New blog

Safeguarding Your Account…or You’ve Been Phished

Has everyone seen this new blog? I wonder if SL HAS been hacked like last time
Not like they will say just denie it ..like last time and with CC#'s now being manditory o the joy.
Is there and way to get LL to erase your CC info? cause I dont think just changeing your password is enough.
Any ideas? besides checking you CC history a few times a day

I would suspect this has more to do with people getting phished, so the phishers gain access to their account.

The part of the post that's a little weird:


Phishing involves tricking someone into giving you their password. Making the password stronger won't do anything to prevent that. Oh Lindens, don't you guys read these things before you post them?

Well considering having a safe password won't protect you from phishing I'd say it's more of a general password warning.

Reading the latest blog about advertising I'd have to say, no they don't.

The fact they don't was establishesd a while ago.......

This all seems very "phisy" to me.

On June 27th I got an email from Linden Labs.

"Linden Lab <Linden_Lab@mail.vresp.com>
to me

show details
Jun 27 (7 days ago)
An upgrade of our billing system recently revealed minor discrepancies
in your billing information. To get everyone back on track we are
asking that you update your payment method via the website as soon as
possible. If you have a balance due it will be billed to your account
within 24 hours of your update. If you do not update your information
and you have a balance due when we bill, your account will go
delinquent. As always with delinquencies, you will then have 7 days to
pay your balance. After 7 days the account will go on hold and you
will not be able to login without clearing your balance. After 30 days
your account will go defunct and you will lose any inventory, land and
L$ associated with the account.
To upgrade your payment information:

1) Go to secondlife dot com
2) Login to your account
3) Click upgrade payment method
4) Upgrade with either credit card or Paypal, your choice
5) Follow instructions
6) You’re done!

If you have any questions regarding your account status, or have
difficulty making changes to your account, please contact billing
through the support portal:



Thank you!
Linden Lab"

Now I downgraded my account a few months back, so I have no payment due to Linden. In fact I have a surplus of actual credit in my account. Funny they would be demanding money I do not owe them. Now for the kicker, the very next day my bank put my card on hold due to it's info being stolen. Apparently it was then attempted to be used from someone in Italy on the 28th. Seems they had all the information I put here on this site. It was reported I put the info into some phishing site, yet I haven't purchased anything online in months, let alone give that info to another site. The bank told me this happened the day before the linden labs email on the 26th. Good thing my bank is on top of things and blocked the transaction. Now this all seems rather coincidental don't you think.

I replied in the blog but I will post this here too: 2 people in SL that I know have had their CC#s stolen. One being my RL boyfriend who only used that card for SL. He is no longer in SL (closed his account) but let me know a couple days ago that his card had $12,000USD of charges he didn't make. I saw a similar post from someone else on the blog.

Based only on my own experiences with these two people, I strongly suspect there has indeed been some sort of hack again. I hope LL can clarify if this has happened - or if it hasn't happened - or do they know?

I don't mean to be an alarmist but yeah, this alarms me.

Keiichi, that's been confirmed as a genuine Linden Labs email.

I'm not doubting it being valid. That's the bad part really. Since they have no clue that I dont owe them money, yet they had issues with a card they don't even need access too. That's the issue I see. For my card to be stolen the day before and tried to be used the day after the email, thats the problem for me.

That is indeed very phishy ...sorry couldn't resist.

This is rather worrying in all reality, surely though they have a duty of care to inform their customers if they've been hacked ..don't they?

You would think....

I have just canceled the card I had on file.

Well the worry part is already over for me since it happened. I'm not exactly blaming Linden Labs. But I know for a fact I don't put credit card info and all my billing information on just random sites from a link in my email. I've been using the net since Prodigy way back in 1992. So it's not like I'm some noob on these series of tubes. But all these dates are one after another in a 3 day span. It's just way to coincidental for me I think. Linden Labs on the other hand already had one major issue with being hacked and from what I read in the forums and blog is that they have had issues with Paypal recently. Now the password "reminder" seems like a sly way to say we screwed up and we are trying to put the blame on the users. I stopped using SL due to so many issues since about March and downgraded around the end of April. I only login about 1 or 2 times every few weeks. I do read the forums and blog for the soap opera feel of it all though.

Yeah, one would think so, but last year when they were hacked, it took them six months to finally email those whose information 'might' have been compromised. Between the time it happened and the time the email was sent, most of the people had already changed their passwords and canceled their credit cards and/or swapped to Paypal or only use the 'gift cards' such as Visa and Mastercard offer. This is one of the biggest reasons why Linden Labs is now labeled as a fraud site by many banks. And it's fairly earned too.

Sure they blogged, but they assured us for quite some time that no personal information was compromised. Fortunately, we're more paranoid than LL.. and now, we're pretty much paranoid OF LL.

*sigh*

They didnt last time I see no reason they would this time so watch your charges VERY carefuly and let you banks know something might just be amiss LL is not a very forcomeing company so cover your backsides cause LL wont

Has it? A number of people on the forums suggested it was genuine since LL had used vresp for a previous mailing months ago. However, I don't recall seeing anything official from LL confirming it.

On the other hand, reports of this suspicious e-mail were quickly followed by an LL blog about phishing!

Matthew

lololol

might be helpful to change the title of this thread to something more descriptive.

*grins* The MOTD did warn that LL was sending out an email