Monday, January 23, 2012

Scam and Hack Detection Guide

Scam and Hack Detection/Prevention Guide
Contents:
1. Introduction
2. Scam - how to avoid it? -Complete-
3. Phishing Scam -Complete-
4. Hack - how to avoid it? -Complete-
5. Tips on Making Unbreakable Password -Complete-
6. Most people who are targeted to be copied -Complete-
7. Credits

1. Introduction
Hello I’m KUSABIREIKA. This is my 5th guide, technically speaking, a guide on how to preventing you on being scammed or hacked. I hope this Guide will help everyone meow ^^V.
[quote]Please note that: there will minor error or typos, so i may update list, and you can give contribution, suggestion or opinion to make this guide good thx for support.[/quote]

1. Scam - how to avoid it?
Taken From Guide on How to be Rich
  1. Scammers/imposters

    they usually will pm "their" faction members they posed as. As own members will not check own faction mates' profile, cos trading or passing items are common within the same faction.

    To avoid getting scammed, always double, triple check on the profile and meet your faction mates or the seller/buyer at a more prominent place (not at those logging in spot). So that u can see clearly and making sure u pass items/vis to the correct person. NOTE : Scammers/imposters are usually hiding NEARBY (sometime in between players OR worse... near to the original player, if not they won't be able to trade u.

    They will usually posed as Faction Leaders / Deputy Leaders / the High flyers / Players who frequent in town or broad. They will trade items Pure Otite and end up trading u Otite Piece, etc. etc.

    So..... PLEASE be ALERT ALWAYS!!!
  2. If anyone asks to borrow your equips for your password - ALWAYS CHECK FAMILY PROFILE FIRST, in case you get scammed right clicking family name directly from the chatbox? (e.g, right click, Family profile from the chatbox directly) 'cause if it's the type of Familyname the space are sometimes difficult to spot.
  3. Avoid trading with anyone who had a record of being a scammer. [add on: Check with your friends or faction mates if the player is a scammer]
  4. If someone you trusted borrows your items, DONT accept a trade request with him and instead request him/her for a trade. This way you can guarantee if you're really dealing with the real player.
  5. Always check family profile of the person who will borrow your items.
  6. Always double-check the items when trading. [the confirm and exchange button is there for a reason, check what's in the trade window before pressing them
  7. Do not share your password with anyone
  8. Do not purchase GVCs from unofficial sources
  9. Do not use 3rd party unauthorised software
  10. Please be cautious when someone approach you for loaning of items or asking for password, they might be imposters using a same family name
  11. One way to prevent scams is to broad in the game to warn players. I noticed many players never visit forums unless they have encounter such problems. (Even TV are showing crime prevention ads, so I think we should too.)
  12. For Character Trading make sure deposited the item first, no matter wht. if unsure ask faction or someone you trust
  13. open your when trading, always check the item inventory
  14. If trading someone you dont know ask first, might be a known scammer
  15. never give out your id and passwords! yes, never give out them. if u intend to do so, do it with your own risk.
  16. never log in your id and passwords into websites other than Ge official website simple, them hackers would need you to log in so they can give you some 'rewards'. some say rum some say items. but, the only thing they will give is a hack.
  17. Do not visit unauthorized websites unauthorized websites, for example is a gold-selling website. This one, may hack and commence fraud on you (especially you use credit cards). and not to mention of possible hack-in and plantation of keyloggers into your computer.
  18. plvl. either they pay later (u selling plvl) or they want u pay 1st (u buying plvl) would always have high potential of u being scammed. if u sell plvl, they log off for the rest of the day right after they reached the specific level; u payed ur money and then the scammer just log off immediately after ur payment. (some might just bring to a aggressive mob spot and log off. >_<) refered to Hikari's anti-scam guide in TOP forum
  19. Blueprints can be used to scam. usage counts that is 0 can be traded. so, beware that u do not buy a useless bp from a stall or a scammer. refered to Hikari's anti-scam guide in TOP forum
  20. Market price technique. Example would tell u more clearly. this is [quote]from Hikari's guide:

    A common example would be one character buying something, while another character selling the same thing, for cheaper.

    Example:

    Player A: B> devil wings, 20m!!!
    Player B: S> Devil wings 7m only!!! PM ME RUSHHHHHH!!!!

    Now the typical newb would think "wow I'm going to make 13m profit easy" (cause you know, I expect some basic arithmetics in this game), so you PM player A and tell him you have it, arrange a meeting spot, PM player B and buy it, then go to the arranged meeting spot..and he's not there.

