Jump to content

Scam Alert - Please Becareful

benchthis

By benchthis,
in General Discussion Forum

 Share
You are about to reply to a thread that has been inactive for 399 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Silent Mistwalker

Silent Mistwalker

Posted
Posted (edited)
3 hours ago, Rolig Loon said:

If you choose MFA, you don't have to use a mobile phone or get text messages. There are several free apps that will handle MFA codes right on your computer. I use Authy myself.  

No, thank you.

By that I mean I don't use anything anyone on the internet recommends. There have been those cases where it was a scam. Not that you would do such a thing. I just have my ways that work for me.

Edited by Silent Mistwalker
Link to comment
Share on other sites
  • Replies 272
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Solar Legion
Solar Legion

Its a generic, LSL scripted input dialog - it doesn't care what Viewer the target is using. It can be customized to state it is part of any Viewer. One of the reasons I find this so incredibly la

Qie Niangao
Qie Niangao

I'm going to dive deep here, so apologies in advance for how fiddly this gets. The objective is to see if there's something special about this situation (including the textbox, but broader too) that i

Alwin Alcott
Alwin Alcott

don't click things that you don't know, is still a very wise advice...   but the same with links.. you'll always find people who do... "i am hacked "....noo you clicked" 

Posted Images

Silent Mistwalker

Silent Mistwalker

Posted
Posted
1 hour ago, EliseAnne85 said:

Sorry, I must not be explaining this right.  I said it could send a message to a phone with a one-time code for people who would opt-in and have a phone to do it with.

My original thought in my post that I wrote was send a one-time code message...or something?   When I wrote or something? (I meant something else not yet known as this is not a real plan - but not a phone as the "or something?" which I meant something else).     Anyhow, if you don't understand what I'm suggesting, it's not a big deal because it's not a real plan.  It was hypothetical.  

I got that. Bu you don't offer anything for those who don't have cellphones? That I do not get.

Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
14 minutes ago, Silent Mistwalker said:

I got that. Bu you don't offer anything for those who don't have cellphones? That I do not get.

I know that's why I put a ?  Meaning, there would need to be something else too or instead of because of people who don't have cell phones.  But, make it opt-in anyways.

I, personally, would love a wallet where (those of us with phones who opt-in) get a call with a one-time code we put in at checkout or spending inworld.  It's easy and it's fast and our linden balance would NOT show inworld in any viewer.  

Since there are so many people who do have phones I was suggesting this could help overall, even those who don't have a wallet because either they don't have a phone nor want a wallet, because (most) lindens would not be stored in the viewers and this might deter hackers/scammers altogether.  IOW, most of the SL community might opt-in and scammers wouldn't get much out of trying to get lindens through the viewers.  

The only other thing I can think of to where our linden balance would not show inworld is that our linden balance has to be accessed by another password.  And, then once we put that password in inside the viewer, our linden balance would show.  

I'd like to have a way to hide my lindens and/or not have them in the viewer at all but not have to cash in and out, in and out, just to hide our lindens.  

Edited by EliseAnne85
  • Sad 1
Link to comment
Share on other sites
Love Zhaoying

Love Zhaoying

Posted
Posted
23 minutes ago, EliseAnne85 said:

I know that's why I put a ?  Meaning, there would need to be something else too or instead of because of people who don't have cell phones.  But, make it opt-in anyways.

I, personally, would love a wallet where (those of us with phones who opt-in) get a call with a one-time code we put in at checkout or spending inworld.  It's easy and it's fast and our linden balance would NOT show inworld in any viewer.  

Since there are so many people who do have phones I was suggesting this could help overall, even those who don't have a wallet because either they don't have a phone nor want a wallet, because (most) lindens would not be stored in the viewers and this might deter hackers/scammers altogether.  IOW, most of the SL community might opt-in and scammers wouldn't get much out of trying to get lindens through the viewers.  

The only other thing I can think of to where our linden balance would not show inworld is that our linden balance has to be accessed by another password.  And, then once we put that password in inside the viewer, our linden balance would show.  

I'd like to have a way to hide my lindens and/or not have them in the viewer at all but not have to cash in and out, in and out, just to hide our lindens.  

That's what MFA already is/does. One-time verification "as needed", from phone or PC. 

Link to comment
Share on other sites
Silent Mistwalker

Silent Mistwalker

Posted
Posted
38 minutes ago, EliseAnne85 said:

I know that's why I put a ?  Meaning, there would need to be something else too or instead of because of people who don't have cell phones.  But, make it opt-in anyways.

