Wednesday, September 9, 2015

they said so, it doesn't need no explanation

So, carrying over from part one and part two, this is part three:
[11:41] Axx Sxxxxxxxxx: Well, LL would know, right? They'll have logs of what IP and MAC address the account has been signed onto from.
[11:41] Yxxxxx Rxxxxxxx: No someone who has been here for a good number of years and spreads phishing attempts in all is or her group is a stolen account. That is obvious.
And deeply puzzling.
[11:42] Axx Sxxxxxxxxx: Both old and new accounts are getting stolen, though, that only speaks to the relative level of ignorance.
[11:42] Axx Sxxxxxxxxx: And the fact that it has been happening for years, on many different accounts, it seems kind of silly to think that one given case is responsible for the whole lot of it.
[11:42] Yxxxxx Rxxxxxxx: And the thieves use a spoof to hide the IP and MAC. That is very simple.

[11:43] Axx Sxxxxxxxxx: That's if they're smart in what they're trying to do.
Depends on how many of them are getting caught, and unfortunately, we don't have access to those numbers.
[11:43] txxxxxxxxxxxxxxx Rxxxxxxx: IP can be manipulated, it is done all of the time on attacks to gov't and bank systems, the Pentagon is one of the most attacked systems in existence as but 1 example
[11:43] wxxxxxxxxxx Rxxxxxxx: my point is there is room for doubt as to whether accounts have ACTUALLY been hacked
[11:44] Yxxxxx Rxxxxxxx: Why would someone with so many years in SL would risk loosing their account?
[11:45] wxxxxxxxxxx Rxxxxxxx: who knows how others think?
And, as has been pointed out, all it takes is one moment of inattention to make a fatal error.
[11:45] gxxxxxxxx Rxxxxxxx: these scammers have unintentionally given up their account... not hacked.
Hacking is beyond your control. If you click a phishing link and provide your personal information, it's not a hack... you have been phished.
[11:45] Pxxxxxxx Exxxxxx: not necessarily [Axx]. at the height of the spam was controlled by two people with only 5-10 employees each. The worst spammer in the world was also the most prolific hacker whom hacked over 3000 accounts and controlled 1000 at any given time
[11:45] Yxxxxx Rxxxxxxx: Excatly [Gxxxxx].
"Excatly"? That's amusing.
[11:46] gxxxxxxxx Rxxxxxxx: Phishing is a slimy way to get ahold of other people's info :(
[11:46] Axx Sxxxxxxxxx: But still one of the most effective.

[11:46] txxxxxxxxxxxxxxx Rxxxxxxx: to a criminal it is a slick and easy way or would no longer be used
[11:47] Bxxxxx Fxxxxx: If you look, most of them are ESL. Also, if you are busy, you may not realize it's a phishing link. I've been in SL for 8 years and I accidentally hit one and put in my info without thinking about. I keep my dashboard page up so had my password changed about 10 seconds later, but all it takes is a moment on inattention.
And being vigilant all the time is draining. Emotionally draining, mentally taxing, and it tips us towards free-floating paranoia, which is not good for most of us.
[11:48] Yxxxxx Rxxxxxxx: The accounts in SL are stolen either because people fall for a very simple fake login page trap or because the have simple stupid passwords. Hacking is one case out of 10,000
[11:48] txxxxxxxxxxxxxxx Rxxxxxxx: it is based on reflexive actions for the most part
[11:48] 6xxxxxxxxxxxxxxxx Rxxxxxxx: and the people who im me about things i have no clue what they are on about just get shut down
[11:48] Axx Sxxxxxxxxx: It's someone casting a large net.
[11:48] txxxxxxxxxxxxxxx Rxxxxxxx: all you need are a few fish for a nice meal ;)
Here, fishy fishy...
[11:49] Yxxxxx Rxxxxxxx: It is based on stupidity of people. They don't even advertise for promoting a product these days. They just post a link. And because of the fear of missing out residents blindly rush for it!
Yeah, remember when spambots used to try to get you to click the link to get Lindens, or for a sale at a store? This one, they're not even bothering to that extent. Zero effort. Outright laziness, that is.
[11:49] Bxxxxx Fxxxxx: A well-known designer in SL got caught and had money transferred out. They got it back, but just that moment of inattention is all it takes.
[11:50] txxxxxxxxxxxxxxx Rxxxxxxx: it's based on reflexive nature of the common user
[11:50] Yxxxxx Rxxxxxxx: It more than inattention. And even then when you realize it is a trap if you change right away your data you are safe.
It's convenience, again. If it's convenient, we'll do it. See a link, click a link, it's safe because it's coming from a trusted store group, or a friend, or a social group, right? Save a lot of cases, it's just not.
[11:50] gxxxxxxxx Rxxxxxxx: sadly that's what the scammers are hoping for. accounts that acquire a lot of lindens or the ones that have payment info
[11:51] Axx Sxxxxxxxxx: I imagine it's all automated. Like they have scripts running on VPSes to log into bot clients with harvested accounts, and the clients are programmed to join groups and regurgitate the link.
[11:51] Yxxxxx Rxxxxxxx: They don't target specific accounts.
[11:51] txxxxxxxxxxxxxxx Rxxxxxxx: payment info is the golden nugget, cyber $ is not the true target.
[11:52] Axx Sxxxxxxxxx: Unless they launder it into non bot accounts.
[11:53] txxxxxxxxxxxxxxx Rxxxxxxx: there have been cash-out monitoring systems in place for several years now that Interpol and other crime-fighting orgs use to combat org crime syndicates
Yes, there are monitoring systems in place, both to observe transactions in real time, and in digital environments. But I'm still not sure Second Life is on Interpol's radar.
[11:54] txxxxxxxxxxxxxxx Rxxxxxxx: it is the payment info they really can't do much about once obtained
[11:57] Bxxxxx Fxxxxx: That's why I use Paypal to pay for my stuff. Adds an extra layer of security
[11:57] Yxxxxx Rxxxxxxx: Yes Paypal is free and an excellent protection.
[11:58] txxxxxxxxxxxxxxx Rxxxxxxx: i use refillable visa cards that have no link to my actual bank accounts
[11:58] mxxxxxxxxx Rxxxxxxx: great idea [Txxxxx]
[11:58] 6xxxxxxxxxxxxxxxx Rxxxxxxx: you know [txxxxx] it wouldnt let me use a gift visa card here
Depends on the company. Some companies' cards read as debit cards, because of how they set up their pay-in systems, and some online services don't deal in debit, only credit. Check with the companies you're interested in purchasing refillable cards with, to ensure they'd be accepted where you want them to be accepted. Also, make sure they don't have any hidden or delayed fees that could zap your budget later.
[11:59] Bxxxxx Fxxxxx: The phishing is a good part of why LL implemented the delay for transferring money out of SL. You used to be able to do it right away, now there's the 3 day delay.
[11:59] Sxxxxx Sxxxxxxxx: diamondgirl34 Comet has been ejected from '[store group]' by Sxxxxx Sxxxxxxxx.
Yay, owner to the rescue!
[11:59] Sxxxxx Sxxxxxxxx: sorry i was afk girls

[11:59] wxxxxxxxxxx Rxxxxxxx: np :)

Indeed not. The deed was done, we're happier for it.

And from yet ANOTHER group:
[11:34] diamondgirl34 Comet: http:// marketplace second life 000977 .my3gb .com/ 09345/ secondlife. htm
[11:34] Cxxxxxxxx Sxxxxxxxx: dont click that omg
[11:35] cxxxxxxxxxxxxx Rxxxxxxx: [f*ck] i almost did
[11:35] Kxxxxx Dxxxxxx: wow this has hit all my groups
[11:35] cxxxxxxxxxxxxx Rxxxxxxx: i didnt even realize
[11:35] cxxxxxxxxxxxxx Rxxxxxxx: i thought it was someone answering me lol
[11:35] cxxxxxxxxxxxxxx Rxxxxxxx: yeah I almost clicked too but then realized it wasn't [store group's] owner
[11:36] Cxxx Txxxxxxxxx: Just block the user, report for phishing links and move on. Chances are it will steal your password if you login to that website.
[11:36] dxxxxxx Rxxxxxxx: omg Oo
[11:45] pxxxxxxxxxxxx Rxxxxxxx: I got sent something by someone at the shop. It says "tsg 50% OFF"
[11:45] pxxxxxxxxxxxx Rxxxxxxx: it's a box, decline it if you get it.
I've heard the same trick's occurring with random offers of gift cards, for stores that don't offer them generally. Now, to be fair, to my way of thinking, someone I don't know tosses me a box or a folder for no reason, purporting to be a gift card for the store I'm in? And I know it's not a store employee or owner? I'm going to decline it. But others may not think about it that much; may, even, think of it as a kind gesture, or a great deal on one of the store's products. And, since most gift cards are used by attaching them...well, I have yet to know how an attachment can drain Lindens from your account UNLESS you give permission for that attachment to access your Lindens, so there's that. But if you agree to give the attachment access to your Lindens, then all bets are off.
[11:45] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: Yeah I just got one but at COCO
[11:46] axxxx Jxxxx: delete it it's probably a hacking tool :X
[11:46] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: Oh I'm sure it is. I muted the person right away
[11:46] pxxxxxxxxxxxx Rxxxxxxx: oh I deleted and blocked the user
[11:46] pxxxxxxxxxxxx Rxxxxxxx: boots something
[11:46] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: BootsGift
Almost right.

What I want to know is, was that particular account gathered in the wide phishing net, too, or did some spammer set up that one? Hard to tell from the name.
[11:46] pxxxxxxxxxxxx Rxxxxxxx: blank profile and everything
[11:46] pxxxxxxxxxxxx Rxxxxxxx: yeah that's it
[11:46] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: I believe
[11:47] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: Wait no
[11:47] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: The one here was
[11:47] pxxxxxxxxxxxx Rxxxxxxx: gonna let my groups know about it
[11:47] mxxxxxxxxxxxxxxxxxx Rxxxxxxx: BootTheGift Resident
That's the one. Also, that one's been mentioned in a post previously, as well.

And to tie things up:
[12:42] Txxxxxx Sxxx: it safe?
I will never not be haunted by that film. Anyway.
[12:42] rxxxxxxxxxxxxxx Rxxxxxxx: its never safe in here
[12:42] Jxxxx Kxxxx: compared to what?
[12:42] Wxxxxxxxxxxx Pxxxxx: What kind of question is that?
[12:43] ixxxxxxxxxxx Rxxxxxxx: Honey, this is SL. May as well be Thunderdome. XD
[12:43] Kxxx Mxxxxxxxxx: NEVER... RUN for your life
All good points, frankly.
[12:43] Txxxxxx Sxxx: half my groups had spam phishing attacks today
Yep. I figure, if it's a group, and it's free to join, diamondgirl has spammed it. Be careful out there, gentles.

No comments: