Jump to content
You are about to reply to a thread that has been inactive for 3710 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Several friends of mine were suddenly posting advertisement in several group. They were showing online in the Friend List, but I was sure they were sleeping. One even tried to get online in SL, but got a message that they were already online....

This was the msg that was send:

Free Lindens! Welcome All Second Life Players!
You can earn up to $750L for each survey that you complete!
Click on any of the surveys below to get started!
click the link to start winning
http://lindensforfree.noads.biz

My friends got several angry IMs in their mailbox why they were posting such crap in their group, some were even ejected from groups.

I advise ppl to change their password at least once a week... But to one friend it happened twice in 1 week...

How is this possible?

 


Link to post
Share on other sites

 


Essie Radford wrote:

Several friends of mine were suddenly posting advertisement in several group. They were showing online in the Friend List, but I was sure they were sleeping. One even tried to get online in SL, but got a message that they were already online....

This was the msg that was send:

Free Lindens! Welcome All Second Life Players!

You can earn up to $750L for each survey that you complete!

Click on any of the surveys below to get started!

click the link to start winning

My friends got several angry IMs in their mailbox why they were posting such crap in their group, some were even ejected from groups.

I advise ppl to change their password at least once a week... But to one friend it happened twice in 1 week...

How is this possible?

 



If they have never shared their passwords with anyone, then I suspect a connection to some alt detection tool that requires they login to an external site.

 

Link to post
Share on other sites

It could also depend on their email.   Fortunately, my SL account wasn't linked to it, but my hotmail account got hacked a while back.  Password was NOT an easy one, so there was no reason they should have gotten into it... except that it was hotmail. :smileytongue:  Fortunately, it's just my junk mail/mailing lists email and they hadn't gotten around to changing my security question...

Or they used a third party site, using the same password for it as their SL account, with the same email addy and everything.  I've known people who do this and it's a nightmare to explain to at least have a different password for their email, SL and other sites!

Your friends should try an immediate password change, and if that fails, report the accounts as hacked.  LL will then put the account on administrative hold pending verification.  It's better if they can do it the moment you notice the account is online without you..  You're less likely to lose stuff, like L$ balance. 

LL is trying it's best to ban the people like this, but it's harder to do because there are several workarounds that allow the abusers/hackers right back on. 

 

Link to post
Share on other sites

Good chance that he has a spyware and/or "spammer" already know the password for the email to see what new password he changed for his SL account.

 

Tell him stop joinning 3rd party stuff with same email and same password. This happens a lot for non-geek users.

Link to post
Share on other sites

just because you tell people to change their password every week does not mean they do, or do it inteligentlly.

some will use the same password for everything... bad idea....only do that for things you don't care about (like throwaway services that require you to sign up for something you'll only ever use once)

important things, like anything with the ability to collect money or spend your money, gets it's own password.

 

although if it's happened twice in one week to this friend, my suspicion is that A) someone has access to their computer (either in RL, or via a keyloger or other trojan software, especially if they have other recent accounts broken into) or B) they're full of it and really are spamming this crap to get a few L$ (you'd be suprised how many people do that voluntarily)

 

Link to post
Share on other sites

In another words...  You must be this tall (I.Q. level of 110) to ride safely on the net.

 


Masta Thor wrote: I read that you should also make your passwords at least 12 characters long and include symbols. It's hard to remember but it will make you safer. 

It's not matter of how hard is it to remember, the more you use it, the better you remember it anyway.  Not just symbols but use numbers and Capital letters. However, as time passes, we would be required to have more than 12 characters and it'll keep on growing.  I remembered things used to start out requiring 4 characters...  Went from 4 to 6 to 8 to 12 so far.

My advice is... pick a password that you can remember, even if it doesn't make any sense...  but longer than 22 characters long instead. Why more than 20?  because it would take a computer over a trillion years to crack it.

Give it a try. http://howsecureismypassword.net/

Even it would take a computer thousands years to crack a stupid 20 characters long password like this "12345678901234567890"

 

Go long!

 

Link to post
Share on other sites

Hope your friends account are ok, what could also happen is, someone they talk to, usually could be someone posing as a girl, will tell them they will send them a pic, and of course men usually jump to the opportunity of a pic, they take the pic, and the pic doesnt open, or so they think, when they press it, unfortunately they got a virus, a back door is opened and they can do watever in their computers, do not accept anything or do not press external links to sites you do not know

Link to post
Share on other sites

Password strength is all well and good but it is over rated.

Passwords are just door locks.  The main thing is to have a lock and use it.  If someone is targeting you specifically no matter how "strong" your password is, is can be cracked.  The whole point is to make it not worth the hacker's time. 

Given a list of account names, a hacker can be certain of at least partial success by attempting to log on to each account sequentially using the most common passwords.  Don't use those passwords because they are like leaving your door unlocked.  "Password" is a bad password.  Likewise "123456" or any other form of running numbers.  You know hackers have a list of account names.  We can see those names right here where you post!  Any simple search will net a legion of  account names to try.  You KNOW that hackers have your account name; don't give them the other half of your login for free.  You can use your mother's maiden name or a computer generated random string of 16 alpha-numeric characters and get the same results.

And finally, just like you don't hand out keys to your door to just anyone you meet, do not give your password to other people INCLUDING ANY INTERNET FORUM!!  Even if you trust the people running the forum, that site could be hacked by someone else entirely.  It is always wise to keep a healthy level of paranoia when doing anything on the internet.

Link to post
Share on other sites

 


Vincent Nacon wrote:

It's not matter of how hard is it to remember, the more you use it, the better you remember it anyway.

 

I put the number/symbol parts into macros. I trigger the macro, then I type the alpha part. I get the best of both -- easy to remember the word part and I don't have to remember the symbol part. Keyloggers can't catch it either because the whole thing is never typed on the keyboard.

 

Link to post
Share on other sites
You are about to reply to a thread that has been inactive for 3710 days.

Please take a moment to consider if this thread is worth bumping.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...