I, personally, would love a wallet where (those of us with phones who opt-in) get a call with a one-time code we put in at checkout or spending inworld.  It's easy and it's fast and our linden balance would NOT show inworld in any viewer.  

Since there are so many people who do have phones I was suggesting this could help overall, even those who don't have a wallet because either they don't have a phone nor want a wallet, because (most) lindens would not be stored in the viewers and this might deter hackers/scammers altogether.  IOW, most of the SL community might opt-in and scammers wouldn't get much out of trying to get lindens through the viewers.  

The only other thing I can think of to where our linden balance would not show inworld is that our linden balance has to be accessed by another password.  And, then once we put that password in inside the viewer, our linden balance would show.  

I'd like to have a way to hide my lindens and/or not have them in the viewer at all but not have to cash in and out, in and out, just to hide our lindens.  

Making MFA, or whatever you want to call it, opt in completely defeats the purpose of making it mandatory. 

I'm not even sure why I bother these days since the way things are going it will be impossible for me to be online. Having to have a freaking cellphone just to be able to log on to the internet is just around the corner. Not no, but HELL NO.

  • Thanks 1
Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
41 minutes ago, Love Zhaoying said:

That's what MFA already is/does. One-time verification "as needed", from phone or PC. 

It's not that easy when one uses a token.  It's tedious.  Why not one call just direct to my phone with a one-time code when I want to make a purchase?  

Or, for those who don't want tokens nor phone, what about the Lindens have another password we have to enter to access our linden balance?  That sounds fast and easy too.

Plus, Love, I'm talking about something else...I'm talking about the lindens not being in the viewer at all but rather in a wallet.  A virtual wallet.

Edited by EliseAnne85
  • Confused 1
  • Sad 1
Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted
27 minutes ago, Silent Mistwalker said:

Making MFA, or whatever you want to call it, opt in completely defeats the purpose of making it mandatory. 

I'm not even sure why I bother these days since the way things are going it will be impossible for me to be online. Having to have a freaking cellphone just to be able to log on to the internet is just around the corner. Not no, but HELL NO.

No, I think it should be opt-in period.  I don't think it should be mandatory.   Sorry, if you got that impression.  It's been 50 things at once for me today and I still about 35 things to do to go, so I was writing in a rush.

As far as those who have qualms about the internet, it's a beast at times.

My ex was hacked twice.  The first people got his credit card and bought eight beds.  My family didn't even have anywhere near eight people in it, let alone a place to store eight beds and all kinds of other weird things they purchased.  So, the credit card company reimbursed us. Then, he was hacked again.  My ex was never much into computers and really didn't pay attention to what he was doing when he was on it.  He was reckless, downloading free music - which I think was part of the problem.  I had a different computer. 

But, with AI, hacking could become stronger.  All I can think of about all this stuff with bots and hacking is "Yikes" - this is real money and this has been a headache.  

However, we discuss these issues but it's getting tiresome now.  So, I'll just take it or leave it.  I'd rather have my lindens in a place offline from the viewers in a wallet though, tbh.    

Link to comment
Share on other sites
Silent Mistwalker

Silent Mistwalker

Posted
Posted

Just how many hoops do people have to jump through to have access to their own stuff!? 10? 20? Next, you'll be wanting to password/token/wtfever protect our inventories so that we have to provide 10 different security question answers before we can even open Inventory, much less change anything. 

Where do you draw the line? Just how far do you think protecting people from themselves should be taken? When will it be enough? When there is no one left because by the time you get done verifying everything, it's time to log out and go to bed so you can go to work the next day and do it all over again? Thank you, no.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites
Arielle Popstar

Arielle Popstar

Posted
Posted
1 hour ago, EliseAnne85 said:

The only other thing I can think of to where our linden balance would not show inworld is that our linden balance has to be accessed by another password.  And, then once we put that password in inside the viewer, our linden balance would show.  

I'd like to have a way to hide my lindens and/or not have them in the viewer at all but not have to cash in and out, in and out, just to hide our lindens.  

Ok I think I get what you are talking about and think it is a valid point. Basically having a petty cash account in the viewer and then a main account in a Tilia wallet that can't be accessed from the Viewer so that in the case of being hacked or compromised, the perp cannot get a hold of the main account to milk it dry.

Certainly a valid thing for those who have an inworld business where they can deposit their income that isn't intended to be cashed out but is still protected from being accidently phished and L$ account cleaned out.

