[10:48] Lxxxxxx Rxxxxxxx: *** NEW STORE GACHA ***I always wonder, too--this instant hyperbolic reaction, the ALL CAPS hysteric responses--I mean, really, who's actually falling for this? Only people nearly too stupid to breathe, right?
[10:48] Txxxxx Lxxx: affsMarketplace: [altervista address redacted]
*** TMP - MAITREYA - CATWA ***
[10:48] Nxxxxxxxxxxx Rxxx: FOR NEWBIES DO NOT TOUCH LINK
[10:48] oxxxxxxxxx Rxxxxxxx: DONT CLICK HACK!!!
Turns out I was wrong, as the rest of the conversation makes plain.
[10:49] Gxxxxxxxx Pxxx: altervista is the dead give awayIt always is.
[10:49] Hxxxxx Dxxxx: dumb question but what does it do after you click itThis one's stupidly simple. Again, as shown below, that link leads the user to a mock-up of the Second Life login screen. If you're stupid enough to type in your SL user name and your password at that point, then congratulations: you have enabled these scammers in stealing everything they can from you. It's your own damn fault.
[10:50] Nxxxxxxxxxxx Rxxx: hacks ure acct usually and takes ure lindenBut only because you've let them, by typing in your password to an unsafe site.
[10:50] lxxxxxxxxxxxx Rxxxxxxx: Hack yo account and drain your money.Basically. There is no, I REPEAT, NO hack or access scam existing in SL where you're given an object and spontaneously lose all your Lindens, or have your inventory emptied, or get logged out and blocked from your account. That's purely urban legend. The same with this--none of these sites on their own can do much, without your help.
[10:50] Kxxx Sxxxxxxxx: nothing .. you get a website that you need to register your account name and password .. THERE is where your lose your account
[10:50] Hxxxxx Dxxxx: wow sounds scary. I dont usually click on random links myself but never quite knew what it didYep. And it's not at all hard to tell the difference between an actual Second Life link and one of the altervista links. For one, "altervista" is in the name.
[10:50] Pxxxxxxx Mxxxxxxx: for instance, [Lxxxxxx] was probably an innocent person that clicked the link, now her account belongs to them
[10:52] Exxxx Mxxxxxxxxx: But they should put name and password there? If not, nothing happensRight, but I still had no clue why anyone would blithely click a link so clearly a scam.
[10:52] kxxxxxx Rxxxxxxx: https://marketplace.secondlife.com/
[10:53] kxxxxxx Rxxxxxxx: this will always be the MP link, note the HTTPS
[10:53] kxxxxxx Rxxxxxxx: that means its the actual secure link to log on MP
[10:54] kxxxxxx Rxxxxxxx: clicking the link does nothing in itself, you log into their site and they get your info and can log into your account and steal your lindens
[10:54] Hxxxxx Dxxxx: Yea but its a pretty typical thing to pull on someone because inexperience makes them be easier targets
[10:54] Nxxxxxxxxxxx Rxxx: exactly which is why i responded fast as i did
[10:54] kxxxxxx Rxxxxxxx: well yeah ppl see "free gift" and dont pay attentionI do, but only because some (say, maybe three to five of the sites I log into these days) are still coded in HTTP protocol, and Chrome always warns me if I want to proceed to the 'insecure' page.
[10:55] kxxxxxx Rxxxxxxx: I never log into any site that does not have https
[10:56] Hxxxxx Dxxxx: Had an older lady at my work have a warning pop up on her computer that she clicked and said she had been infected and to call this number and they had her up to giving her ip address and other personal information before she started realizing something wasnt quite right, especially when they asked for her banking information so she could "pay for their services"Yeah, a lot of the RL scammers target the elderly, it's vile.
[10:56] Kxxx Sxxxxxxxx: nonsense ..http// is just an older version hyperlink .. https// is the newer hyperlink versionWhich I guess is valid, it just seems a lot of hyperbolic freaking out with little reason.
[10:56] Exxxx Mxxxxxxxxx: So, if someone gave you but did not put a password, do not worry: o)
[10:56] kxxxxxx Rxxxxxxx: https means it is a secure link
[10:57] Kxxx Sxxxxxxxx: pls don't spread panic if you know nothing about it... the mainrule is still the best rule .. don't click links from unknown people! -- feel free to file an AR for Linden Lab about this Lnk poster ..
[10:58] kxxxxxx Rxxxxxxx: Im not spreading panic, I am warning people not to log into fake links
[10:58] Kxxx Sxxxxxxxx: and i didn't type your name ;)Pretty much.
