1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Greetings Guest!!

    In order to combat SPAM on the forums, all users are required to have a minimum of 2 posts before they can submit links in any post or thread.

    Dismiss Notice
  3. Greetings Guest, Having Login Issues? Check this thread!
    Dismiss Notice
  4. Hail Guest!,
    Please take a moment to read this post reminding you all of the importance of Account Security.
    Dismiss Notice

Scam and Hacking Prevention Guide

Discussion in 'UO Oceania Trade' started by Guest, Oct 1, 2006.

Thread Status:
Not open for further replies.
  1. Guest

    Guest Guest

    Last updated: 9-28-06

    <center>Helpful Hints to Help Keep Your Accounts and Computer Secure</center>
    [*] Always use different passwords for forums, paypal, ebay, uo and email.

    [*]Never use passwords that have anything to do with you or your life, such as the names of family members, pets, birthdates 'etc.

    [*]Never give your passwords out. Even if you trust someone 110%, your password is only protected as much as their computer is. Even if they are completely trustworthy, it doesn't mean that their computer is secure and you can get hacked that way too.

    [*]Make passwords alphanumeric and upper/lowercase. Do not use common words. The best passwords are 16 characters long, can not be found in a dictionary, and contain lowercase and uppercase letters and at least one number.

    [*]Never store your password information on your computer. If you are worried about forgetting it, store it on a piece of paper and keep it in a very secure place. Never put your account information near your computer or in plain sight such as on the wall, on the desk etc - especially if you use a webcam.

    Helpful Password Resources:
    <ul>[*]Microsoft Password Checker
    [*]Password Information by GeodSoft[/list][/list]

    [*]Third-Party Programs, Websites and Files
    <ul>[*]Never download any third-party programs or accept files unless you absolutely, 100% trust the source, especially for UO. This is just asking for someone to hack your UO account or worse. If someone sends you a link, again don't click it unless you trust the source as it can contain harmful items or drive-by downloads.[/list]

    [*]Install and Maintain Anti-Virus Software.
    <ul>[*]Make sure you have good anti-virus software installed. Here is a list of several free/free-trial anti-virus software:
    <ul>[*]Zone Alarm Anti-Virus
    [*]AVG's Anti-Virus Software
    [*]Alwil's Avast! Anti-Virus
    [*]Avira's AntiVir Classic
    [*]Clam's AV
    [*]McAfee's Anti-Virus
    [*]Norton's Anti-Virus - NOT Free, but a <u>very</u> good anti-virus [/list]

    [*]Check for updates regularly. The software will do nothing if you don't have the latest list of bad stuff to look for. Try to get in a habit of checking for updates at least weekly, if not more often.
    [*]Remember to password block your anti-virus software settings to prevent anyone from changing your protection levels.[/list]

    [*]Regularly Remove Spyware from your Computer
    <ul>[*]If you or any other users of your computer regularly surf the internet or download shareware software, chances are you are going to get your fair share of what is called spyware. Spyware is a general term applied to software applications that essentially gather information about your actions and report them back to the company. It is not only an invasion of your privacy, but the running applications can increase lag on your computer and as such, it may effect how smoothly UO runs for you.
    [*]Here are several free spyware programs:
    <ul>[*]Spybot - S&amp;D
    [*]Ewido Software
    [*]Lavasoft's Ad-Aware
    [*]Spyware Nuker
    [*]Moosoft's The Cleaner
    [*]McAfee's Anti-Virus
    [*]Norton's Anti-Virus - NOT Free, but a <u>very</u> good anti-virus[/list]
    [*]Make sure the programs you install don't contain adware. Many freeware programs do include adware. It's how the publishers make their money. If you're not sure, read the license agreement carefully (these are usually shown directly or through links as part of the installation process). Also, check the publisher's Web site very carefully. If you're still not sure, search Google Groups for the name of the program and the keywords adware or spyware. If you don't find any postings about it, then you're probably OK.
    [*]Install a pop-up blocker to prevent adware and spyware pop-up windows. Much spyware installs after you click a deceptive link in a pop-up browser window. Install a pop-up blocker, and you won't even be tempted to click those links. My two favorite pop-up blockers are completely free. The first is the new MSN Toolbar. The second is the Google Toolbar. Pop-up windows are annoying time wasters anyway, so you'll thank yourself later.[/list]

    [*]Install and Maintain a Firewall.
    <ul>[*]A firewall helps protect your computer by preventing unauthorized communication to and from your computer while you are connected to the internet. "Port-scanning" is very common and most don't realise that they are even being scanned for weakness or openings in your defense. Here is a list of several free/free-trial firewalls available:
    <ul>[*] Zone Alarm
    [*]Agnitum's Outpost Firewall
    [*]Jetico's Personal Firewall
    [*]Sunbelt's Kerio Firewall
    [*]Lock 'n' Stop's Firewall
    [*]Primedius Firewall Lite
    [*]If you are using Windows XP, there is sometimes a very basic firewall included - but it's not enabled by default. I would <u>strongly</u> recommend a second one as well for added security since Win doesn't check outgoing traffic from your PC.

