Deviant Login Shop  Join deviantART for FREE Take the Tour
×

:iconyuuza: More from Yuuza


More from deviantART



Details

Submitted on
March 11
Link
Thumb

Stats

Views
15,759
Favourites
234 (who?)
Comments
191
×

Artists beware! Thieves trying to steal passwords

Journal Entry: Tue Mar 11, 2014, 6:17 AM


Every once in a while i get someone trying to hack into my facebook or deviantart. Lately someone sent me a link to a fake tumblr log in screen trying to steal my tumblr password. that person is obsidianwingsofmidnight.tumblr.com
Yes, i am making this public so that people know what kind of person obsidianwingsofmidnight is and be aware of messages from him/her.
:new:this person claims they were hacked as well. That might or might not be true, either way i don't want to go hunting them down, just be careful of ANYONE sending you links, especially people you never talked to before.:new:

A note for every deviant out there.

HOW TO PROTECT YOURSELF FROM PASSWORD THIEVES:

1. Start out by having a very strong password. Having passwords that have numbers and symbols (*!@#$%) is a great way to start, but a sure way of having a strong password is just having a very long one. I saw an article where it said that nothing beats a long password, So it's better to have a long password with no symbols than a short one WITH symbols. Keep that in mind when making a password.

a very useful journal about how to create a strong password Trivial passwords are easy to violateWandering on DeviantART I noticed that the accounts of some deviants have been attacked recently and deactivated by hackers.
I'm not a great expert in the operation of dA, but for various reasons (including professional) I know that an account is potentially vulnerable if you use a  trivial password for access to it.
For example, with a Brute Force Attack, this password:
123654 is crackable in 0.1 seconds
and:
hthsrt is crackable in 5 hours
john2011 is crackable in 3 days
bluechibi is crackable in 6 days
jennifer123 is crackable in 417 years
This password:
P*2nhY90/j35 is crackable in 100 million years but it is very difficult to remember!
Is very important create an unbreakable password, but which you can remember easily, without needing to write it down somewhere.
You can, however, use a complete sentence that describes something that only we know and nobody will ever guess.
The sentence: I am the tenth king of Quotzland (nob

you can also check this awesome image that explains everything in one simple image

imgs.xkcd.com/comics/password_…

(i wish i knew how t embed images into a journal ;A;)

2. Have different password for every account and email. So if a hacker found out one password they don't have ALL your accounts. NEVER have the same password for your deviantart account and linked email. A hacker can't deactivate your account just by hacking into your deviantart account, they need email confirmation. Also if you get someone that hacked into your dA you can recover your account using your email and contacting the deviantART helpdesk.

3. On facebook, and gmail, use phone security codes. This way if an unauthorized device or browser tries to log in (weather they have your password or not) they have to verify their identity with a code sent to your phone. I assume they didn't steal your phone too so this way even if they somehow managed to steal your password they won't be able to access your account. Also when you log into facebook you will see a notification that someone tried to log in to your account, they will say their location and their device. Last time someone from Ireland tried to log into my Facebook with a samsung phone. I didn't recognize the device so i blocked it. This shit can happen people, so stay safe, activate this security setting on facebook now (if you have a phone of course)

4. When logging into your accounts (dA, tumblr, facbook) make sure you go to the log in page directly from your browser and not through a link! There are fake log in screens and people posting these links here and there. I get personal messages with these links. Password thieves send them in the hopes of you falling for the trick and trying to log into that kind of screen. That screen records your password and the thief has access to it.

HOW TO RECOGNIZE FAKE SCREENS!

they will always be look somewhere along the lines of

http :// facebook . evilwebsite . com /... ← Hosted on an evil website!

http :// facebook . sa / ... ← Another site with the same domain name, but a different top level identifier (.sa = Saudi Arabia)! This site may belong to a random person!

Anyone can make a website and then add a 'deviantart' page to it. That URL would look like

MyWebsite.com/deviatart

and at that specific page there could be a fake log in screen. But the page ultimately belongs to MyWebsite.com.
I am not a coputer geek so i can't explain this peoperly. But just be ware of any log in link.

There are fake log in screens that look almost exactly like the original but have a small change that is usually very unnoticeable suh as 'vv' for 'w' I for l or 1, O for 0, p for q etc. we don't notice them often, because we're not paying attention to them. also with typos e.g. devart (don't go there to check this out!)

When trying to log in, type into your browser deviantart.com and log in from there. Don't follow other people's log in links. Ever.

5. Watch out for your recovery questions for your email. Another way hackers steal accounts is by 'recovering' passwords. They go to your email and say they lost the password. then they go through all the security questions and get to reset your password in what they want. The things that they are asked for is your birthday first of all. But chances are you already displayed your birthday publicly on deviantart or facebook, so it will be super easy for this thief to get that information. the tricky part is at the security questions. The biggest mistake people make here is to put security questions that are easilly 'fished' out by thieves (i call them thieves and not hackers because they are NOT actually hackers, they most like know shit about computers)
So here's what thiefs do (especially here on dA) they make a "fun" journal with personal questions. Questions that are frequently asked as security questions. Such as: what is the name of your first pet, who is your favorite uncle, what is the name of your first middle school teacher and so on. My dear deviants, DO NOT answer to these personal questions. It might be tempting to reveal things about yourself but it's very dangerous especially if you have the same security questions with the same answers.