[10:59] Hxxxxx Dxxxx: I was just explaining how inexperience can make one an easy target
[10:59] kxxxxxx Rxxxxxxx: and called my info nonsense .....
[11:00] Hxxxxx Dxxxx: I think what she meant by the usage of nonsense, was that if something isnt HTTPS it isnt technically immediately called into question
[11:01] kxxxxxx Rxxxxxxx: Instead of HyperText Transfer Protocol (HTTP), this website uses HyperText Transfer Protocol Secure (HTTPS). Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.Mostly. There are ways to get around that, but it's on the hacker's side--they have to deliberately target the site and their stored info, which is one of the ways we hear about data breaches; it's nearly always accessing the stored data, it's nothing we do as end users.
Then, only about half an hour later, came this from a separate group:
[14:20] nxxxxxxxxxxxxxxxxxxx Rxxxxxxx: NEW STORE GACHAThey really were. And it's been happening for a couple days now. Another thing of note: this isn't a legacy account. She doesn't have a last name, so this is someone new to SL who definitely should know better.
[14:21] rxxxx Txxx: wow they are hitting every store
TMP - MAITREYA - CATWA
[14:21] lxxxx Rxxxxxxx: no ,, trapAnd an obvious one, yes.
[14:21] Sxxxxxxxxxxxxx Rxxxxxxx: again,lol
[14:21] Axxxx Axxxxxxxx: PHISH PHISH PHISHObviously, the scam is still working, so as long as it's working, there's no incentive to stop. Somewhat like gold spammers in MMOs.
[14:21] Sxxxxxxxxxxxxx Rxxxxxxx: idiot
[14:21] Sxxxxx Gxxxxxxx: no ma'am
[14:21] Cxxxxxxxxxx Axxxx: SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM
[14:21] Rxxxxx Dxxxxxxxx: sure is....and they still have the nerved.
[14:21] Zxx Bxxxxxx: no abran!The blocking is better just for us not having to see these posts, the reporting is to send the Lindens enough evidence for them to consider banning the account--about all they can do on their end.
[14:21] Rxxxxx Rxxxxxx: don't click
[14:21] Sxxxxx Nxxxxxxxx: I blocked her and please everyone report her
[14:21] rxxxx Txxx: dont click thatIt's usually a different avi, but there are apparently still people falling for this stupidity, so they've always got more to cycle through.
[14:21] Sxxxxx Nxxxxxxxx: the more people who report her, the better chance they will do something about it
[14:21] Emilly Orr: Blocked.
[14:21] Cxxxxxxxxxx Axxxx: Same SPAM was hitting all the groups all day yestersay
[14:22] Pxxxxxxx Pxxxxxx: different avi this time
[14:22] rxxxx Txxx: it was a different avi 10 minurtes ago in other storesObviously. They all are.
[14:22] Lxxxxxxx Bxxxxxx: quite a lot of new scammers to block and report ...
[14:25] Cxxxxxxxxxx Axxxx: It's a hacked account
[14:41] Cxxxxxxxxxx Axxxx: muteAnd here we have proof that people are still falling for these things. I was seriously thinking it had to be some kind of inactivity tracker, since most of the accounts are old enough to know better, but now here's Miss S proving me wrong. People should know this by now. Obviously, not everyone does.
[14:41] Sxxxxx Hxxxxxxxxxx: No https, don't click.
[14:42] Axxxxxxx Mxxxx: Whats with these spammers today.... DON'T OPEN the link pls.
[14:43] Sxxxxxxx Rxxxxxxx: I already opened it...
[14:43] Sxxxxxxx Rxxxxxxx: will it damage my new computer?Good, good.
[14:43] Emilly Orr: Not if you close it and don't fill out any information.
[14:44] Emilly Orr: Also, for future reference: "altervista" does not exist. Anywhere. So it's an obvious scam.
[14:44] Sxxxxxxx Rxxxxxxx: i closed
[14:44] Sxxxxxxx Rxxxxxxx: it just opened up the log in place for SLAnd again, it's still baffling to me that anyone does fall for this.
[14:44] Emilly Orr: No, it didn't.
[14:45] Emilly Orr: It opened a mock-up of the login page. It's not the login page for SL.
[14:45] Emilly Orr: Once they get your username and password, they can hack your account easily.
[14:45] Mxxxxxxx Mxxxx: Never click on links unless you know an owner or manager posted it. Never ever! :)Yeah, pretty much. Never, ever click on links unless you're absolutely sure where they lead. Good rule for the net at large, actually.
No comments:
Post a Comment