MSN Hack Attempt
09-01-2009
, 02:22 PM
Somebody I've talked to online a few times over the last 8 months or so just tried to hack my MSN. I'm very flattered and thought I'd show how it's done for informational purposes.
Also he might be in contact with some of you out there, and might be trying the same thing with a lot of different people just hoping he gets a bite or two, so heads up.
It's not very subtle. They make themselves familiar so you won't be suspicious of them, then one day they send you something like this:
LOL !??!?! OMG!!!
It's a bad idea to even click on the link. I was curious though, so I booted up a different computer running a different platform, and the link lead to this:
Yeah, not very subtle. A non-Microsoft owned site asking for my MSN login information. The parts of the original links that were "?user=*******&img=" etc are fields that he probably uses to categorize which people are inputing which information, which is why I say he's probably trying this on a lot of different people.
What can happen if you fall for this:
If this e-mail is associated with any of your poker accounts, he can go through the support systems for all of those poker sites using your e-mail address, and have your passwords reset, giving him full access to your poker accounts.
If you have a reputation in online poker as a player or as a trader, he can abuse that reputation to try to have people on your MSN list send money to accounts that he controls (stealing money from your contacts).
How to avoid this:
Don't click on links in any instant messenger. Ever. Some people you think you can trust would probably be willing to abuse that trust if they think there's a chance they could chipdump 50 grand to themselves. If you are going to, do it from a separate computer, or if it's a domain you know you can trust, copy-paste the link instead of clicking it. Using features of IM software, people can disguise one link as another, kind of like this:
http://www.yahoo.com
And if you currently have an e-mail address associated with both a messenger and your poker accounts, you should probably fix that right now. Have a separate e-mail associated with your poker accounts and don't give it away freely. If hackers don't even know what the e-mail address is, it's basically like you have two passwords instead of one.
Also he might be in contact with some of you out there, and might be trying the same thing with a lot of different people just hoping he gets a bite or two, so heads up.
It's not very subtle. They make themselves familiar so you won't be suspicious of them, then one day they send you something like this:
LOL !??!?! OMG!!!
It's a bad idea to even click on the link. I was curious though, so I booted up a different computer running a different platform, and the link lead to this:
Yeah, not very subtle. A non-Microsoft owned site asking for my MSN login information. The parts of the original links that were "?user=*******&img=" etc are fields that he probably uses to categorize which people are inputing which information, which is why I say he's probably trying this on a lot of different people.
What can happen if you fall for this:
If this e-mail is associated with any of your poker accounts, he can go through the support systems for all of those poker sites using your e-mail address, and have your passwords reset, giving him full access to your poker accounts.
If you have a reputation in online poker as a player or as a trader, he can abuse that reputation to try to have people on your MSN list send money to accounts that he controls (stealing money from your contacts).
How to avoid this:
Don't click on links in any instant messenger. Ever. Some people you think you can trust would probably be willing to abuse that trust if they think there's a chance they could chipdump 50 grand to themselves. If you are going to, do it from a separate computer, or if it's a domain you know you can trust, copy-paste the link instead of clicking it. Using features of IM software, people can disguise one link as another, kind of like this:
http://www.yahoo.com
And if you currently have an e-mail address associated with both a messenger and your poker accounts, you should probably fix that right now. Have a separate e-mail associated with your poker accounts and don't give it away freely. If hackers don't even know what the e-mail address is, it's basically like you have two passwords instead of one.
