My account has been compromised

[Alkyone Myrtle]

As the titlte reveals, my account has been in troubles. The one who did this, changed my password so I couldn't log into. I submitted a ticket to the LL immediately, of course and got a reply that indeed my account might be compromised and they put it ''on hold''. What does this mean? I know I cannot log in but does the same goes for the one who hacked it? Or is he/she still can use it?

[valerie Inshan]

It is normal you cannot access your account while it is on hold, and whoever hacked it cannot access it either. Now that you have submitted your ticket, Linden Lab will investigate the relevant transactions. This may take a few days. Once they have concluded the investigation, they will send you an email explaining their conclusion and the action they will take.

If your account has always been in compliance with the ToS until now, chances are very good that you will recover your account soon. Just be patient. Good luck! :smileyhappy:

[Alkyone Myrtle]

Thank you for the reply. I was stressed about the possibility the one who did this, being able to still use it. But since this is not the case, I will relax and wait...

[GothGirl Demonia]

1. Submit a Ticket To Linden Lab

2. If you have any problems contact Linden Lab via phone.

3. Pray that whoever compromised your account did not delete your entire inventory there is a griefer group doing this to a bunch of people in Second Life.

I have personally been pushing trying to get Linden Lab to add IP Verification, and spreading the word to others to spread the word about how we need IP Verification similar to GuildWars 2 as a secondary security protection feature, however the JIRA that I personally filed about it the Linden Said they would pass it on to security team and it was closed so I don't know how far that is even going to go I suggest more people file JIRA, about adding security to Second Life like this to add an additional layer of protection to your account never know who is going to be next.

[Tex Monday]

---

GothGirl Demonia wrote:

3. Pray that whoever compromised your account did not delete your entire inventory

 

---

that's what I was going to mention. The only downfall to this whole thing is whatever that person did to your account (take Lindens, delete inventory etc) can not be recovered by LL. I am sure you'll get your account back, and as Goth stated, hopefully everything is still in tact.

Good luck..

[Astrid Kaufmat]

Hi

to answer your question I can say that if the account has been blocked it's for security measures, so as you couldn't login with it also the lamer who did this couldn't do it.

I would akso ask you, to help you guessing what happened and try to avoid this in future:

Did you share with anyone your infos for login?

Did you ever clicked on marketplace links that they posted in your IM chat box? They might have phished you in this way

Did you use your SL username and password on any other extrnal site/forum/blog?

Did you use only and exclusively SL viewer or approved viewers?

Actually to do this they need a keylogger that could be installed in bad lame viewers if you downloaded any .

Another golden rule is also to never share your email connected to your account with your friends. If you really trust but only if you trust use a different mail (maybe temp so just in case you also dump it)

Be also always careful to never let them collect data that could drive them to guess your backup solutions just by talking with you, hide your real interests fake them change them,when you talk even with your closest friends in secondlife, even if you might know them in real world.

Really often the hacker is someone who has been knowing you enough to apply what in tecnical talk is called social engeniring.

 

A part this now what you ptrolly have to do is to contact lindenlab and prolly they are goint to make you fill a questionary with several questions related to your account, maybe you could be asked also of a real life document.

If after this you can get back your account then change the password.

Anyway I would just destroy it cause you don't know now how they have compromise it : if it has been cause they keylogged your password or cause they cracked your backup infos.

So make another and make it stronger this time.

Remember that the only power they get is the one you give them.:matte-motes-wink:

I add here some phone numbers that you might find useful to contact lindenlab,otherwise just use a ticket and follow their procedure ansowering  their questions

 

toll free (US/Canada)
800.294.1067
long distance
703.286.6277

 France: 0805.101.490
 Germany: 0800.664.5510
Japan: 0066.33.132.830
 Portugal: 800.814.450
 Spain: 800.300.560
 UK: 0800.048.4646
 Support is in English Only

[Alkyone Myrtle]

 I sent a ticket to the LL as soon as I got hacked. The one who did this sent me a link, I fooly clicked on it but my browser did not open any page and of course I did not give my password to anyone. The next instant, that very same lame person went into my ims and began to laugh at me, telling me we would meet again tomorrow and turned my avatar into a bunny. It was then when I realised what had happened. I tried to change password that precise moment but it was too late. I logged out and immediately submitted a ticket to the LL.

[Alkyone Myrtle]

 As for the inventory, frankly this is the last to concern me. I do not plan to use the account any longer after this incident. And the lindens I had is not an issue either. Also, the only card I ever had was only a prepaid one, so I guess this won't be a problem either, right? Even though Im pretty sure I had deleted the payment info anyway long before that happened

[Tex Monday]

---

Alkyone Myrtle wrote:

 As for the inventory, frankly this is the last to concern me. I do not plan to use the account any longer after this incident. And the lindens I had is not an issue either. Also, the only card I ever had was only a prepaid one, so I guess this won't be a problem either, right? Even though Im pretty sure I had deleted the payment info anyway long before that happened

---

It's a shame that this jerk is forcing you out of SL. There are lots of nice people here to hang out with.

