Dec 30, 2007, 12:48 AM // 00:48
|
#21
|
Hall Hero
|
Quote:
Originally Posted by fRag_Doll
The scam is actually a link to a fake login page for the forums, which records your username and password.
It's based on the fact that many people use the same info for their forum and game accounts.
|
At least the same rule applies: Trust your links!
Thankfully, all my passwords are different due to the fact that I bash my face against the keyboard to generate my passwords.
|
|
|
Dec 30, 2007, 01:00 AM // 01:00
|
#22
|
Krytan Explorer
Join Date: Jun 2007
Location: Australia
Guild: Oz
Profession: E/R
|
Thanks for the heads up will keep an eye out.
But who is dumb enough to use the same logging info here for GW your only asking for trouble
if you do that.
Play safe.
|
|
|
Dec 30, 2007, 01:02 AM // 01:02
|
#23
|
Site Legend
|
I do! I do!
Steal it..don't care lol I have 3 accounts last time I checked. GW accounts are cheaper then a girl at the local cattle market.
__________________
Old Skool '05
|
|
|
Dec 30, 2007, 01:08 AM // 01:08
|
#24
|
Grotto Attendant
Join Date: Dec 2005
Location: Beyond the Forest of Doom, past the Cavern of Agony... on Kitten & Puppy Island
Guild: Soul of Melandru [sOm]
Profession: W/E
|
Quote:
Originally Posted by Malice Black
Steal it..don't care lol I have 3 accounts last time I checked. GW accounts are cheaper then a girl at the local cattle market.
|
I'm lonely.
Where do you live?
|
|
|
Dec 30, 2007, 01:35 AM // 01:35
|
#25
|
Forge Runner
Join Date: Aug 2006
Location: Canada bro.
Profession: A/D
|
They can phish all they want.
Im an endangered species....and you cant phish endangered species =P
Anyways TY for the heads up
|
|
|
Dec 30, 2007, 01:37 AM // 01:37
|
#26
|
Desert Nomad
Join Date: Nov 2005
Location: Eh I forget... o_O
Guild: Biscuit of Dewm [MEEP]
Profession: R/
|
Yeah Indie our board was hit by some script kiddies about a month ago if even that. Our board was crashed for several hours till Red found the script error. I was highly pissed!
The fact of the matter is, you can BAN them all you want but if they are true script kiddies then they have an IP router, meaning that they will just pop up on different IPs over and over doing the same crap. Just be careful about having too much info in your profiles and such as well.
|
|
|
Dec 30, 2007, 01:46 AM // 01:46
|
#27
|
Forge Runner
Join Date: Nov 2005
Location: Character selection screen figuring what I want to play...
Guild: Purple Lingerie - :D
|
Quote:
Originally Posted by Stormlord Alex
I'm lonely.
Where do you live?
|
off topic much? lol
|
|
|
Dec 30, 2007, 04:13 AM // 04:13
|
#28
|
Frost Gate Guardian
|
Quote:
Originally Posted by Eviance
Yeah Indie our board was hit by some script kiddies about a month ago if even that. Our board was crashed for several hours till Red found the script error. I was highly pissed!
The fact of the matter is, you can BAN them all you want but if they are true script kiddies then they have an IP router, meaning that they will just pop up on different IPs over and over doing the same crap. Just be careful about having too much info in your profiles and such as well.
|
if you're smart you can stop that
google is your friend
|
|
|
Dec 30, 2007, 04:42 AM // 04:42
|
#29
|
Krytan Explorer
Join Date: Feb 2006
Guild: The Arctic Marauders [TAM]
|
Thanks a bunch for the tip!
|
|
|
Dec 30, 2007, 05:16 AM // 05:16
|
#30
|
Wilds Pathfinder
Join Date: Oct 2006
Location: USA
Guild: Picnic Pioneers[asian characters]
Profession: E/Mo
|
Quote:
Clearly, it seems GW script kiddies have mastered the fine art of copying page source. Terrible danger, indeed.
|
possibly the best post ever on this forum. ever.
but in all seriousness... why didnt i think of this?
|
|
|
Dec 30, 2007, 05:20 AM // 05:20
|
#32
|
Wilds Pathfinder
Join Date: Oct 2006
Location: USA
Guild: Picnic Pioneers[asian characters]
Profession: E/Mo
|
Quote:
Originally Posted by fRag_Doll
The scam is actually a link to a fake login page for the forums, which records your username and password.
It's based on the fact that many people use the same info for their forum and game accounts.
|
a.k.a. a keylogger, but not in the highly inacurate sense portrayed by the media.
you dupe a page(i.e. copy paste), and you embed your own script that sends the nice cleartext password to a hard drive somewhere.
host guiidwarsguru.com or soemthing like that... and voila!
its really possibly the most simple scam ever.
|
|
|
Dec 30, 2007, 05:24 AM // 05:24
|
#33
|
Site Contributor
Join Date: Jan 2006
Profession: R/
|
Thanks for the tip Inde
__________________
"Even if the morrow is barren of promises,
nothing shall forestall my return."
|
|
|
Dec 30, 2007, 05:28 AM // 05:28
|
#34
|
Krytan Explorer
Join Date: Sep 2006
Location: Pennsylvania
Profession: E/
|
Quote:
Originally Posted by fRag_Doll
The scam is actually a link to a fake login page for the forums, which records your username and password.
