How to Protect Yourself From Second Life Phishing Scam

This is a nice article that everybody should read it. I found it on Phoenix’s Viewer web page, but before  for those who doesn’t know what it is “Phishing” or “Scam”, let’s introduce the definitions:

Phishing:

“Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,  and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Phishing is an example of social engineering techniques used to deceive users,  and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

Scam (Confidence trick):

A confidence trick is an attempt to defraud a person or group by gaining their confidence. A confidence artist is an individual operating alone or in concert with others who exploits characteristics of the human psyche such as dishonesty and honesty, vanity, compassion, credulity, irresponsibility, naivety and greed.

A confidence trick is also known as a con game, con, scam, grift, hustle, bunko, bunco, swindle, flimflam, gaffle, or bamboozle. The intended victims are known as marks. The perpetrator of a confidence trick is often referred to as a confidence man or woman, con man or woman, con artist or grifter.

Confidence tricks exploit typical human characteristics such as greed, dishonesty, vanity, honesty, compassion, credulity, irresponsibility, desperation and naïveté. As such, there is no consistent profile of a confidence trick victim, the common factor is simply that the victim relies on the good faith of the con artist.

Victims of investment scams tend to show an incautious level of greed and gullibility, and many con artists target the elderly, but even alert and educated people may be taken in by other forms of confidence trick.

Here’s the article from Phoenix Viewer Web Page:

Phishing scams in Second Life

There has been an increase in Phishing attempts in the last couple weeks and a lot of people have fallen for them and lost their Second Life Accounts.

Phishing in SL is mainly the act of tricking a user into giving their login and password information through fake yet convincing Second Life login webpages.

Here is how it works. 
– Someone posts a link and sometimes text to entice you to click it, sometimes this can be a friend or someone you know (because they’ve already had their accounts hacked).
– You click the link and it takes you to what looks like a Second Life Login screen.
– You log in using your SL Username and PW.
– You’ve just been Phished and given someone your SL Login information. They can now log into your SL account, take your money, destroy your SL Property, delete your inventory.. etc etc etc.

How to avoid being Phished

If you have clicked a link, and it takes you to a login page of some kind, no matter how much it looks real… DO NOT LOG INTO IT YET!

FIRST, look at the URL very carefully. The Linden Lab Login URL is

https://id.secondlife.com/

If it does NOT start with https://id.secondlife.com/, then it is not a real Second Life login web page. Do not log into it, and DO file an abuse report on the person who sent the link. From the Help menu, Report Abuse.

If you are unsure, go to http://secondlife.com and click on the “LOGIN” at the top right. That will take you to the legit login page which starts with https://id.secondlife.com. Log into that page, then follow the link.. if the link still takes you to a log in widget.. it’s totally a scam.

Immediately

– Go to http://www.secondlife.com
– Click the LOGIN link at the top right and enter your login information.
– On the right is a link called “Account” click it!
– Then click “Change Password” and change your password right away.

Please, protect your accounts. Think 3 times before entering your login information. Always check the URL.”

I would like to congratulate to Jessica Lyon for this article, this is really interesting and everybody should take care about.

P.D: But also not only take care about where you put your login, be carefull what you accept (gifts or presents) or which groups you join (some groups send invitations with charges).

Advertisements