  • Thanks 1
Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
14 minutes ago, Arielle Popstar said:

Certainly a valid thing for those who have an inworld business

Exactly.  But, also I am saving my lindens right now for something.  I will spend little bits here and there but mostly I'm saving for a large purchase so the lindens just sit there in the viewer.  I'd rather move the ones I'm saving into a wallet because I spend my lindens on SL.  I only cashed out once into fiat my entire SL.  But, those of us who may be saving for a large SL purchase it would be better to put them in a wallet than have them in the viewer.  And, what else I am saying is that storing our lindens offline in a wallet could deter anyone from wanting to pull this scam again or a different scam because the lindens are not in the viewers because my thinking is most (businesses anyways) may move their lindens into their wallet until they do want to cash out as each cash out has a fee.  But, I don't even want to cash out, I just want to save them until I do want to use them for SL purchases.  

Edited by EliseAnne85
  • Like 1
Link to comment
Share on other sites
MoiraKathleen

MoiraKathleen

Posted
Posted
1 hour ago, EliseAnne85 said:

Exactly.  But, also I am saving my lindens right now for something.  I will spend little bits here and there but mostly I'm saving for a large purchase so the lindens just sit there in the viewer.  I'd rather move the ones I'm saving into a wallet because I spend my lindens on SL.  I only cashed out once into fiat my entire SL.  But, those of us who may be saving for a large SL purchase it would be better to put them in a wallet than have them in the viewer.  And, what else I am saying is that storing our lindens offline in a wallet could deter anyone from wanting to pull this scam again or a different scam because the lindens are not in the viewers because my thinking is most (businesses anyways) may move their lindens into their wallet until they do want to cash out as each cash out has a fee.  But, I don't even want to cash out, I just want to save them until I do want to use them for SL purchases.  

I don't know what would be different about a digital wallet for linden dollars than how LL is currently storing them.  They are not stored "in a viewer". 

I definitely would not want to have to enter another password or look on another device for a code every time I want to spend linden dollars.  

  • Like 3
Link to comment
Share on other sites
Ayashe Ninetails

Ayashe Ninetails

Posted
Posted
13 hours ago, Silent Mistwalker said:

I'm not even sure why I bother these days since the way things are going it will be impossible for me to be online. Having to have a freaking cellphone just to be able to log on to the internet is just around the corner. Not no, but HELL NO.

I'm with you on this. I have to keep re-activating my phone every 6-8 months or so with an entirely new number - that's how often I forget I even own the thing.

Not to mention, SMS and phone codes and all that mess aren't even secure, either. Authentication apps (Authy, etc.) are the way to go for now, though the best setup I ever had was a bank that sent me a physical device to generate codes. Funny enough, I got tired of using the thing after a handful of times, but then, I'm not protecting Scrooge McDuck's fortune over here or anything. 😄

  • Like 2
Link to comment
Share on other sites
Love Zhaoying

Love Zhaoying

Posted
Posted
13 hours ago, EliseAnne85 said:
14 hours ago, Love Zhaoying said:

That's what MFA already is/does. One-time verification "as needed", from phone or PC. 

It's not that easy when one uses a token.  It's tedious.  Why not one call just direct to my phone with a one-time code when I want to make a purchase?  

Or, for those who don't want tokens nor phone, what about the Lindens have another password we have to enter to access our linden balance?  That sounds fast and easy too.

Plus, Love, I'm talking about something else...I'm talking about the lindens not being in the viewer at all but rather in a wallet.  A virtual wallet.

There are also "text/SMS" authentication methods where all you have to do is respond from your cellphone..click a link in the message, etc.   Is that really difficult?

Link to comment
Share on other sites
Istelathis

Istelathis

Posted
Posted

My wallet was an alt, I would send them the rental linden I had to secure on a monthly basis so I would not spend it.  I don't use it anymore, but if I wanted to I could just make the account MFA and essentially have what is being asked for.  I don't think all viewers require MFA at this point, but eventually that will be the case for those who opt for MFA enabled so it is essentially what you are asking for.

A bank alt is pretty common in MMORPGs, usually for extra storage, but for handling finances as well.  For convenience, you could just have MFA for your bank alt, and for your main use just the password.  When you wanted to transfer funds you would have to log into a separate instance with your alt, using MFA, and transfer the funds to your main.

