NagolGames
ᴍᴏᴅᴇʀᴀᴛᴏʀ / ʀᴇɢɪꜱᴛᴇʀᴇᴅ ɴᴜʀꜱᴇ
- Joined
- Jul 2, 2014
- Messages
- 1,794
- Reaction score
- 721
Account Security
Now before people begin commenting, “This thread already exists!” and things of that nature, this thread has been made to kind of just bring the idea/subject back up due to recent events that I have seen/ran into as a staff member.
Honorable Thread(s) by Col_StaR:
PSA: Your Account and You
PSA: Phishing and Compromised Accounts
Now before people begin commenting, “This thread already exists!” and things of that nature, this thread has been made to kind of just bring the idea/subject back up due to recent events that I have seen/ran into as a staff member.
Honorable Thread(s) by Col_StaR:
PSA: Your Account and You
PSA: Phishing and Compromised Accounts
Before you begin reading this thread, please keep in mind of the following:
MCGamer is NOT and CANNOT be held accountable for your account if it was hacked and/or stolen. You are responsible for your account(s) and if they are compromised, we are not held responsible for that.
If your account has been hacked, please keep in mind that that is NOT an excuse to get yourself unbanned.
MCGamer is NOT and CANNOT be held accountable for your account if it was hacked and/or stolen. You are responsible for your account(s) and if they are compromised, we are not held responsible for that.
If your account has been hacked, please keep in mind that that is NOT an excuse to get yourself unbanned.
The term “Account Security” is a very broad term in the lightest, however I will do my best to TL;DR (some) things so that you don’t have to read a novel. Eventually down the road, I may create longer and more in-depth responses, for those who are genuinely intrigued by this kind of stuff, and make them in spoilers so that they aren’t “clogging” up the thread.
For those of you who are wondering as to why a thread regarding this topic has been made again, it is because there has been an influx of “stolen account” cases popping up recently. Please keep in mind that MCGamer is not held responsible if you either lose access to your account or your account gets hijacked by an unauthorized user(s). However, that doesn’t mean that we can’t help you protect yourself against certain things that I will be getting into here in a second.
There are so many different ways that someone could gain access to your account(s). However, a majority of the time, it is by the most common way possible. That way is via a link. They are known as “phishing scams.” Chances are are that you have at least heard the term, “phishing” somewhere. Now, whether you know what it is/means, that is a different story. A phishing scam can be defined as:
They can be quite deceiving and complex, however, most of them are going to be blatantly obvious. Some of the “red flags” that I typically look for are:Phishing Scam(s):
“Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (e.g., passphrase, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.” (https://kb.iu.edu/d/arsf)
- Not the main language that you speak.
- Improper grammar
- Random shapes/characters
- Weird Subject name (If email)
- Sentence structure/content doesn’t make sense.
If you find one of these kinds of posts, please report the post immediately for “spambot” and/or link the post to a staff member and it will be handled ASAP. Also, I cannot stress this enough, DO NOT CLICK ON THOSE LINKS, they aren’t safe.
Phishers will do their best in trying to mislead you into thinking that they are safe and nothing will happen, so always be on the lookout. When it comes to links, only click on a link if you know exactly where it takes you or if you get it from someone that you trust. Col. StaR stated the common ways that they will try to snag your information. They are:
Common Phishing Tactics
Phishers will use compromised accounts to phish other people as well, regardless of the medium used. Teamspeak, Skype, Youtube, and other similar communication platforms all provide easy contact for phishers to reach out to other potential victims, thus perpetuating their attempts. If your friend suddenly sends you a link out of the blue and encourages you to view it, take heed: your friend's account may be compromised and you may be dealing with a phisher.
Common tactics for phishers:
Phishers depend on links and human error to compromise your accounts. It's your job to not be caught off guard.
- Change the characters of the URL (www.you1ube.com instead of www.youtube.com),
- Exploit text formatting to fake links (the text will say www.youtube.com, but it will link to another malicious site).
- Post links to log-in sites that look the same as a legitimate site, then logging the information you type in.
- Send you to a download link for a program masquerading as something else. Once the program is downloaded and unpacked, a malware is installed that will collect your sensitive information and send it to the phisher.
If you click on the link and your information has been snagged, change all of your passwords immediately starting with your email(s) because your email is the main hub for all of your accounts and they all route back to that/those email address(es) and then start changing all of your other passwords.
The biggest thing that I see happen here is that people get their Minecraft accounts hacked into and they lose access to them and then they ask the staff members what to do and for them to help them get their account back. Sadly, that is out of our powers and we cannot help you get your account back, however, we can point you in the right direction. You can go here: Mojang Support
Now, this section is for those of you who are unsure/have difficulty on creating a strong, secure password. Well, now is the time that you learn!
Having a secure password is vital, especially for your more important accounts and such. (Bank, Government things, etc) but they are also incredibly important in all places.
Follow this guide on how to create a strong password! This guide does a whole lot better explaining than I could.
TL;DR: If you come across something that you think is fishy and/or out of the ordinary, avoid it like the black plague and delete/block it. If you aren’t sure if something is a phishing scam/link or not, don’t trust it. Assume that it is. That is the safest route to take.
That wraps it up. If you have further questions, comments, or concerns, please do not hesitate to PM me here on the forums and I will gladly go further in-depth and such!
NagolGames