Wednesday, May 5, 2010

Second Life Phishing Scam = Me Stupid

My excuse is that I was half asleep. Really! I got a "private message" through the SL Blogs and went to see what it was. The subject (of course) was "Did u remember me" and I didn't recognize the name. I did want to see the body of the message because it might be a customer or something but I was asked to login again. This gave me pause but apparently not enough pause because I did it. My reasoning at the time (the synapses were not synapting) was that it was Second Life. Of course if I'd been awake I would have noticed I was already logged in. Anyway I did it. My bad.

I then went into SL and saw a message in a group chat that there was a phishing scam. I went back to the private message and finally realized that the login form was embedded in the message itself. sigh

I've heard horror stories about changing your SL password and, since I obviously couldn't trust my own judgement at that point, I called the Concierge Help Line. She was very understanding (apparently this happens "all the time") and stayed with me while I changed my password and flagged my file just in case.

The good news is that I got to the password changed very shortly after I'd given them (the bastards) my information. However, I still made myself sit in the corner with the Dunce Cap as punishment.

I did try to ban the name on the private message but the account was already gone. I'm sure they have lots more. growl

Update: It was too easy. The engineers reset the accounts of those of us who were phished. Suddenly neither of the passwords worked (old or new). I had to phone again and reveal all my personal details and get a new one. Now there's some guy somewhere in Concierge Support who knows the shape and location of my tattoo.

No comments: