stands outside my window, sucking on the berries, and eats us out of house and home

This is a snippet of chat from two different groups, but for once, the group is less important than the first message. These scammers are everywhere right now. There's a lot of sudden hacked accounts. And considering it's not even changed from the last iteration of this--'gacha' added for 'new dress', essentially--one has to wonder how they're getting access. I mean, you'd think everyone would know that by now.

[10:48] Lxxxxxx Rxxxxxxx: *** NEW STORE GACHA ***

Marketplace: [altervista address redacted]
FREE GIFT
*** TMP - MAITREYA - CATWA ***

[10:48] Txxxxx Lxxx: affs
[10:48] Nxxxxxxxxxxx Rxxx: FOR NEWBIES DO NOT TOUCH LINK
[10:48] oxxxxxxxxx Rxxxxxxx: DONT CLICK HACK!!!

I always wonder, too--this instant hyperbolic reaction, the ALL CAPS hysteric responses--I mean, really, who's actually falling for this? Only people nearly too stupid to breathe, right?

Turns out I was wrong, as the rest of the conversation makes plain.

[10:49] Gxxxxxxxx Pxxx: altervista is the dead give away

It always is.

[10:49] Hxxxxx Dxxxx: dumb question but what does it do after you click it

This one's stupidly simple. Again, as shown below, that link leads the user to a mock-up of the Second Life login screen. If you're stupid enough to type in your SL user name and your password at that point, then congratulations: you have enabled these scammers in stealing everything they can from you. It's your own damn fault.

[10:50] Nxxxxxxxxxxx Rxxx: hacks ure acct usually and takes ure linden

But only because you've let them, by typing in your password to an unsafe site.

[10:50] lxxxxxxxxxxxx Rxxxxxxx: Hack yo account and drain your money.
[10:50] Kxxx Sxxxxxxxx: nothing .. you get a website that you need to register your account name and password .. THERE is where your lose your account

Basically. There is no, I REPEAT, NO hack or access scam existing in SL where you're given an object and spontaneously lose all your Lindens, or have your inventory emptied, or get logged out and blocked from your account. That's purely urban legend. The same with this--none of these sites on their own can do much, without your help.

[10:50] Hxxxxx Dxxxx: wow sounds scary. I dont usually click on random links myself but never quite knew what it did
[10:50] Pxxxxxxx Mxxxxxxx: for instance, [Lxxxxxx] was probably an innocent person that clicked the link, now her account belongs to them

Yep. And it's not at all hard to tell the difference between an actual Second Life link and one of the altervista links. For one, "altervista" is in the name.

[10:52] Exxxx Mxxxxxxxxx: But they should put name and password there? If not, nothing happens
[10:52] kxxxxxx Rxxxxxxx: https://marketplace.secondlife.com/
[10:53] kxxxxxx Rxxxxxxx: this will always be the MP link, note the HTTPS
[10:53] kxxxxxx Rxxxxxxx: that means its the actual secure link to log on MP
[10:54] kxxxxxx Rxxxxxxx: clicking the link does nothing in itself, you log into their site and they get your info and can log into your account and steal your lindens
[10:54] Hxxxxx Dxxxx: Yea but its a pretty typical thing to pull on someone because inexperience makes them be easier targets
[10:54] Nxxxxxxxxxxx Rxxx: exactly which is why i responded fast as i did

Right, but I still had no clue why anyone would blithely click a link so clearly a scam.

[10:54] kxxxxxx Rxxxxxxx: well yeah ppl see "free gift" and dont pay attention
[10:55] kxxxxxx Rxxxxxxx: I never log into any site that does not have https

I do, but only because some (say, maybe three to five of the sites I log into these days) are still coded in HTTP protocol, and Chrome always warns me if I want to proceed to the 'insecure' page.

[10:56] Hxxxxx Dxxxx: Had an older lady at my work have a warning pop up on her computer that she clicked and said she had been infected and to call this number and they had her up to giving her ip address and other personal information before she started realizing something wasnt quite right, especially when they asked for her banking information so she could "pay for their services"

Yeah, a lot of the RL scammers target the elderly, it's vile.

[10:56] Kxxx Sxxxxxxxx: nonsense ..http// is just an older version hyperlink .. https// is the newer hyperlink version
[10:56] Exxxx Mxxxxxxxxx: So, if someone gave you but did not put a password, do not worry: o)
[10:56] kxxxxxx Rxxxxxxx: https means it is a secure link
[10:57] Kxxx Sxxxxxxxx: pls don't spread panic if you know nothing about it... the mainrule is still the best rule .. don't click links from unknown people! -- feel free to file an AR for Linden Lab about this Lnk poster ..
[10:58] kxxxxxx Rxxxxxxx: Im not spreading panic, I am warning people not to log into fake links

Which I guess is valid, it just seems a lot of hyperbolic freaking out with little reason.

