Artists beware! Thieves trying to steal passwords

12 min read

Deviation Actions

Yuuza's avatar
By
Published:
24.9K Views


Every once in a while i get someone trying to hack into my facebook or deviantart. Lately someone sent me a link to a fake tumblr log in screen trying to steal my tumblr password. that person is obsidianwingsofmidnight.tumblr.com
Yes, i am making this public so that people know what kind of person obsidianwingsofmidnight is and be aware of messages from him/her.
:new:this person claims they were hacked as well. That might or might not be true, either way i don't want to go hunting them down, just be careful of ANYONE sending you links, especially people you never talked to before.:new:

A note for every deviant out there.

HOW TO PROTECT YOURSELF FROM PASSWORD THIEVES:

1. Start out by having a very strong password. Having passwords that have numbers and symbols (*!@#$%) is a great way to start, but a sure way of having a strong password is just having a very long one. I saw an article where it said that nothing beats a long password, So it's better to have a long password with no symbols than a short one WITH symbols. Keep that in mind when making a password.

a very useful journal about how to create a strong password Trivial passwords are easy to violateLast update: August 10, 2017 - Please, see at the bottom of the page.
This journal is dedicated to all those
who are not very familiar with the problems of security and privacy that we all encounter while surfing the Internet.

:bulletblue: Please do not copy this into your journal. You can use a link or enter this code
: thumb221866265 : (without the spaces).


Be careful! Spies are everywhere
You know, times are hard, today, with regard to the privacy and security online. We're getting spied on, more and more attacked by hackers, so the Internet appears as a veritable battlefield and without the right weapons you are likely to lose the war.
But, for our part, are we really sure to do everything we can to make less gory the enemies attacks?
Now, out of the warmongering metaphor, let's see first of all what are the types of attacks that hackers may implement against our data and

you can also check this awesome image that explains everything in one simple image

imgs.xkcd.com/comics/password_…

(i wish i knew how t embed images into a journal ;A;)

2. Have different password for every account and email. So if a hacker found out one password they don't have ALL your accounts. NEVER have the same password for your deviantart account and linked email. A hacker can't deactivate your account just by hacking into your deviantart account, they need email confirmation. Also if you get someone that hacked into your dA you can recover your account using your email and contacting the deviantART helpdesk.

3. On facebook, and gmail, use phone security codes. This way if an unauthorized device or browser tries to log in (weather they have your password or not) they have to verify their identity with a code sent to your phone. I assume they didn't steal your phone too so this way even if they somehow managed to steal your password they won't be able to access your account. Also when you log into facebook you will see a notification that someone tried to log in to your account, they will say their location and their device. Last time someone from Ireland tried to log into my Facebook with a samsung phone. I didn't recognize the device so i blocked it. This shit can happen people, so stay safe, activate this security setting on facebook now (if you have a phone of course)

4. When logging into your accounts (dA, tumblr, facbook) make sure you go to the log in page directly from your browser and not through a link! There are fake log in screens and people posting these links here and there. I get personal messages with these links. Password thieves send them in the hopes of you falling for the trick and trying to log into that kind of screen. That screen records your password and the thief has access to it.

HOW TO RECOGNIZE FAKE SCREENS!

they will always be look somewhere along the lines of

http :// facebook . evilwebsite . com /... ← Hosted on an evil website!

http :// facebook . sa / ... ← Another site with the same domain name, but a different top level identifier (.sa = Saudi Arabia)! This site may belong to a random person!

Anyone can make a website and then add a 'deviantart' page to it. That URL would look like

MyWebsite.com/deviatart

and at that specific page there could be a fake log in screen. But the page ultimately belongs to MyWebsite.com.
I am not a coputer geek so i can't explain this peoperly. But just be ware of any log in link.

There are fake log in screens that look almost exactly like the original but have a small change that is usually very unnoticeable suh as 'vv' for 'w' I for l or 1, O for 0, p for q etc. we don't notice them often, because we're not paying attention to them. also with typos e.g. devart (don't go there to check this out!)

When trying to log in, type into your browser deviantart.com and log in from there. Don't follow other people's log in links. Ever.

5. Watch out for your recovery questions for your email. Another way hackers steal accounts is by 'recovering' passwords. They go to your email and say they lost the password. then they go through all the security questions and get to reset your password in what they want. The things that they are asked for is your birthday first of all. But chances are you already displayed your birthday publicly on deviantart or facebook, so it will be super easy for this thief to get that information. the tricky part is at the security questions. The biggest mistake people make here is to put security questions that are easilly 'fished' out by thieves (i call them thieves and not hackers because they are NOT actually hackers, they most like know shit about computers)
So here's what thiefs do (especially here on dA) they make a "fun" journal with personal questions. Questions that are frequently asked as security questions. Such as: what is the name of your first pet, who is your favorite uncle, what is the name of your first middle school teacher and so on. My dear deviants, DO NOT answer to these personal questions. It might be tempting to reveal things about yourself but it's very dangerous especially if you have the same security questions with the same answers.

Be ware of these kind of information fishing journals! I mean they are literally all over dA, i'm sure many of you already answered many questions in these 'meme' journals. My advice is to stop doing these memes completely. Also, erase past journals where you answered personal questions about yourself.

<What to do
yahoo has a 'create a security question' option, use that. Come up with the craziest most personal question and write an even crazier answer. Somehting you KNOW you won't tell anybody. Somehting that can't be guessed. Don't make it 'who is your favorite Harry Potter character' the answer is in the question D: Try somehting along the lines 'who is behind me?' answer: 'blueberry pie'
be creative! You have 2 security questions, so 2 chances of giving this thief a hard time. If you make your answers unguessable, he'll have no chance stealing your password this way.

6. Sorry to state the obvious here but DON'T TELL ANYBODY YOUR PASSWORD. Do i even have to say this? Maybe a family member, yes, in a crisis, but never a stranger on the internet. Don't tell your password even to people who seem authoriuzed to know like helpdesk people from various sites. There are countless scams out there who pretend they are fro the helpdesk and ask for passwords. Usually the scam looks like this. You get an email saying something "awful" happened to your account, and you must urgently give them some random info + your password in order to fix it. OR the email has a link to a fake log in screen.
Sometimes they say you won something awesome, in the hopes that in the heat of the moment, the happiness will blind you and you won't pay attention to the url.
NEVER GIVE YOUR PASSWORD TO ANYONE NO MATTER WHO THEY CLAIM TO BE
that sounds simple enough doesn't it? :)

7. Never tell your home address or telephone to anyone. I know that's a little impossible when you buy things on the internet. And that's ok. Just don't post it in a journal, don't spread it around like it's nothing. That info is very importand when you have some harrassing you with access to your phone number, email address, home address, imagine the kind of spam and hate a single person can send you. this has never happened to me but i heard of many cases. My advice, don't give anyone your home number or address unless it's for buying things from a trusted site. Don't give it to friends you known for a little time, there are many stalkers on the internet and it's hard to make a difference between them when they hide behind a username. There is no real reason to give your address so why do it? Don't!


I hope you will read carefully and take my advice. I get these kind of alters on a regular basis. At first it was just on facebook and deviantart but now on tumblr too. Don't let these people win, be smarter than them.

There are very few people in the world who are real hackers, and can steal your password even if you take all these measures. but the good news is, they're not interested in you or me! they are interested in hacking banks and paypal and the 'big fish' so you don't have to worry about those. If you follow these pointers, you will be safe from the 99% of the pseudo-hackers who try cheap tricks.

/i did not check this journal for typos

Please fav this journal so that more people can read it

Features

© 2014 - 2024 Yuuza
Comments201
Join the community to add your comment. Already a deviant? Log In
MasterCP100's avatar

Becare all of you when dealing with hackers and etc.