Can you pass on a bit of information here...where you were when it happened...what the link looked like. I know you can't mention names, but any kind of heads up would be good for the rest of us

[Theresa Tennyson]

---

Alkyone Myrtle wrote:

 I sent a ticket to the LL as soon as I got hacked. The one who did this sent me a link, I fooly clicked on it but my browser did not open any page and of course I did not give my password to anyone. The next instant, that very same lame person went into my ims and began to laugh at me, telling me we would meet again tomorrow and turned my avatar into a bunny. It was then when I realised what had happened. I tried to change password that precise moment but it was too late. I logged out and immediately submitted a ticket to the LL.

---

What viewer are you using and where did you get it? I'd expect seeing problems like that from a viewer that has been deliberately hacked to allow others to take control of your account. The major viewers on the developers' oen websites should be safe but there are other websites that have modified versions - they often say things like "Professional Version" or things like that.

[Astrid Kaufmat]

prolly the link was to some web page that infected your pc. maybe a java possibly cause java is the fast way to make script kiddie and lamers love it.

I'd really suggest yo to uninstall in future the java virtual machine unless you really need it (it's full of holes more than a Swiss cheese ).

Make a new accout and turn the page. Stay safer and if it can help I give you some tips.

Don't use other viewers rather than SL linden lab viewer ( or if you need a third part viewer pick it from the officialwiki list) all the others not approved are lame software with keylogger inside.

Never trust in links.

Never touch nor open marketplace from links but let them tell you the name of the product and you look for it yourself if you can't decript it from the link they posted

never open directly youtube links but read them and take the last number after the sign = then paste them in a previous link that yourself opened on your borwser just exchanging those numbers after the =

Never visit if not necessary private blogs or sites ad if you do use proxies

if you open accounts elsewhere on private fora or sites and you use your SL name don't use the same password

never trusts in emails exchange (they can hide a lot of  bad stuff  in the headers and it's another exploitable wak point) open if you need those mails from another pc or a virtual space that you created just for that.

Remember that the hacker is never someone unknown but someone who apparentlycame to you  appearing or showing him/herself as a friend

A sage said "never trust those persons who say  I love you like a mother" the more they want to appear friendly the more they must be suspicious.

the "blonder"  and the clumsier a person appear to you ( or least tries to appear to you) the more suspicious should be to your eyes, especially if there is a mismatch with the studies that person  declares to do.

be skeptik and trust nobody

never give your friends your mail associated to the account you use

never let you guess private info, lie about your local area , job and anything that might be related to you.

Don't make your data easy to exploit for example using facebook: lie there too if you really need to have an account, just write the few that it's needed, possibly vague and talking by confusing riddles.

Anyway be also careful when you use facebook apps turn off java ( some apps there using java lately can be a tremendous threat).

Don't watch movies in world nor oyutube links posted on prims with the new features

Disable play automatic play media and disable play media attached to other avatars

Don't trust even shared music, but use your own compilations or look the title of the song they cast and if you don't know look for it yourself elsewhere.

It is also so pity that the new V3 would force people to use the goddam java ticked to see profies and stuff( of course they made it according to other games, prolly to make SL competitive with other stuff that actually runs on steam ,hence they ant to put SL there)t. Is it really a progress making what was working good without the java  a worse thing? Hovewer never mind this is a personal opinion about the Viever 3. I hope that some linden would read those 5 lines and prolly suggest in their community to fix the viewer 3 to make it safer and working without the java that is a terrible threat

[Perrie Juran]

---

Alkyone Myrtle wrote:

 I sent a ticket to the LL as soon as I got hacked. The one who did this sent me a link, I fooly clicked on it but my browser did not open any page and of course I did not give my password to anyone. The next instant, that very same lame person went into my ims and began to laugh at me, telling me we would meet again tomorrow and turned my avatar into a bunny. It was then when I realised what had happened. I tried to change password that precise moment but it was too late. I logged out and immediately submitted a ticket to the LL.

---

This I am not buying. 

The only place to change a password is on the web sight and you have to know first off someones password to log into the account and you have to re-enter  it in order to change it.  A malicious page whether it be a simple phishing page or one that installs a keystroke logger would still need to wait for you to enter your pasword in order for it to harvest it.

I am not saying that you did not get hacked. 

I do wonder if maybe you had previously fallen for a phishing link.  That would be a possibilty.  But what you stated above is not how it works.

 Phishing Scheme: Dont Click The Link