Suspicious IM's
|
|
Tod69 Talamasca
The Human Tripod ;)
Join date: 20 Sep 2005
Posts: 4,107
|
08-25-2008 18:10
Anyone else get these? [11:40] *name removed*: Hello, you can earn L$10 each link you click at * http://LINK REMOVED* - No surveys, No camping. Open in PC browser not SL. Your ip will be directed and recorded with the session for auto-payment. Payout is every hour so get as many clicks in as possible! EnjoyI've gotten a few of these, but I'm not THAT dumb. I know better than to click an email link for "easy money".  In this day & age of Drive-by Downloads, keyloggers, trojans and other nasty stuff, a bit of paranoia helps. Hopefully there's something on the forums or else where to let Newbs know not to click those links.
_____________________
really pissy & mean right now and NOT happy with Life.
|
|
Rhaorth Antonelli
Registered User
Join date: 15 Apr 2006
Posts: 7,425
|
08-25-2008 18:16
what good will logging the ip do? not like they can match it up with you in SL
I never follow those either, and thankfully have not received that one
_____________________
From: someone Morpheus Linden: But then I change avs pretty often too, so often, I look nothing like my avatar.  They are taking away the forums... it could be worse, they could be taking away the forums AND Second Life...
|
|
Ann Launay
Neko-licious™
Join date: 8 Aug 2006
Posts: 7,893
|
08-25-2008 18:31
I got it. I closed the window and forgot about it.
_____________________
~Now Trout Re-Re-Re-Certified!~ From: someone I am bumping you to an 8.5 on the Official Trout Measuring Instrument of Sluttiness. You are an enigma - on the one hand a sweet, gentle, intelligent woman who we would like to wrap up in our arms and protect, and on the other, a temptress to whom we would like to do all sorts of unmentionable things.
Congratulations and shame on you! You are a bit of a slut.
|
|
Dilbert Dilweg
Loading....
Join date: 27 Jun 2006
Posts: 500
|
08-25-2008 18:53
Probably from this tool i seen the other day ..
Sends chats with blocked name
http://www.slexchange.com/modules.php?name=Marketplace&file=item&ItemID=411854
|
|
Peggy Paperdoll
A Brat
Join date: 15 Apr 2006
Posts: 4,383
|
08-25-2008 20:13
Spammers will try anything. Guess they found SL.
|
|
Kathy Morellet
Registered User
Join date: 26 Jul 2006
Posts: 809
|
08-25-2008 20:34
Those are the ones that I do Copy > Abuse Report > Paste > Submit
|
|
Tod69 Talamasca
The Human Tripod ;)
Join date: 20 Sep 2005
Posts: 4,107
|
08-26-2008 01:42
From: Kathy Morellet Those are the ones that I do Copy > Abuse Report > Paste > Submit Ooooo! Thanks for reminding me!!!  *off to do some AR'ing
_____________________
really pissy & mean right now and NOT happy with Life.
|
|
Tod69 Talamasca
The Human Tripod ;)
Join date: 20 Sep 2005
Posts: 4,107
|
08-26-2008 01:45
From: Rhaorth Antonelli what good will logging the ip do? not like they can match it up with you in SL
I never follow those either, and thankfully have not received that one What can happen is, if your computer has weak protection (anti-virus and the like), you get a nice lil' program installed on your system WITHOUT you knowing it. Such a program then reports to the creator your passwords, etc. Think how a webpage works. All pics, all flashing ads, even what looks like plain text, all of it is code. And code can be made to do many things. The flip side is to shut off all Java, Java Script, Flash, Shockwave, XML, and all other browser plugins, which leads to a rather boring Internet.
_____________________
really pissy & mean right now and NOT happy with Life.
|
|
Ralektra Breda
Template Painter
Join date: 7 Apr 2008
Posts: 1,875
|
08-26-2008 02:26
keylogger
_____________________
 Mainstore: http://slurl.com/secondlife/Phantasm/51/164/501 http://rbzdesign.blogspot.com/ I'm not a designer IRL, but I RP one on SL!
|
|
Pyrite Sopwith
No Shoes Required
Join date: 8 Aug 2008
Posts: 169
|
08-26-2008 02:38
I received an IM back in June that would allow me to earn some lindens. It is more than just spam - it's a SCAM. I simply refused, and that user sent me an IM, I just simply told him off and blocked him. But thanks for the heads up on what to do with IM spammers, Kathy. From: Tod69 Talamasca Think how a webpage works. All pics, all flashing ads, even what looks like plain text, all of it is code. And code can be made to do many things. The flip side is to shut off all Java, Java Script, Flash, Shockwave, XML, and all other browser plugins, which leads to a rather boring Internet. You mean to say that flashing banner ads can weaken my PC? If so, that is shocking. Not to mention you need Adobe Flash Player in order to view YouTube videos. |
|
Sharie Criss
I'm just peachy, thanks
Join date: 4 Nov 2007
Posts: 48
|
Sigh.
08-26-2008 03:43
From: someone Think how a webpage works. All pics, all flashing ads, even what looks like plain text, all of it is code. And code can be made to do many things. *Sigh* No, not everything is code. Not even close. HTML markup is not code. The browser does not "execute" the web page like a program. A simple HTML document is not code, just like a word document with no macros is not code. It's data. From: someone The flip side is to shut off all Java, Java Script, Flash, Shockwave, XML, and all other browser plugins, which leads to a rather boring Internet. *Sighs again* Shut off XML? You DO realize that HTML is a subset of XML, right?????????? And that it is impossible to "turn off" XML? Some browser plugins are designed to IMPROVE security - you certainly don't want to disable those. There are things you can do to be safer when browsing the net. 1) Keep you PC up to date with the latest updates. 2) Never follow links in spam or reply to spam. 3) Use Firefox with the NoScript plugin, which allows you to white-list known "safe" websites and only allow scripting / Flash to run on those sites. 4) Stop blindly clicking OK on everything that pops up, and READ the message first. The internet does not have to be a scary place. Spreading fear and misinformation isn't helping. |
|
Raudf Fox
(ra-ow-th)
Join date: 25 Feb 2005
Posts: 5,119
|
08-26-2008 04:00
Yay, another spammy bit that I can report! I hate these things.
_____________________
DiamonX Studios, the place of the Victorian Times series of gowns and dresses - Located at http://slurl.com/secondlife/Fushida/224/176
Want more attachment points for your avatar's wearing pleasure? Then please vote for
https://jira.secondlife.com/browse/VWR-1065?
|
|
Zaphod Kotobide
zOMGWTFPME!
Join date: 19 Oct 2006
Posts: 2,087
|
08-26-2008 04:39
Most of them either exploit vulnerabilities in the browser, or careless tendancies of the operator of the browser. Vulnerabilities have even been tracked on something as seemingly innocuous as the animated gif. Flash itself is a trusted application, however there are a bunch of emails floating around purporting to be from CNN which take you to a malicious website where you're helpfully advised that your flash is out of date, and offered an "update" which isn't the flash player at all, but a trojan installer. Of course the best defense against this nonsense is an even mix of common sense, and up to date, reliable malware protection. From: Pyrite Sopwith You mean to say that flashing banner ads can weaken my PC? If so, that is shocking. Not to mention you need Adobe Flash Player in order to view YouTube videos.
_____________________
From: Albert Einstein Problems cannot be solved at the same level of awareness that created them.
|
|
Zaphod Kotobide
zOMGWTFPME!
Join date: 19 Oct 2006
Posts: 2,087
|
08-26-2008 04:58
Markup isn't necessarily executable code, true. The delivery mechanism (http) and subsequent rendering in the browser is implemented with executable code, however. It has an inherent, theoretical risk of being manipulated into doing bad things. In this context, html has suffered many vulnerabilities over the years. HTML is not in any way a "subset" of XML. They are two different animals. The former being a markup language with predefined elements, the latter being an extensible markup language, with the ability to define elements on the fly. Given that XML is largely used as a means to structure and transport data between applications (executable code) the possibility does indeed exist that vulnerabilities could be discovered and used within the markup itself. I agree with the rest of your assessment, particularly the part about spreading fear and misinformation. I hope you'll take the "misinformation" part to heart. From: Sharie Criss *Sigh*
No, not everything is code. Not even close. HTML markup is not code. The browser does not "execute" the web page like a program. A simple HTML document is not code, just like a word document with no macros is not code. It's data.
*Sighs again*
Shut off XML? You DO realize that HTML is a subset of XML, right?????????? And that it is impossible to "turn off" XML?
Some browser plugins are designed to IMPROVE security - you certainly don't want to disable those.
There are things you can do to be safer when browsing the net. 1) Keep you PC up to date with the latest updates. 2) Never follow links in spam or reply to spam. 3) Use Firefox with the NoScript plugin, which allows you to white-list known "safe" websites and only allow scripting / Flash to run on those sites. 4) Stop blindly clicking OK on everything that pops up, and READ the message first.
The internet does not have to be a scary place. Spreading fear and misinformation isn't helping.
_____________________
From: Albert Einstein Problems cannot be solved at the same level of awareness that created them.
|
|
Zaphod Kotobide
zOMGWTFPME!
Join date: 19 Oct 2006
Posts: 2,087
|
08-26-2008 05:17
By constructing unique URLs for each recipient in-world, it would be trivial to associate IP addresses with avatar names. From: Rhaorth Antonelli what good will logging the ip do? not like they can match it up with you in SL
I never follow those either, and thankfully have not received that one
_____________________
From: Albert Einstein Problems cannot be solved at the same level of awareness that created them.
|
|
Tod69 Talamasca
The Human Tripod ;)
Join date: 20 Sep 2005
Posts: 4,107
|
08-26-2008 05:46
From: Sharie Criss
There are things you can do to be safer when browsing the net. 1) Keep you PC up to date with the latest updates. 2) Never follow links in spam or reply to spam. 3) Use Firefox with the NoScript plugin, which allows you to white-list known "safe" websites and only allow scripting / Flash to run on those sites. 4) Stop blindly clicking OK on everything that pops up, and READ the message first.
Have been doing so for a long time. And NoScript is excellent! Flash Vulnerability: http://secunia.com/advisories/28083/ XML Vulnerability: http://secunia.com/advisories/15852/ Seems they have 'em 'patched' for now. I'm not saying "Shut it all off". What I'm saying is "It can all be manipulated". Again, someone gets their panties in a bunch.  BTW- you forgot one: Don't close a pop-up Window by clicking the X in the corner. ALT+F4 instead. But if a user does as you said, keeps things up-to-date, patched, etc, and uses common sense then they should be safe. Come to think of it, it's usually lack of common sense that causes the problems. * EDIT * Just for those who are curious with what has a vulnerability: http://www.kb.cert.org/vuls/byname
_____________________
really pissy & mean right now and NOT happy with Life.
|