    To activate the firewall in Windows XP:
    <ul>[*]- Go to "Start"
    [*]- Go to "Settings", then "Network connections"
    [*]- Select your Internet connection
    [*]- Click on "Properties"
    [*]- Click on "Advanced"
    [*]- Check the box in the "Internet Connection Firewall" section[/list][/list]
    [*]Helpful Links:
    <ul>[*]Firewall Comparisons[/list][/list]

    [*]never ever except files from anyone. Offer Several sites to upload pics. "Print Screen" button, open up paint in win, "Ctrl-V" keys to paste the image.

    [*]Do <u>not</u> ignore Operating Systems updates.
    <ul>[*] Everyday unsavory people are looking for loopholes and get access to your computer. The operating system is a critical part of your computer and is the base of operations for the software on your computer. Do not wait for media reports on updates, often times these are delayed. It's wise to check weekly, preferably daily, for updates on the operating system's website for critical security updates.
    Helpful Links:<ul>[*]Microsoft Windows Update Site
    [*]Mozilla Security Updates[/list][/list]

    [*]Protecting your email.

    <ul>[*]Some viruses can infect your system without you clicking on attachments by executing in the message preview window. Many viruses can cause your sensitive information and documents to be transmitted to millions of people. While the preview window is a handy feature, it's safest to turn it off.
    <ul>[*]To turn off the preview window in Outlook Express:
    <ul>[*] -Select "View" on the Menu Bar
    [*]- Select "Layout"
    [*]- Uncheck "Show Preview Pane"
    [*]To turn off the preview window in Outlook:
    <ul>[*]- Select "View" on the Menu Bar
    [*]- Select "Preview Pane" if it's not already greyed out
    [*]- You may need to repeat this for each top level mail folder[/list][/list]

    [*]It is always a good idea to have several emails and preferably a special one you use just for your UO accounts. Remember someone having your email address is the first step they need to getting access to it. If they don't know the email address, they can't attempt to crack your password.

    [*]Check your email regularly. Some free email services will, without warning, close your email account if it goes inactive for a long period of time. Guess what happens after it is closed. That's right, the name can go back into the choice pool for someone else to choose when they register.

    [*]Always use all false info when registering a free email such as name, birthdate, etc. Any secret questions used for password retrieval.. never put real-life info in them. All it takes is someone getting to know you and asking you where you were born in small talk to get a shot at your secret answer. Make sure your answers are complicated, several words long and nothing to do with the real answer. Find a safe place not on your computer to save this info if you ever need it.

    Helpful Email Resources:<ul>[*]Tips to Help Protect your from Spam.[/list][/list]


    <center>Safety Tips for Conducting In-Game Business</center>

    <ul>[*] First and foremost. If someone offers you a trade, gold or $ that is too good to be true.. most likely it is. Scammers will often prey on the greed of their victims in hopes of lulling them into a uncautious state with the desire to make such a good deal.

    [*]Always Check the Window Contents = No matter how many times the trade window is opened and closed. Do it every single time. Don't feel rushed. If the other party is trying to get you to hurry when you are checking it, don't. Often times scammers will try to pressure you to just click and seal the transaction.

    Always ask them to open backpacks to make sure the right items are inside. When possible ask them to take items out of the bag.

    Always check items by clicking them and paying attention to the title. There are many rares and such in the came that look similar to common items. Even if you checked it the first time, if the window is closed and you have to reopen it.. check it #2 as well.

    Always check the 0's. This can be tricky as they tend the 0's can blend together, especially if you have a lot to look through. If it is a deal for multiple items, try to break the deal down into smaller transactions if you have a hard time with the 0's.

    [*] Never remove any clothing, wearables, weapons, spellbooks, etc after a trade until you check your item count. Usually you can do this by single clicking on your backpack and seeing how many items you are carrying. The items in your paperdoll, often do *not* apply to your item count. So if you have 125 items in your bag and you take something off, guess what.. it can fall to the ground. It is a common tactic of scammers to attempt this by offering you something to 'try on', asking if they can see something in the trade window from your paperdoll, or asking you to put something on your character so they can see it and thus removing something else to do so. These is usually attempted after a trade, asking you to hold something for them, etc... so please be careful.[/list]

    <center>Safety Tips for eBay Sellers</center>

    These tips will *not* prevent you from getting a reversal, but they will help reduce the chance of it happening to you.

    <ul>[*]You should sure the paypal includes full transaction details, especially on new buyers. Such as ebay details, ICQ#, phone number and character name. If something goes wrong in the future, it makes looking up the information on the individual very easy. Also this helps prevent third party payments for scammers.

    [*]Make sure Paypal User is Verified with a confirmed address. Sometimes the confirmed address feature is unavailable for some international paypal users. While it is seller's choice, it is safest to not accept payments from those outside your country as it makes tracking them and prosecuting harder should something go wrong.

    [*]Phone numbers. Make sure you get one, especially with new buyers. Scammers aren't going to like that and will often try to give you excuses. Call them and confirm that they are who they say they are and what it is they are purchasing from you. Take the area code and look it up to see if it matches the same city/state as their confirmed home address on the paypal payment.
    http://www.fonefinder.net/ - will give you city/state as well as if it is a land line, cell, etc
    You can also call 411 or use www.411.com and give them the address and last name and ask for a search to see if they have a listed phonenumber. Unlisted numbers won't be listed. If it isn't listed, than take the number they gave you with the payment and do a reverse search and see if you can get information to help you. http://www.411.com/10668/reverse_phone

    [*]The safest way to use paypal is without accepting credit cards. This means having a personal account instead of a business account. Credit cards are the source of the majority of scams and reversal in virtual incidents. If someone tries to send you a cc payment it will prompt you to upgrade. You can at that time refuse it and inform the buyer that they must pay using an instant payment method. If you sell items on ebay, this unfortunately is not an option:

    From eBay.com

    Sellers who offer PayPal as a payment option on eBay (either using logos or text in the item description) must accept all forms of PayPal payment including account balance, bank account transfer, and credit cards. Sellers must have a Premier or Business PayPal Account or be willing to upgrade from a Personal PayPal Account to a Premier or Business Account if sellers receive a credit card payment. Sellers may not communicate to buyers that they accept, or will not accept, specific forms of PayPal payment.

    [/ QUOTE ]

    [*] eBay Feedback. If the transaction is through ebay, check the feedback. While negative feedback, doesn't mean they are a scammer.. it can alert you to any recent issues regarding their latest buys. If a comment concerns you, ask the buyer about it. Often times buyers are happy to explain the circumstances and glad to be given the chance to prove their reliability. If something seems fishy about a potential bidder, contact the other party and ask for their reason for being unhappy about their transaction with them if the reason given on the feedback isn't clear enough.

    [*]Mass eBay Purchases - If an ebay user has been inactive for awhile and suddenly gone on a mass spending spree - especially high-end items across multiple shards, it could be a definite sign of a hacked paypal account. Also if the user and brand new with mass purchases/bids, it could be fishy. In such cases I would ask them to send another form of payment other than paypal.


    Remember you can always add a disclaimer to all ebay listings explaining your selling requirements such as providing a valid phone number or having X number of feedbacks.


    <center>Spoofed Emails and Websites</center>

    Spoofing, also known as phishing(pronounced "fishing"), is a type of deception that attempts to steal your valuable information such as account passwords, credit card numbers, etc. Most commonly this is done via email that attempts to get you to visit a website that resembles the official one. Spoofed emails will play on your insecurities, fears and greed. They will often use certain key phrases or information to coax you into visiting their website. Here are some ways to help identify spoofed emails and keep your information secure.

    <ul>[*] If they ask you to verify your account. Businesses should never ask for your account password via email - this includes UO, Paypal and eBay. If anyone ever asks you to send your account info or visit their website and log in to your account. DO NOT USE THE LINK. Open a new browser and hand-type the url in or call them directly to inquire to the status of your account.

    <ul>[*]Ultima Online Payment and Billing
    Inside the United States dial: 1-866-543-5435
    Outside the United States dial: 1-650-628-4306
    Hours of operation are Monday – Friday 8:00am to 5:00pm PST

    Note: The numbers above are for payment, billing, and general account updates only. All other questions should be addressed on the EA Customer Support Website

    [*]Paypal Contact Information
    General PayPal account inquiries 1-888-221-1161.
    Available from 4:00 AM PDT to 10:00 PM PDT every day.

    Paypal takes spoofed emails about Paypal very seriously. If you beleive you have recieved one, you can forward it to [email protected]

    [*]eBay Contact Information
    For Questions, use the eBay Contact Information Online System.

    eBay also takes spoofing seriously. For more information visit their Recognizing Spoofed Websites and Emails[/list]

    [*]Remember: The "From" field of an email can easily be altered—it is not a reliable indicator of the true origin of the email. Many spoofed emails will look very legit and real, do not let them fool you. View the full header on the email to check its original source.

    [*]Many spoofed emails will be addressed in a generic manner such as "Dear Valued Customer" or "Welcome ___ User". Most businesses when it is something as important that requires you to log in will address you by your first name.

    [*]Spoofed emails will try to cause fear in you and a sense of urgency such as your account is in jeopardy, password has been changed, etc. If you are worried, visit via your own link the company's website or contact them directly and ask. Do not use any of the links in the email to find out as they might redirect you to a scammer's website.

    [*]Checking Links. You should never use an email's links, however for knowledge purposes here is an easy way to help tell they are not legit. Please remember that should the email pass this test... this does not mean the email is real, always use your own urls in a new browser window to be absolutely safe. With technology being as advanced as it is and scammers always trying to find a way around safe guards even this might not be safe.

    To check the link, do a mouse over without clicking and look at the destination in your browser window (usually at the bottom) or in your email status bar. Keep in mind fake websites may contain key words but the very first part of the address is the most important. Look for the original domain of the company such as www.paypal.com in the beginning of the url.

    [*]Some identification tips on spoofed websites. You should never follow an emailed link!For education purposes though... Do not rely on the url in the browser window, that can be faked. Often times, there will not be a small lock indicating the screen is a secure website. Also if you click the properties of the graphics, many times they will not be uploaded on the real domain's servers and thus providing another clue.


    <center>Definitions of Useful Terms</center>

    <ul>[*]Adware - software that displays advertisements on your computer. These are ads that inexplicably pop up on your display screen, even if you're not browsing the Internet. Some companies provide "free" software in exchange for advertising on your display. It's how they make their money.

    [*]Anti-Virus Software - Protects your computer from viruses that can destroy your data, slow your computer's performance, cause a crash, or allow spammers to send email through your account.

    [*]AV - See Anti-Virus Software.

    [*]Cookie - A small data file that is stored on a user's local computer for record-keeping purposes and which contains information about the user that is pertinent to a Web site, such as user preferences.

    [*]Denial-of-Service (DoS) - An attempt by a malicious (or unwitting) user, process, or system to prevent legitimate users from accessing a resource (usually a network service) by exploiting a weakness or design limitation in an information system. Examples of DoS attacks include flooding network connections, filling disk storage, disabling ports, or removing power.

    [*]Drive-by Download - Software that installs on your computer without your knowledge when you visit certain websites.

    [*]Filter - Software that screens information on the Internet and allows the user to block certain kinds of content such as adult sites or pop-ups.

    [*]Firewall - hardware or software that prevents hackers from using your computer to send out your personal information without your permission.

    [*]Hacker - someone who exploits security holes in technology for any purpose.

    [*]Identity Theft - when an unscrupulous person uses your personal information to successfully impersonate you online, by mail, over the telephone, or in person.

    [*]Keystroke Logger - A device or program that records each keystroke typed on a particular computer.

    [*]Phishing - (pronounced 'fishing')when Internet fraudsters send emails or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Alternate name for Spoofing.

    [*]Spoofing - when Internet fraudsters send emails or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Alternate name for Phishing (pronounced 'fishing').

    [*]Spyware - software that sends your personal information to a third party without your permission or knowledge. This can include information about Web sites you visit or something more sensitive like your user name and password. Unscrupulous companies often use this data to send you unsolicited targeted advertisements.

    [*]Virus - Code written with the express intention of replicating itself. A virus attempts to spread from computer to computer by attaching itself to a host program. It may damage hardware, software, or data.

    [*]Worm - Self-propagating malicious code that can automatically distribute itself from one computer to another through network connections. A worm can take harmful action, such as consuming network or local system resources, possibly causing a denial of service attack. [/list]
Thread Status:
Not open for further replies.