SL Swindle Message

I just got this message from my estate owner. Does anyone know anything about this?

"IMPORTANT WARNING: to all members . It is communicated that a serious swindle is in course on Second Life: an invitation with a link is received, if we accept it the avatar is stolen . The persons who take possession of the avatar obviously take possession of all the powers and also of the data of the credit card. The name to watch for is : C... L..., who joins groups at random. She just sent the link to over 20 groups thru chat then quit the groups."

All I know is it is going around most of my groups..

I really do not understand how an avatar can be stolen accepting a link... would love to hear an official statement.

Black Magic?

It most likely means that somebody's out to smear C.L.'s reputation, and is spreading vicious rumors.

Or it could be a real warning (unlikely. I don't know of any exploit that will actually "steal your avatar", including your registration info.)

In either case, you should never accept objects from people you don't know, or visit websites that sound suspicious, or open strange email attachments, or ever, ever, ever give anyone or anything permission to debit your account, or respond to urgent messages to visit PayPal or eBay or your bank's website and re-enter your personal information.

its a chain letter like thing cause the exploit has been patched( this goes back i think a few years) since then. it supposedly recorded your keystrokes, and stole your info.

this latest one is just a "chain-letter" type message to see how long it takes to get back to you.

I don't see how such a thing could be even remotely possible. However, I will wait for someone with a lot more knowledge to say one way or another.

Looks to me like one of those messages where the message itself is intended to create a panic among the residents but really has no validity.

/me wonders it there's a Snopes for SL.

C.... L.....?

erm...

Cunning Linden?

Oooh that kinda sounds like something else. *sniggers*.

If its an external link, how could this be patched? Any site that you grant access to certain abilities would be able to do this, and any site that you put your information into can easily then steal your account. Its similar to the Myspace account 'ad hacking' where you click an ad and see what appears to be the myspace login. You put in your account and password, and then it goes on to something else, but they've then stored that information.

This is not something that's 'patchable', this is something real that happens with almost any type of account in the world that somebody sees potential profit from.

The basic way to protect yourself is this:

--If someone gives you a link, and you don't trust them, don't even click it. Doing that much is enough to do some serious damage to your computer. (Although normally its just spyware or adware, these ad up and kill your machine, and can steal valuable information)

--If you DO trust the person, and go to the link, and it asks for your account info AT ALL, then make sure its a Secondlife website. If it doesn't have Secondlife.com in it, then it is not. Also, if it has an IP address (Looks like 127.0.0.1:8000 or similar) anywhere in the web address, it is most likely not safe. If you see this from someone you trust, tell them immediately of your suspicions.

Be safe, and don't think that you are exempt from the very real danger of things like this! They can gain access to every almost aspect of your life this way, and destroy everything you've worked for in your life!

I think a few people missed it...

Basically, the problem was using a URL to launch SecondLife to automatically connect to a different login server, assuming you have your password saved so it's entered automatically, and a fix was released a month or longer ago.

I was JUST thinking the same thing.

Snopes has saved me countless embarrassing moments. Sadly that left me with thousands more to my name.

What is Snopes?

snopes.com

Its an urban legend reference page.. debunks or proves them sometimes, explains origins, etcetera

thank you Day

im not saying its not a real threat Okiphia, but this particular one was fixed. i never click on a link from ANYONE i do not know personally. and to cause needless panic over something that was taken care of as Day said, months ago is not cool.

THIS particular "chain im" is just that, a chain letter type game to see how fast it gets back to the originator.

Snopes.com is the best site to go to to find out the latest internet threats and scams. it also reports on the origins, threat level, and how to avoid phishing scams as well.

That's the one.
Unless there's some new similar exploit, then this has ben started by someone who just heard about the above.

"Steals your avatar", "control of your CC" etc. are just another way of saying "Gets your password".

No one will ever get my password. It's Figtree spelled backwards followed by the number 42.

/me hurries to change her password

===
Oh and Snopes: I decided to look. The most recent under Internet is from 2002? Wait, that is just the top one. Most user unfriendly thing I've seen. Have no idea how you use this website.

http://www.snopes.com/photos/animals/polardog.asp