    [/quote]
  21. There is no borrowing, there is only trading.
  22. There is no trying before buying, there is only buying then using.
  23. There is no paying 1st in trading, there is only one-shot-trading.
  24. There is no buying rum codes, there is only buying item mall items.
  25. But these are useful. If you're expecting to leave long periods of time, use it.Some people use it everytime they log out: these people are generally safest and don't complain about "omg someone hacked me when I left".
  26. If it sounds to good to be true, it probably is! Remember, once you click the trade button, you are agreeing to whats being traded...Please be sure to read each item carefully, as sometimes players like to switch the items with fake look-a-likes.
  27. to prevent being scammed, just always be cautious with PM, if necessary block off ur PM and allow PM when u are selling/buying stuffs/with a PM with someone. Other than that just stay in general chat/ squad chat/ faction chat when dealing with VIS, FESO or Equips.
  28. Don't trust anybody.

    Rule to follow just say NO

    For example:
    • Trade me first NO
    • Too many things trade me half first NO
    • Give me your acc i pass the rum to you NO
    • I give u my pass you give me your NO
    • When you see someone who is a well known scammer HELL NO
    • Call for me when there are too many items to trade YES (provided im free)
    • Check BEFORE ALL TRADES YES
    • well, dun mind the 'Call for me when there are too many items to trade YES
    • (provided im free)' lol i think its a running joke.
Some Tips about How they Scam You:
There are many ways of scammers scam people, and these are the common ones that i know:
  1. Tradition way of scamming is you pay them first before they trade you their item(s) from their 'another character'.
  2. He/She wants to borrow items
  3. He/She wants to try your items before buying
  4. He/She trade items, but full inventory or cancel trade, and do it numerous times and trade u a useless stuff when u off-guard.
  5. He/She claims have the ability to duplicate items, and ask if u want to. If u want, u need to give in ur items first.
Other Possible ways of scamming you:

2. Scam - how to avoid it?
Taken From Anti Scam/Noob Guide


Lets start with noobs:
  1. Usually very low lv;
  2. They will ask by using PM for money , frienship , and other things;
  3. Sometimes some noobs dont even speak right (ex when they start telling BOSS BOSS BOSS BOSS BOSS...)
Things u can do to a noob to annoy them:
  1. Because they are very low lv , u maybe can drag a boss near him , log out , and the boss finishes him (i think so , considering this is a MMORPG , boss should be easy to find XD);
  2. From the features i have heard , u can kill the noobs easily , anytime anywhere is PvP (Its scary , i dont wanna be killed and lose items
  3. Sometimes they will try to invite u as a friend , u can just let the question tab on your screen without pressing anything , he will press at infinite ADD FRIEND;
  4. You can do the same thing above if they wanna trade u something;
  5. If they noob keeps PMing u , blacklist him (if the game has a blacklist system );
  6. One drastic measure is to report them to the Live Support, they will probabily be muted , jailed or banned (permanent or not);
Now the scammer section:
  1. The lvl usualy doesnt count but they can simply make another acc so that their main acc isnt banned; will hide in a dark section of the map so other players cant see him; they will pretend to be other strong players by simply changing some letters
  • * sometimes 1(number) and l(letter) is hard to distinguish;
  • * sometimes 0(number) and O(letter) is hard to distinguish;
  • * sometimes players when making an account put a SPACE in front of their charcter name
  • Example: (forcemick) = a real very strong character; ( forcemick) = a scammer , notice the space;
The ways scammers do their thing:
  1. They will send a e-mail in game sayng (the senders are modified GM names) that u won something , the catch is that u need to reply with your ID and password;
  2. They will pretend to be very strong players and PM u sayng that he wanna borrow something from u;
Now i say the advanced scamming technic:
  1. A scammer will tell u that he gives his MAIN charcter to u , its very probable that the main chracter of his has been registered with the real email of the scammer , so if u change that accs password , he can see in what password u have changed, DONT EVER CHANGE THE PASSWORD AS SAME AS YOUR MAIN CHARACTER
  2. He can easily see in what pass u changed by simply looking in his email, the scammer now needs the ID of your main character that can be easily found on the forums , so be very carefull at this type of scamming;
  3. This scam be easily blocked by putting PIN on your accs and other security measures that the game may have.
  4. The best way of getting rid of a scammer is to report him to the Live Support, keep the scammer busy while u talk with that Life Support.
3. Phising Scam
  • Phishing Scam is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.
  • Phishing scams are just another attempt to get valuable information. Scammers send a mass email to every address they can find. Typically the message will appear to come from a bank or financial institution. The email states that you should update your information for one reason or another, and they usually provide a link that you can click to do so.
    This all sounds reasonable and it may look legitimate, but phishing scams are anything but legitimate. The link provided does not take you to the financial institution’s website. Instead, you’ll be submitting your information to a website run by the scammers.
A) What is Phising Scam
  • Doing a criminal act using social engineering techniques is called phishing. Those who perform such an act are called phishers.
    Phishers attempt to acquire valuable personal and sensitive information such as credit card No, passwords, etc by pretending to be a trustworthy individual, business or a person you know.
    Phishing is usually carried out by sending an email or an instant message. You might see a phishing scam on a social networking website, on websites that appear as your familiar website using slightly different URL. Surprisingly it is common to see fake charity websites as well that accept charity. Fake websites are called spoofed websites.
  • Once you are on a fake website, you might inadvertently send your personal information to the hacker by entering your login ID, password or other private information. Once you have sent your information,somebody can then easily hijack your valuable assets.
    Phishing scam on cell phones/PDA is not very common but is often reported.
  • Phishing scams often place site URLs in email messages or websites that seem to be of reputed organizations, social networking site or your bank. Phishing messages often include office logos, banners taken from company's original website.
B) Why People Fall for Phishing Scams
  • Anybody can be tricked by a sophisticated phishing scam. Simple phishing scams are easy to spot, but the best scammers are actually pretty smart. They use a variety of tricks to make the phishing scam look like a legitimate process. For example, they might include a graphic from the bank right on the email message or website. Or, the link provided in the email may look like it goes to the bank’s website while the victim is actually sent to a very different site.
B) Phishing Detecting and Prevention
Phising is a common email and internet scam, with which scammers attempt to fraudulently steal one's private information. This article explains effective methods that can help you easily detect and avoid a phising scam
  1. "Verify your account."
    Do not click on the "verify your account" link. Businesses, generally do not ask for passwords, credit card No, Social Security No, National Insurance No. over the phone or internet.
    Online banking providers, too, never ask you to verify your account by asking you to send sensitive information over internet.
  2. "You have won the lottery."
    This is one of the most common phishing scams around, also known as fee fraud'. The message informs you have won a large amount of money and asks you to reply to the message with your address, bank details and other personal information. These scams often come pretending to be from reputed organizations such as IBM, Microsoft, etc
  3. Your account will be closed if you do not respond within 24 hours.
    This is a nice trick, making you feel urgency of responding and you might actually respond without even thinking. No bank or other financial organization will do this under normal circumstances.
    You should also look at the spellings in the e-mail message; are all words spelled correctly? Sometimes, English is not the native language of scammers; chances of having grammatical mistakes in their message are very wide.
    • You should also check any links in the emails; do they really go where they appear to go? Scammers play a nice trick with URLs. They display a URL, say http://forum.iahgames.com/ge/showthread.php?t=57200 and when you click on it, it will open a different website. Never access your IAH Games' Main website (or any other website where you will need to input finanical or personal information) using a link in an email. People should always type in addresses or, better yet, access the site from a link in their bookmarks.
    • It is common sense that no organization will send an email asking you to enter all your sensitive information on a website. In fact, many organizations explicitly tell us that they will never ask for personal details over phone or e-mail.
    • Use your own judgment; all phishing emails may not look alike. One scammer may send two messages, both pretending to be from different organizations.
    • If you get an email that you know is a phishing scam and is pretending to be from your bank, do let them know what happened. They might monitor your account more closely or probably pursue the scammer.
For More info about you can visit Filamented Fern Guide ^^V


4. Hack - how to avoid
  1. Simple basic rule - don't share your password. If you have to play at a lanshop/internet cafe - change your password when you get home, better save than sorry.
  2. On key-loggers - there's plenty of anti key-logger software on the net, the most notable being Ad Aware/Spybot, download and run them on the said computer if you think you've got a key-logger running. Or, check out this link http://dewasoft.com/privacy/kldetector.htm - plenty of helpful stuff on there.
  3. Get internet security software as well as spyware scanners.
  4. Avoid downloading any dodgy software promising free level ups etc.
  5. Remember the phrase, "if it is too good to be true, it is"
  6. dont share account information, use a good password (like random numbers, uppercase and lowercase
  7. protect your recovery question on email and account either have an answer that isnt the correct answer to the question or add text/symbols to the answer that only you will know
5. Tips on Making Unbreakable Password
  1. Make sure your password is alphanumeric, which simply means it is a mixture of both numbers and letters such as "etL590h". Alpha-Numeric passwords are more difficult to guess. Hackers often use a password guessing method, called dictionary attack or brute force attack, which uses different words and word combinations and matches them with the password in an attempt to guess the password. Therefore, alphanumeric passwords are more secure and they increase the number of possible password combinations by millions - requiring more effort and time on the part of the hacker in order to guess it, whereas a non-alphanumeric password can be cracked in a few minutes.
  2. Never ever include your personal information in passwords. It is a serious mistake to do it. People often use their name, age, address, a family member name, DOB, etc. in their passwords, which makes password guessing incredibly easy. Especially, for a colleague or a friend, it becomes very easy to guess the password in a few attempts.
  3. Including symbols in a password increases security many folds. Symbols are special characters, accessed by holding down the Shift key and pressing one of the number keys (0-9) on the keyboard. There are many more characters, which, if used, can make an even stronger password. To access them, hold down the ALT key and press any combination of numbers on the Num pad (number keys at right hand side of the keyboard).
  4. Password length should be six characters, minimum. Passwords shorter in length are easily breakable. The longer the password, the harder it will be for a hacker or password breaking tool to guess it. If I choose a password, say "abc", it has maximum of 6 possible password combinations. If the password was "abc0987", now 6000 combinations are required in order to match the password.
  5. Create your password with a mixture of symbols, alphanumeric characters (include both lower and upper case letters) and numbers.
  6. it is a good idea to change your password every 30 days or so. This further enhances security for your data. Never write your password down, if you do need to write it down, make sure it is stored securely and not simply pinned to your monitor or the underside of your keyboard. Try to create a password that is easy for you to remember so that you don’t feel need to write it down somewhere.
6. Most people who are targeted to be copied are:"taken from miyu guide"
  1. - Well-known faction leaders
  2. - Well-known GE players
  3. - GE players with very good reputation
  4. - GE players with so many friends that he/she can be very trusted
  5. - CMs~! And other important people (e.g. fake CM Hrin)
  6. - etc..
for more info click this BEWARE of fake Mahoney and Filamented Fern Coincidence or not?

7. Credits
  • Many Thanks to Thunder for the guide about Anti Scam/Noob Guide
  • Many Thanks to skyangel_222 for the guide about anti Hack/ Scamming Guidehttp://forum.mmosite.com/topics/149/200808/02/342,1.htm
  • Many Thanks to Hikari for creating how to prevent scam
  • Many Thanks to Filamented Ferm For adding info and her post and her guide http://forum.iahgames.com/ge/showthread.php?t=64136
  • Many Thanks to Kelvinator for adding info
  • Many Thanks to Glaice for the reminder
  • Many Thanks to Reimaru for his opinion
  • Many Thanks to SimWorm for adding additional info
  • Many Thanks to Ginxo for adding additional info
  • Many Thanks to Alexandersson for adding additional info
  • Many Thanks to Sam for adding additional info about hacking
  • Many Thanks to FrozenFate for Giving additional info
  • Many Thanks to Thx for the Sanctuary Faction for helping me by giving their exprience
  • Many Thanks to Valinorian for proofreading my guide
  • Many Thanks to Lt Taulin for giving me info about How to prevent hacking
  • Many Thanks to Shalador for adding additional info on scam section list
  • Many Thanks to renn for adding additional info on scam section list
  • Many Thanks to Crystal Novalight for adding additional info on scam section list
  • Many Thanks to JuzJaz for helping me check the typos on the guide and adding personal info on scamming guide
  • Many Thanks to Merquise for helping me on this guide
  • Many Thanks to Ragnar for stikying the guide ^^
  • Many Thanks to Miyu for borrowing her guide [Guide] Scammers, EXPOSED!
  • Many Thanks to Bright Tech for all of his helpful info on preventing scam, hack and etc thx
  • Many Thanks to the reader who contribute info on making this guide good im very grateful ^^
Thanks to everyone who reads this guide!

Always Remember
  1. Patch operating system holes
  2. Update firewall and antivirus software
  3. Watch out for phishing emails
  4. Avoid auto programs or bots
  5. Change your passwords often
  6. Keep your account details secret
  7. Watch out for Scammers ingame never give your personal info "username & password"/Double check your trading
  8. Be Careful on the Impersonator ingame

No comments: