**Asri Falcone Hijacked(Idenity Theft)**

Ardith,

<<To clarify my position. The story, as presented, makes very little sense. As you and various others were recklessly tossing out crackpot theories about Linden involvement,>>

No, I was 'tossing out' no theories, crackpot or otherwise, about Linden involvement. I said that the problem appeared to be at the Lindens' end rather than Asri's, and expressed a lack of surprise that the thread had been moved. The really big problem with these forums, I feel, is that people do not actually read postings other than their own.

Why do you think the thread was moved to 'Notices and Well-Wishes'? Do you have a crackpot theory to explain that? I must say, I admire the humour, but to be completely clear, feel it was probably done to minimise embarrassment.

Perhaps because it was a notice? I find reading comprehension to be a valuable asset. Why don't you?

there are certain programs i think out there that it records and sends stuff you type to the person so maybe whenever u enter your new password it sends to him, just guess. I have expreienced some degree of hacking, some guy somehow kept makeing those yes/no options pop up and was asking me sexual things and i either clicked yes or no, i kept clicking no but then immidiatly another question wouled come, this whent on like a full day but luckily thats all that happend, btw thers a new virus out right now, a big 1 so everyone set firewalls to highest lvl.

is nothing sacred? im sorry for your loss, i to hope to get into game desighn, im currently practicing 3d modeling on my own time.

"there are certain programs i think out there that it records and sends stuff you type to the person so maybe whenever u enter your new password it sends to him"<--- yes there are a few programs that do this and that you can d/l..there are also programs where they can view your computer screen just as you are viewing it..the desktop that is, they are in your computer can do what you can do to it also....
Am not sure but i thought i read something about a security breach that got fixed in SL, involving not a lot but a few, but it did get fixed and not everything everywhere can be safe really but just have to beware and go on.

But im thinkin if they didnt use SL to get your info. and etc(that is hacking into SL itself) then they did thru your email account or etc...

Hope it all gets fixed and things start getting close to normal for you and this stops happening. And the person doing this...deep down you know you are scum maybe a thorough bath will wash the scum away? maybe not......

Ok if I were you as much as I love LL so far.. its time to get a lawyer on their asses, this is your money they are toying with and if they can't offer you proper protection against this its their ass that should be on the chopping block, not yours. 5 bucks says if you do they will most likely give you the IP of the person doing all of it and the local police can take it from there, all those IP addresses are logged via the ISP and yes, police can call up an isp and get those records no problem. LL just has to give you a number and the police can track it down. Once you have the guy doing it sue em for all you lost plus pain and suffering. If you need recipts of amount of funds I can guess if you had your money in gom or any other atm service they would have logs of transactions in or out since they legally have to because they are exchanging funds from an account and possibly LL may have these records aswell not entirely sure what their system is there. Bottom line is if you wait for LL to do something your going to be out on the streets. They are a large corporation with THOUSANDS of complaints a day and I bet your just 1039493 on the list of things they need to get straightened out today. All those people you talked to on the phone are just secretaries, they can only do so much.

Take some advice like alot of people have given, you have to act. Lawyers and the law are the only things going to clear this up because LL can't be bothered. Hell they even moved your post so people would be less likely to see it is my bet, can't have a sturring uproar can we?

Oh yes and the thing with lindens being worth $0 doesn't change the facts any, Mc donalds prize tickets are worth $.001 but I bet if you stole the million dollar winning one you would be sued for more then a fraction of a sent.

Actually, they are a very small company [ http://lindenlab.com/ ]. And it is likely she spoke to a Linden that we have seen post in the forums or in world at some point. Also, the TOS pretty much covers the Lindens in a case like this. There are a few sections that would keep them from being able to have a legal case actually stick, here is just one:




So while this is a horrid situation, and YES the Lindens should try to do something about it, it may not ever get resolved entirely in favor of Asri.

My personal opinion would be for Asri to personally email Philip and tell him her situation. There may not be a darn thing he can do outside of what may or may not already be being done, but at least she would know that the Head of LL knows her situation. And Philip very much does care about us. His email is: [email]philip@secondlife.com[/email]

Asri, I have been involved in ID theft (outside of SL) and I understand your pains. I have been locked out of all my financial institutions I bank with for almost a month which as you can imagine causes grief. I fully understand your frustration. I believe most of the people here are trying to help.

Perhaps someone touched on this as I have read the posts, although I haven't seen it mentioned. Does LL use 'strong' passwords for temporary p/w when reassigned. By strong I mean along the lines of, at least 6 (maybe even characters long, mixed case, numbers and special characters? Reason I ask is...if the hacker was using a dictionary/brute force type hack, perhaps the temporary p/w was simple enough that a common dictionary hack exposed the temporary p/w within the 5 or so minutes you were on the phone.

Also, as much as it may be difficult, I recommend changing user accounts all together (including known alts). This asshat and waste of skin has made a point to continue pushing you and I imagine after the grief that has been provoked, they are targeting you as not only is it financially beneficial, but they probably get off on the pain your feeling. Might be best to reinvent yourself, and make sure you use very strong passwords. If I were on the phone in this situation with LL, I would ask my temporary password be something along the lines of '2#9*0--die^u$0n0f@|3!tch!%&go2h3LL!!!11!!

Sens, this statement caught my eye. How do you know who is doing this? Did that person confront you or Asri and confess? If yes, ask Lindens to check the chat logs. If not, then what do you have on the alleged perpetrator, lets see if all these great minds gathered here paying attention to this case can help. Seriously!

I'm afraid that stealing passwords, especialy after finding out what your original password is easier then you think.

The procedure goes like so:

1)Attacker finds your first password, logs in as you.

2)Attacher changes the E-Mail address you specified as your own in your account properties.

3)The next time you change your password - yourself or via the help of a linden - the attacker can use the "Forgot My Password" feature to generate a new one and log into the account again.

The Forgot My Password mechanism works by verifying the e-mail address you have set on your account properties, and by using a security question that only you are supposed to know the answer to.

During the time the account was initialy compromised, my guess is that the attacker have either changed the e-mail address, or changed both the address and the security question response.

If the attacker have only changed the e-mail address, then i'd presume that Asri's security question is too easy to guess.

Asri, you may want to verify that the e-mail address in your account is properly set to your own address and not somebody else's, and also pick a new security question while at it.

O.O Good info and good advice!

would be good advice the thing is they didnt change the email they took over the email...hacked that too.

the thread may have been moved because of the Happy Birthday image in the initial post

I've sat here and ready this thread for the past couple hours and 2 things comes to my mind ...

1) the lack of anything from a Lindens' standing on this except to move the thread. The Linden that was on the phone could easily speak up and confirm Asri's account and save her added torment of having to not only live through this, share it but then DEFEND it only adding yet more insult to her injury.

2) A standing on the part of LL now in regards to Linden Labs not holding any "real" monetary value when they now are actually SELLING virtual Lindens for REAL Money. It might not state in the TOS about having real value, but they have themselves voided that (IMO) by selling virutual money right from their own servers and sources.

What I would like to know, and I'm sure others woud too, is now that virtual Linden's are being sold from Linden Lab's themselves; what is their new standing on the "real" value of Lindens? What steps will be taken to ensure the security and saftety of the virutual money they now resell?

Might be something to check into Asri, might help you some.