  • Like 4
  • Thanks 1
Link to comment
Share on other sites
Silent Mistwalker

Silent Mistwalker

Posted
Posted
1 hour ago, Istelathis said:

My wallet was an alt, I would send them the rental linden I had to secure on a monthly basis so I would not spend it.  I don't use it anymore, but if I wanted to I could just make the account MFA and essentially have what is being asked for.  I don't think all viewers require MFA at this point, but eventually that will be the case for those who opt for MFA enabled so it is essentially what you are asking for.

A bank alt is pretty common in MMORPGs, usually for extra storage, but for handling finances as well.  For convenience, you could just have MFA for your bank alt, and for your main use just the password.  When you wanted to transfer funds you would have to log into a separate instance with your alt, using MFA, and transfer the funds to your main.

Bank alts are actually very common in SL and have been for more than 15 years.

  • Like 2
Link to comment
Share on other sites
Zalificent Corvinus

Zalificent Corvinus

Posted
Posted
3 hours ago, EliseAnne85 said:

First of all, I said it was opt-in.

Bad ideas are still bad ideas when opt-in, especially when it's the kind of bad idea whose cultists will later demand it become opt-out, then no option at all..

3 hours ago, EliseAnne85 said:

And yes, it is easier to have a wallet.  And, let me clarify this, with a one-time code sent to one's phone for checkout, it's easier.  I was trying to think of something else? because Silent asked what that might be but I don't know.  It's mostly done with a code sent to one's phone.  Enter the 6 numbers and checkout and done.  

Easy: Click the vendor, it says "price 500 L$, click ok, done.

Less Easy: Click the vendor, it says "price 500 L$" you click ok, and "WARNING: Tin-Foil-Hat-Club Multi Effing Annoying Arseware will now send a 6 digit number to your phone, please wait for this number to arrive, then manually enter it into your viewer, to authenticate that you are really you and really want to spend 500 L$ on that dress", scream in dismay, click cancel, log out of SL, never return.

See, you are, as usual, wrong, authentication codes are NOT easier.

3 hours ago, EliseAnne85 said:

Oh, and btw, millions and millions of people have "wallets" with other companies.  Even Paypal offers one.  So, you are factually incorrect.  Or millions and millions of people using wallets every day are insane, only according to you.  

Millions of people have digital wallets on other systems, systems that are NOTHING like SL, the problem isn't the wallet part, the problem is the "Multi Effing Annoying Spam Your Phone With Codes And Waste Your Time" that you want to inflict on us to be allowed to spend 2 effing dollars of our own money in an inworld store.

 

2 hours ago, Love Zhaoying said:

There are also "text/SMS" authentication methods where all you have to do is respond from your cellphone..click a link in the message, etc.   Is that really difficult?

That's still "Multi Effing Annoying" time and effort wasting, that many of us do not want, kill it, kill it with fire.

 

Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted
1 hour ago, Istelathis said:

My wallet was an alt, I would send them the rental linden I had to secure on a monthly basis so I would not spend it.  I don't use it anymore, but if I wanted to I could just make the account MFA and essentially have what is being asked for.  I don't think all viewers require MFA at this point, but eventually that will be the case for those who opt for MFA enabled so it is essentially what you are asking for.

A bank alt is pretty common in MMORPGs, usually for extra storage, but for handling finances as well.  For convenience, you could just have MFA for your bank alt, and for your main use just the password.  When you wanted to transfer funds you would have to log into a separate instance with your alt, using MFA, and transfer the funds to your main.

Yes, I know.  I've thought of it and will probably set it up.   

Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
11 minutes ago, Zalificent Corvinus said:

Less Easy: Click the vendor, it says "price 500 L$" you click ok, and "WARNING: Tin-Foil-Hat-Club Multi Effing Annoying Arseware will now send a 6 digit number to your phone, please wait for this number to arrive, then manually enter it into your viewer, to authenticate that you are really you and really want to spend 500 L$ on that dress", scream in dismay, click cancel, log out of SL, never return.

First of all, I never said this was a formal idea.  I'm not a Linden nor a mole.  I work for free here.   If we ever do have a wallet, and I suspect we probably will with Tilia as an option, I suggested 500 linden before needing to enter a one-time phone code in order to spend because I work for free here and didn't want to type the whole thing out such as user could set limit and blah, blah, blah.  However, again, it was NOT a formal idea.  It was a free idea where I added a question mark, meaning perhaps others have a better idea.  Plus, I was also thinking one could set up their limit such as 500, 1000, 1500, etc before they are sent a one-time code to enter.

