Post by Patjade on Jan 11, 2003 8:40:53 GMT -5
I found an article about the scam in Pink Poogle toy, on the main page (Thanks to Yukio there for posting it, I hope he doesn't mind my borrowing it and posting it here):
Be very careful about this latest scam, because unlike other scams, it is very ingenious and will take your account information without you knowing. What it does, is by using a little bit of javascript, it will steal your cookies and thus effectively, your password and username to all your neopets accounts will be known. This javascript will usually be inserted into webpages. The following is a story of what is happening:
The details of my hacking story had been posted in PPT's forum. However something that remarkable was how it happened so fast. It was one of PPT forum's mods who gave me a link to a web, described as a new Neodaq site last night, once you click on it, it transports you to a different page with broken images of stocks, moreover, another tiny new window popped up that you might think it's a commercial. By the next morning, I found out all my money were gone, and the loose of some ultra rare items. However someone informed me that that mod herself was also hacked last night, which led me to believe the hacker used a chain hacking system. And the most suspicious thing was, the targets seem to focus on lots of battedome raters and PPT mods or other decent battlers. So guys, do take care of you account, and never open any links from your neomail(no matter who the sender was) that you never seen before.
Note from JohnM: You need to go to Windows Update (http://windowsupdate.microsoft.com/) and download all the security updates, that should prevent this from happening. From what I hear this exploits a security hole in IE to steal your cookie from a popup.
How To Stop This Scam
1. Firstly, go to Windows Update and download the security updates for Internet Explorer. If you haven't done so, upgrade your IE immediately.
2. Do not open any links given to you in a NeoPet Chat environment. If you do and a window pops up, change your password immediately.
3. If you have downloaded all security updates, you should be fine either way.
4. If you have not downloaded the security updates, always double check the link someone gives you by hovering over the link or right clicking and selecting properties.
5. Avoid NeoPets related chats and do not open any Neo Related links to you via email etc.
Hopefully this will put a stop to this new scam. Yukio
Be very careful about this latest scam, because unlike other scams, it is very ingenious and will take your account information without you knowing. What it does, is by using a little bit of javascript, it will steal your cookies and thus effectively, your password and username to all your neopets accounts will be known. This javascript will usually be inserted into webpages. The following is a story of what is happening:
The details of my hacking story had been posted in PPT's forum. However something that remarkable was how it happened so fast. It was one of PPT forum's mods who gave me a link to a web, described as a new Neodaq site last night, once you click on it, it transports you to a different page with broken images of stocks, moreover, another tiny new window popped up that you might think it's a commercial. By the next morning, I found out all my money were gone, and the loose of some ultra rare items. However someone informed me that that mod herself was also hacked last night, which led me to believe the hacker used a chain hacking system. And the most suspicious thing was, the targets seem to focus on lots of battedome raters and PPT mods or other decent battlers. So guys, do take care of you account, and never open any links from your neomail(no matter who the sender was) that you never seen before.
Note from JohnM: You need to go to Windows Update (http://windowsupdate.microsoft.com/) and download all the security updates, that should prevent this from happening. From what I hear this exploits a security hole in IE to steal your cookie from a popup.
How To Stop This Scam
1. Firstly, go to Windows Update and download the security updates for Internet Explorer. If you haven't done so, upgrade your IE immediately.
2. Do not open any links given to you in a NeoPet Chat environment. If you do and a window pops up, change your password immediately.
3. If you have downloaded all security updates, you should be fine either way.
4. If you have not downloaded the security updates, always double check the link someone gives you by hovering over the link or right clicking and selecting properties.
5. Avoid NeoPets related chats and do not open any Neo Related links to you via email etc.
Hopefully this will put a stop to this new scam. Yukio
