youtube.com/watch?v=WJIuYgIvKsc <<< Refer to this.

Also lets not forget to add YouTube, and Google to his list because this is where I do all my research from and find out how to crack stuff as a cracking guide for dummies...

 Lets not forget 50 Days of LULZ.

 I support Hotz, not Sony and sony got slapped Laugh Out Loud.

There are many different reasons for hacking, I don't support illegal types of hacking, however I dont shed a tear when a company gets hacked for revenge, or when someone in SL gets owned for revenge I just laugh.

My general point I am saying is that password Store programs are NOT safe to use, and the links above prove it they had more security than what that program has, and yet they got hacked, and hacked again. Lets not forget about.Visa, Mastercard, PayPal, NCsoft, Aeria Games, Sony, BioWare, EA, Valve, Bethesada, AT&T, Norton, all these companies were compromised with actual server hacking, and I am sure certain things had to be decrypted, let alone games from Valve or on steam for that matter. Just do some research.

In fact one more bad thing about YouTube is all these videos named Nexon Points Hack, aka supposedly keygenerators that are supposed to hack prepaid cards for peoples online gaming, but yet if you put in your info you get Phished although there are lots of teens 13 and such that would do this not knowing. While that is their problem why are these videos even allowed on YouTube.

I guess it leads back to the fact You Can't Stop The Free Flow of Information, Its how you use it.

[Perrie Juran]

---

GothGirl Demonia wrote:

however I dont shed a tear when a company gets hacked for revenge, or when someone in SL gets owned for revenge I just laugh.

---

All your bolding is not going to change the fact and is not going to hide that you confessed:

"I was able to find out how to Crack and decrypt any steam game I wanted in a matter of Seconds without even using the steam client, then add patch to the game and bam im playing it no questions asked"

Your attempt at justifying your action is nothing but "fail."

I don't think that any one here is going to shed any tears for you now.

You've been 'owned.'

 

 

 

 

[c4lypso]

Considering the use of micro transactions within SL and how many people actively hold high balances of Linden which can be exchanged for currency. I wonder why Linden Labs hasn't implemented two factor authentication. For many users TFA would solve a lot of issues.

[161488303349]

---

ayoza Alcove wrote:

Yes i know, and i am doing the necessary to LL for resolve the problem. 

 

I just say this problem here for people will be vigilent about this problem, ...

  

---

thanks

you done the right thing to report to linden. and also to post about it here so that we can know and not get caught ourself

[Clarinette Landar]

My account has not been hacked but to add about this thread. I have seen in 2 different groups people posting phishing links using the marketplace instead of the forum version of the phishing link.

I strongly suggest to all groups moderators in SL to ban people using these phishing links and do AR to Lindens Labs (the accounts might have been hacked before but i suppose Lindens Labs could find out with the IP adresses and the transaction history if it is the case or not and even find out who are the scammers behind all that).

But if no one fill abuse reports to LL, they won't have any information and these scammers will keep on being a pain in the ass for the whole community.

[Paul Hexem]

Stupid people are stupid.