And, why would they scream if it's opt in?  Plus, I have one wallet that lets you stay logged in as per your choice up to 30 days.  So, there is lots of variety.  

I think you need to get over it, especially this 2 dollar dress thing, as I never presented it as a formal idea at all.  

This is a place for free feedback and networking.  I think you way over-react to things people say in a place that is an exchange of informal ideas.  If I had a formal idea, I'd present it to LL, not here.

Edited by EliseAnne85
  • Haha 1
Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
9 minutes ago, Zalificent Corvinus said:

It doesn't matter that your damn idea was 'opt in' as the kind of people who like and support MFAA spam like your idea, will eventually demand it be mandatory.

And why scream? Because it's YOU telling ME

I personally don't like multi-factor token idea either so I never spoke of it.  I was speaking more of a prompt when you hit checkout (but I really wanted to say where user sets limit before code is sent) and then ding your phone gets the message, it's in plain sight to see (for those of us with good enough eyesight) then enter the six numbers and hit checkout again and done.  It takes under two minutes probably as it's very fast, imo.  

Any post on a network messaging board is just people sharing informal ideas about things.

The world is changing and AI is getting stronger.  I'd like my lindens to be not seen nor accessible in the viewer.  That doesn't mean LL will act on my post.

There is room for alternatives that don't have to be forced.  Paypal offers a wallet.  It is not forced.  It's for those who wish to store things such as cash for instance.

 

Edited by EliseAnne85
  • Haha 1
Link to comment
Share on other sites
EliseAnne85

EliseAnne85

Posted
Posted (edited)
6 minutes ago, Zalificent Corvinus said:

Heads up...

"a prompt when you hit checkout (but I really wanted to say where user sets limit before code is sent) and then ding your phone gets the message, it's in plain sight to see (for those of us with good enough eyesight) then enter the six numbers"

IIS a DAMN 

"multi-factor token idea"

The 6 digit number you have to read off your damn phone and type into a box in SL, is the sodding MFA token, that you keep claiming you dislike, while repeatedly demanding that we use one.

This is why I state that NONE of your posts contain anything a SANE person can agree with.

No, that's not true.  Mine is more the original 2fa.  MFA is different.  Look them both up on the internet.  2fa and MFA are two different things.  I read an article on them.  Now you are telling me the article that said MFA is more safe than 2fa plus a lot of other things separating the two was entirely wrong?  MFA is stronger than 2FA.  They are different.  But, my idea was more the original 2fa because it's faster.  

If you don't want to be on a phone at all...well, it's not my problem and you are screaming like a Karen having a meltdown at someone who isn't making you have mandatory anything and it's just nonsense.  Please stop.

Edited by EliseAnne85
  • Haha 1
Link to comment
Share on other sites
Ayashe Ninetails

Ayashe Ninetails

Posted
Posted

Phone-based 2FA is not secure. Phones can be lost, stolen, sim hacked and hijacked, yeeted into the sun, etc.

 

15 minutes ago, EliseAnne85 said:

I personally don't like multi-factor token idea either so I never spoke of it.  I was speaking more of a prompt when you hit checkout (but I really wanted to say where user sets limit before code is sent) and then ding your phone gets the message, it's in plain sight to see (for those of us with good enough eyesight) then enter the six numbers and hit checkout again and done.  It takes under two minutes probably as it's very fast, imo.

I would absolutely hate this. It's also not secure, so it's added hassle for nothing. See above.

We already have MFA for our accounts and it's entirely opt-in (for now). I can't see needing anything else at the moment.

  • Like 1
Link to comment
Share on other sites
CaithLynnSayes

CaithLynnSayes

Posted
Posted

/me quietly walks by flashing these pages:

Now go get your panties twisted in a bunch on those. :D 

Almost this whole thread has been on how to take away functionality, and now how to make it more annoying to log in or do a transaction. Yet the blatantly obvious just won't be accepted by the loudest voices here. Do Not Randomly Put Your Passwords In!

  • Like 2
  • Thanks 1
Link to comment
Share on other sites
Jaylinbridges

Jaylinbridges

Posted
Posted

xPMNg8kT6Ag4il0#l@kA@17dxs@7E8nRa3%k$#DN8IwRNsX63e

That's not my password, but mine is like that - so hack that.  I can remember the first 4 characters on a good day :)

Main problem is losing where it is stored, so I need multiple backup locations in case  my city gets hit by a giant flaming meteor. 

  • Haha 2
Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 399 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...