It's based on the fact that many people use the same info for their forum and game accounts.
|
Still tho, what a LOL idea. Same passwords. I use many different password layers. 2 for forums, and minor sites. 2 layers for business sites like newegg/GWs, 2 layers for high-risk sites like paypal/ebay/bank etc. All ranging from mid-high, to high-extreme-wtf-high-i-cant-remember-my-effing-password
|
|
|
Dec 30, 2007, 05:46 AM // 05:46
|
#35
|
Wilds Pathfinder
Join Date: Oct 2006
Location: USA
Guild: Picnic Pioneers[asian characters]
Profession: E/Mo
|
Quote:
Originally Posted by HayesA
Still tho, what a LOL idea. Same passwords. I use many different password layers. 2 for forums, and minor sites. 2 layers for business sites like newegg/GWs, 2 layers for high-risk sites like paypal/ebay/bank etc. All ranging from mid-high, to high-extreme-wtf-high-i-cant-remember-my-effing-password
|
that whole password strength thing is something to not get totally bought into. alpha-numeric passwords with one symbol:
1example!
are (depending on how many keyboard symbols are allowed) 46(or more) to the power of the password length
46^(1example!=9 characters)=
922190162669056 possibilities
dont go crazy, just remember examples like that show how damn near impossible it is to lose an account to things like brute force password cracking.
|
|
|
Dec 30, 2007, 10:22 AM // 10:22
|
#36
|
So Serious...
Join Date: Jan 2007
Location: London
Guild: Nerfs Are [WHAK]
Profession: E/
|
Quote:
Originally Posted by jaeharys targaryen
dont go crazy, just remember examples like that show how damn near impossible it is to lose an account to things like brute force password cracking.
|
The art of brute force attack escapes you it seems. It's not about stupidly trying all possibilities, but "tree pruning", i.e. guiding the exhaustive exploration of the password space. Even if you don't use for your GW account the same password as for GWG, a cracker will use the second to guess the first. Anyway, don't think that "l33t ub3r" is a good password .
And don't forget to run an antivirus, a firewall (out if possible) and update your windows every month. Security is a harsh matter, you only learn how bad it can be when you lose something worth. (and if you're rich like Malice Black, give me your money! )
|
|
|
Dec 30, 2007, 12:18 PM // 12:18
|
#37
|
Major-General Awesome
Join Date: Aug 2005
Location: Aussie Trolling Crew HQ - Event Organiser and IRC Tiger
Guild: Ex Talionis [Law], Trinity of the Ascended [ToA] ̖̊̋̌̍̎̊̋&#
Profession: W/
|
I feel sorry for people who fall for phishing. It's always so obviously fake. Guru is never going to ask you for your details, hell, they're never gonna ask you to go to a link. And if they were, they'd use a Global Announcement, like the current Phishing one. If you fall for this, you should have Internet lessons...
|
|
|
Dec 30, 2007, 12:23 PM // 12:23
|
#38
|
Desert Nomad
Join Date: Aug 2007
Location: Your backline
Profession: W/
|
Thanks for the warning.
|
|
|
Dec 30, 2007, 01:33 PM // 13:33
|
#39
|
Desert Nomad
Join Date: May 2006
Guild: Organised Spam [OS]
Profession: W/
|
Quote:
Originally Posted by fenix
Guru is never going to ask you for your details
|
Err...I have to give Guru my username and password everytime I login....which from what I understand is how this website works, it looks like guru, you try to login to in and bam your password is whisked away to someones hard drive.
|
|
|
Dec 30, 2007, 03:12 PM // 15:12
|
#40
|
Wilds Pathfinder
Join Date: Oct 2006
Location: USA
Guild: Picnic Pioneers[asian characters]
Profession: E/Mo
|
Quote:
Originally Posted by fenix
I feel sorry for people who fall for phishing. It's always so obviously fake. Guru is never going to ask you for your details, hell, they're never gonna ask you to go to a link. And if they were, they'd use a Global Announcement, like the current Phishing one. If you fall for this, you should have Internet lessons...
|
you miss the point of this totally. guru has already asked you for your details when you registered. i'll quote myself:
Quote:
a.k.a. a keylogger, but not in the highly inacurate sense portrayed by the media.
you dupe a page(i.e. copy paste), and you embed your own script that sends the nice cleartext password to a hard drive somewhere.
host guiidwarsguru.com or soemthing like that... and voila!
its really possibly the most simple scam ever.
|
it looks the same. and judging from the content of your post, you'll be the first to fall for it.
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 01:41 PM // 13:41.
|