Be ware of these kind of information fishing journals! I mean they are literally all over dA, i'm sure many of you already answered many questions in these 'meme' journals. My advice is to stop doing these memes completely. Also, erase past journals where you answered personal questions about yourself.

<What to do
yahoo has a 'create a security question' option, use that. Come up with the craziest most personal question and write an even crazier answer. Somehting you KNOW you won't tell anybody. Somehting that can't be guessed. Don't make it 'who is your favorite Harry Potter character' the answer is in the question D: Try somehting along the lines 'who is behind me?' answer: 'blueberry pie'
be creative! You have 2 security questions, so 2 chances of giving this thief a hard time. If you make your answers unguessable, he'll have no chance stealing your password this way.

6. Sorry to state the obvious here but DON'T TELL ANYBODY YOUR PASSWORD. Do i even have to say this? Maybe a family member, yes, in a crisis, but never a stranger on the internet. Don't tell your password even to people who seem authoriuzed to know like helpdesk people from various sites. There are countless scams out there who pretend they are fro the helpdesk and ask for passwords. Usually the scam looks like this. You get an email saying something "awful" happened to your account, and you must urgently give them some random info + your password in order to fix it. OR the email has a link to a fake log in screen.
Sometimes they say you won something awesome, in the hopes that in the heat of the moment, the happiness will blind you and you won't pay attention to the url.
NEVER GIVE YOUR PASSWORD TO ANYONE NO MATTER WHO THEY CLAIM TO BE
that sounds simple enough doesn't it? :)

7. Never tell your home address or telephone to anyone. I know that's a little impossible when you buy things on the internet. And that's ok. Just don't post it in a journal, don't spread it around like it's nothing. That info is very importand when you have some harrassing you with access to your phone number, email address, home address, imagine the kind of spam and hate a single person can send you. this has never happened to me but i heard of many cases. My advice, don't give anyone your home number or address unless it's for buying things from a trusted site. Don't give it to friends you known for a little time, there are many stalkers on the internet and it's hard to make a difference between them when they hide behind a username. There is no real reason to give your address so why do it? Don't!


I hope you will read carefully and take my advice. I get these kind of alters on a regular basis. At first it was just on facebook and deviantart but now on tumblr too. Don't let these people win, be smarter than them.

There are very few people in the world who are real hackers, and can steal your password even if you take all these measures. but the good news is, they're not interested in you or me! they are interested in hacking banks and paypal and the 'big fish' so you don't have to worry about those. If you follow these pointers, you will be safe from the 99% of the pseudo-hackers who try cheap tricks.

/i did not check this journal for typos

Please fav this journal so that more people can read it

Features

Add a Comment:
 
:iconminakie:
Minakie Featured By Owner Aug 30, 2014  Hobbyist General Artist
"(i wish i knew how t embed images into a journal ;A; )"

Haha, I can help with that. The code to post an image is <img src="imageURL"> =P
Reply
:iconfrozenmaple:
FrozenMaple Featured By Owner Aug 25, 2014  Hobbyist General Artist
Is it safer to get a P.O box at the post office and have stuff you bought online sent there? Just wondering. Great advice BTW :3
Reply
:iconfrozenmaple:
FrozenMaple Featured By Owner Aug 25, 2014  Hobbyist General Artist
Somebody tried to hack my email. It wasn't me because I don't live in Istanbul Turkey...Anyway I closed down that email
Reply
:iconwildberriespounce:
WildberriesPounce Featured By Owner Aug 29, 2014  Hobbyist Photographer
 Oh wow. I live in a shell so xD
Reply
:iconwilhelmtheloniousf:
WilhelmTheloniousF Featured By Owner Jul 21, 2014
here's a link to a website that I use to test my passwords' strength

howsecureismypassword.net/
Reply
:iconanimedemon001:
Animedemon001 Featured By Owner May 24, 2014  Hobbyist Writer
My question is, why would someone even want to steal my password? Its not hooked up to a credit card or anything. So the'd only get like a dollars worth of points and some Photo 1 quality pictures. 
Reply
:iconeyolf-of-the-fighter:
Eyolf-of-The-Fighter Featured By Owner Apr 25, 2014  Hobbyist Artist
Good thing I kept forgetting mine, and me changing it.
Reply
:iconthelaserbeam:
TheLaserBeam Featured By Owner Mar 18, 2014  Hobbyist Digital Artist
Woah thanks for this info!
May I share this journal? I will give credit to you of course!
Or maybe just share the link to this journal like "more information here" or something.
Reply
:iconyuuza:
Yuuza Featured By Owner Mar 18, 2014  Professional Digital Artist
sure, go ahead :D
Reply
:iconthelaserbeam:
TheLaserBeam Featured By Owner Mar 18, 2014  Hobbyist Digital Artist
Thank you so much!!!
Reply
Add a Comment: