Wednesday, September 9, 2015

you say you don’t spook easy, you won’t go

When last seen, we were discussing diamondgirl's phishing attempts earlier. This excerpt comes from a different group entirely:
[11:32] diamondgirl34 Comet: http:// marketplace second life 000977 .my3gb .com/ 09345/ secondlife. htm
Same statement, likely copy-pasted, which I have again separated out into component parts because I don't want anyone clicking it.
[11:33] wxxxxx Rxxxxxxx: scam
Obviously. But even without that clue, at this point in the day, many group members in many groups had seen this enough to recognize it as spam.
[11:33] Sxxxxx Oxxxxx: wow again
[11:33] Hxxxx Bxxxxxxxx: It has been nonstop today
[11:34] Axxxx Xxx: dont click it
[11:34] ixxxxxxxxxx Rxxxxxxx: everyone's just reporting and blocking the people doing it
[11:35] Txxx Gxxxxxxx: scam dotn click
"Don't". It was likely a slip of the fingers, but...
[11:35] dxxxxxxx Rxxxxxxx: Ban the lowlife scammer.
[11:35] Sxxxxx Oxxxxx: they just dont stop
[11:35] Yxxx Sxxxxxxx: no, don't click bad bot
Bad bot! No data!
[11:35] txxxxxxxxxxxxxxx Rxxxxxxx: not "EVERYone" there is always 1-2 or more that click onto links out of reflex
Unfortunately. You can hand people all the information in the world, and people will still make mistakes. It's a harsh, cold world out there, and we do what we can, but in the end, it only takes a single moment of not paying attention to have your world yanked out from under you.
[11:35] Yxxxxxxx Cxxxxx: you can tell its a scam because it should be https://marketplace... without the S its not secure as the regular good site is
[11:36] sxxxxxxxxxx Rxxxxxxx: I'm sure that link was post in Blacklace as well
Probably. I'm not in the Blacklace group, so I wouldn't know, but it seems highly likely. Might have even been the same avatar.
[11:36] Txxx Gxxxxxxx: sorry my msg come late
[11:36] bxxxxxxx Rxxxxxxx: seems to be turning up in a number of places
[11:36] Txxx Gxxxxxxx: dang so much scam today
[11:36] sxxxxxxxxxx Rxxxxxxx: i could tell it was a scam due to the .my3db.com bit
Well, again, obviously.
[11:36] jxxxxxxxxxxx Rxxxxxxx: they can put fake self signed certificate if they want
[11:36] Axxxxx Fxxxxxxxx: Also, looking at the spammer's profile, that is a hacked account, since it's over 8 years old
Seriously, how are they getting their hands on old accounts?? Newbies I can buy, but oldbies, they should definitely know better...right?

Right?
[11:36] Yxxxxxxx Cxxxxx: hopefully more people are getting wise to it though and are learning what to look out for
[11:37] Axxxxx Fxxxxxxxx: Most spam link accounts are newbie accounts, less than 2 months old
[11:37] sxxxxxxxxxx Rxxxxxxx: i honestly hope so, i hate to see anyone get scammed
[11:37] 6xxxxxxxxxxxxxxxx Rxxxxxxx: its like thinking you won the nigerian lottery
[11:38] Axxxxx Fxxxxxxxx: I have a feeling that the original owner of that account got scammed, they got the person's account info and now using their group memberships to spam
Also quite likely.
[11:38] Yxxxxx Rxxxxxxx: It is not enough to click the link. You have to enter you name and password in the fake login page. So really you have to be careless to get trapped.


Well, to a point. I mean, the fellow that had the one-letter Twitter account got hacked solely because the hacker wanted that one-letter account. It smacks a bit too much of rape apology thinking to say that if he hadn't had that one-letter Twitter account, he wouldn't have gotten hacked, because that's unfair to the situation. He also had non-complex passwords and did much of his business in the Cloud, downloading and uploading through various devices. There were many mistakes made, most of them either to make his personal life easier when on the road, or to increase his business productivity by allowing these interconnections between his devices. But for every device or app that makes life easier in our data-rich world, there's another potential security breach.
[11:39] Axx Sxxxxxxxxx: It's just a constant chain of hijacked accounts.
[11:40] wxxxxxxxxxx Rxxxxxxx: or "alleged" hacked accounts
[11:40] Axx Sxxxxxxxxx: How could it not be?
[11:40] wxxxxxxxxxx Rxxxxxxx: easy to say they have been hacked as it can't be proven otherwise
Okay, there's that, but why would someone say they've been hacked if they haven't been ha....Oh, never mind, I'm being naïve. Carry on.
[11:40] txxxxxxxxxxxxxxx Rxxxxxxx: depends on how tech savvy the criminals are, if very sophisticated there are ways i wont discuss for obvious reasons that can put not just SL ID at risk, but ANY other accounts you access with that specific computer
[11:40] wxxxxxxxxxx Rxxxxxxx: unless you do an IP search
Don't make IP the next Grail. IP addresses can be reconfigured, spoofed, and set aside in various ways at this point. It's no longer the be-all and end-all.

And, as this one's getting long again, chopping the commentary here, to commence anew in part three.

No comments: