As many of you might have noticed, yersterday my account was hacked. I managed to recover it by contacting the support and changing the password, but it seems the hacker sent some of you messages containing a phishing link, in an attempt to get your accounts as well. So I am sending this note to try to prevent this to happen again.
The hacker works by making a website that looks similar to the marketplace. However, when you type your username and password, you will not log in, but send your log in information to the hacker. All he needs to do then is to change your password and e-mail to prevent you from getting it back. This is called ‘Phishing’.
(You can read more about it here: http://en.wikipedia.org/wiki/Phishing)
(image of the hacker’s version of the marketplace)
There is, however, a way to avoid all of this. First, SecondLife has a HTTPS protocol. Always check to see if there’s this green text before the link (see image below). The text might be different in other web browsers.
(HTTPS – screenshot taken with Google Chrome)
(You can read more about HTTPS here: http://en.wikipedia.org/wiki/HTTP_Secure)
Second, the link is always different from the real one. So, it’s another thing you should keep in mind.
(the real link to the log in screen)
Phishing is not only used on SecondLife, but also in popular websites like Twitter and Facebook. If possible, always check the website link and the security protocol. Avoid clicking suspect links and always keep your computer secure.
I apologize for any inconvenience I may have caused. My account is now working normally and we’re working as before.