My Account Was Hacked And I've Been Suffering For It.

Hello....my first Second Life account was hacked a few weeks ago. My Paypal account was abused so I had to have them put Limited Access on it. My avie was completely shut down and I've just spent weeks and weeks getting things back together and getting all my friends back.
I received no email to tell me what's happening....just Linden Labs suggesting I 'phone them...which means a transatlantic call as I'm in the UK.

Now I've had my replacement account disabled...just because my Paypal is limited access.
I finally 'phoned them and they say I should have 'phoned them straightaway about this.
I've found out from Paypal how to remove Limited Access and supposedly I will get my disabled account enabled.

I'm just fed up with the way LL refuse to communicate via email....a quick one just telling me what's going on and what I can do regarding Paypal would only take a minute or two to send.
I can't understand why my new account gets disabled when I wasn't using Paypal in that account.

You can do much better than this, Linden Labs!

How does an account get hacked?????

I mean really? I hear this stuff all the time: "my account was hacked" How??

My password is 9 alpha-numeric digits that don't even form a word.


Who else did you give your password to?

Did you use a cybercafe or piggy back on a wireless signal?

I didn't give my password to anybody....I used a strong password with numbers and letters. Mine didn't form a normal word or phrase, either. Hmmmph.
I was CAREFUL. There are some clever swines out there.

If they want to they can hack into all kinds of online things. Thanks for your sympathy...not.

No....I only ever accessed SL from my own home.

You still didn't answer the second question. Were you using a wireless signal to connect to SL?

Not sure that it's appropriate to post the direct link here because of the nature of some of the specific blog post's content, but onemansblog.com featured a post back in March 2007 (you can go and look for it, if you want to) about how easy it is to hack passwords. The post actually features a LOT of useful info on how to take preventative steps, but it also features links that are probably not the sort of thing that should be accessible from this forum. So yeah, you can hunt for it if you like

Anyway, one of the best bits of advice he gave was this:

No...I was using broadband down a landline.

Hi SKell....I was using a strong password...after the hack I got extra tips on this from my geek friend.
Hackers have hacked in the UK's Scotland Yard website and defaced it. That was a minor one.
If they're clever enough they can hack anything. I changed my passwords again and again like someone deranged after it happened.

Thats good, and thats what everyone is supposed to do. Realy who is going to bother to change all there passwords every week, but everyone should at least change them every month or so.

Have you checked for keystroke loggers? Which viewer are you using?

Catching wireless signals usually requires the evil-doer to be more-or-less near the person getting hacked and them requires them to decrypt the packets.

Since I think hackers are more interested in volume, I think it's more likely she got keylogged or used some evil bot/viewer that simply sent her password off to the bad folks when she tried to log in.

I'm a lady. Bryony is a well known female name in the UK. I'd prefer to be addressed in the first person...not referred to in the third person.

Well hopefully all's well that ends well. Still, you're right. LL needs a better way of communicating.

[And welcome to the forums!]

Oops! Sorry, ma'am..

edit: and, since my reply was more to the other people asking questions about wireless and such, I think 3rd-person was appropriate.

I think Meade was directly addressing those in this post that were asking you if you used a wireless connection, and suggesting that the hacker probably didn't use that method.

/me steps away from this thread now.

No offence taken! Just wanted to be included in the conversation.

Just using Windows and IE is a more likely security risk.

Or for that matter, Windows without NAT:
http://it.slashdot.org/it/08/07/15/0123245.shtml

Simply due to the fact that it's as potentially possible that someone's entire computer, not just account, could be compromised (people that use the same password for everything, basically) means I'd rather have to phone them than email them. It could also form the basis of why they'd rather you phone them than play email tag with them.

Emails mean you have to wait for each reply, it's very inefficient. Phone calls are handled live. Simple 'nuff.

We've used Mozilla Firefox on this computer, simply because the new Windows keeps playing
up. Then I saw chat in NCI about how poor Windows is and that put me off it even more.

still a good password, Regular Updated Anti Virus + Firewall, and not storing login information for automated logins is pretty good protection against the average attack

*from the good hackers out there, maybe only a few would target an unknown ip


*it also would be "nice" if SL used captcha for logins, specially since the login name is already known, its almost neglection not to have it these days ?


.

Those captcha things can be problematic....I knew a site where, because the captcha wasn't working properly, you couldn't access part of it.

How would captcha help? I thought that was mostly a test to prove that you're not a bot.

That is *exactly* how it would help. Not all bots play SL.