[10:58] Kxxx Sxxxxxxxx: and i didn't type your name ;)
[10:59] Hxxxxx Dxxxx: I was just explaining how inexperience can make one an easy target
[10:59] kxxxxxx Rxxxxxxx: and called my info nonsense .....
[11:00] Hxxxxx Dxxxx: I think what she meant by the usage of nonsense, was that if something isnt HTTPS it isnt technically immediately called into question

Pretty much.

[11:01] kxxxxxx Rxxxxxxx: Instead of HyperText Transfer Protocol (HTTP), this website uses HyperText Transfer Protocol Secure (HTTPS). Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

Mostly. There are ways to get around that, but it's on the hacker's side--they have to deliberately target the site and their stored info, which is one of the ways we hear about data breaches; it's nearly always accessing the stored data, it's nothing we do as end users.

Then, only about half an hour later, came this from a separate group:

[14:20] nxxxxxxxxxxxxxxxxxxx Rxxxxxxx: NEW STORE GACHA

Marketplace: [again, link redacted because it was the same damned link, they're not even bothering to change it up]
FREE GIFT
TMP - MAITREYA - CATWA

[14:21] rxxxx Txxx: wow they are hitting every store

They really were. And it's been happening for a couple days now. Another thing of note: this isn't a legacy account. She doesn't have a last name, so this is someone new to SL who definitely should know better.

[14:21] lxxxx Rxxxxxxx: no ,, trap
[14:21] Sxxxxxxxxxxxxx Rxxxxxxx: again,lol

And an obvious one, yes.

[14:21] Axxxx Axxxxxxxx: PHISH PHISH PHISH
[14:21] Sxxxxxxxxxxxxx Rxxxxxxx: idiot
[14:21] Sxxxxx Gxxxxxxx: no ma'am
[14:21] Cxxxxxxxxxx Axxxx: SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM
[14:21] Rxxxxx Dxxxxxxxx: sure is....and they still have the nerved.

Obviously, the scam is still working, so as long as it's working, there's no incentive to stop. Somewhat like gold spammers in MMOs.

[14:21] Zxx Bxxxxxx: no abran!
[14:21] Rxxxxx Rxxxxxx: don't click
[14:21] Sxxxxx Nxxxxxxxx: I blocked her and please everyone report her

The blocking is better just for us not having to see these posts, the reporting is to send the Lindens enough evidence for them to consider banning the account--about all they can do on their end.

[14:21] rxxxx Txxx: dont click that
[14:21] Sxxxxx Nxxxxxxxx: the more people who report her, the better chance they will do something about it
[14:21] Emilly Orr: Blocked.
[14:21] Cxxxxxxxxxx Axxxx: Same SPAM was hitting all the groups all day yestersay
[14:22] Pxxxxxxx Pxxxxxx: different avi this time

It's usually a different avi, but there are apparently still people falling for this stupidity, so they've always got more to cycle through.

[14:22] rxxxx Txxx: it was a different avi 10 minurtes ago in other stores
[14:22] Lxxxxxxx Bxxxxxx: quite a lot of new scammers to block and report ...
[14:25] Cxxxxxxxxxx Axxxx: It's a hacked account

Obviously. They all are.

[14:41] Cxxxxxxxxxx Axxxx: mute
[14:41] Sxxxxx Hxxxxxxxxxx: No https, don't click.
[14:42] Axxxxxxx Mxxxx: Whats with these spammers today.... DON'T OPEN the link pls.
[14:43] Sxxxxxxx Rxxxxxxx: I already opened it...

And here we have proof that people are still falling for these things. I was seriously thinking it had to be some kind of inactivity tracker, since most of the accounts are old enough to know better, but now here's Miss S proving me wrong. People should know this by now. Obviously, not everyone does.

[14:43] Sxxxxxxx Rxxxxxxx: will it damage my new computer?
[14:43] Emilly Orr: Not if you close it and don't fill out any information.
[14:44] Emilly Orr: Also, for future reference: "altervista" does not exist. Anywhere. So it's an obvious scam.
[14:44] Sxxxxxxx Rxxxxxxx: i closed

Good, good.

[14:44] Sxxxxxxx Rxxxxxxx: it just opened up the log in place for SL
[14:44] Emilly Orr: No, it didn't.
[14:45] Emilly Orr: It opened a mock-up of the login page. It's not the login page for SL.
[14:45] Emilly Orr: Once they get your username and password, they can hack your account easily.

And again, it's still baffling to me that anyone does fall for this.

[14:45] Mxxxxxxx Mxxxx: Never click on links unless you know an owner or manager posted it. Never ever! :)

Yeah, pretty much. Never, ever click on links unless you're absolutely sure where they lead. Good rule for the net at large, actually.