____Suspicious Links leading to a website with Cookie Grabbers____
Make sure you also read these advices!
WARNING: Warning to all Vendors!
Lately there have been numerous of gaians being hacked each day because of clicking on one simple Link they receive through PMs or found in Threads. Theres a possibly a chance the PM you will receive will be from a user on your Friends list OR a regular (non-n00bish) avatar posting it in Forums.
These Links are disguised with either:
"Hey come vote for me in the Arena!"
"Help me bump this Thread! Youll win prizes!"
"Check out my thread " and so on.
Here are some Screen Shots (credit goes to BishoudoMaster ):

- Notice the high lighted red area? It says "ripaway" that is not Gaiaonline.com original site, this is clearly a fake!

- This is what the PM with the suspicious Link looks like. Hackers hack these people and use them as pawns to get their friends to click on the link. Be careful what you're doing, its best to Report these PMs and add the user to Ignore.
NEW INFORMATION
- Concerning Blackragon's case here's a screenshot of what his store used to look like with the embedded code on it (credit to wagnas/chaos butterfly)
The code used there is the same used on those phishing sites, it records the cookie and sends it to the server of the hacker (copy paste over the internet). The only difference is that this method (Cookie Grabbing) uses a script to launch that .php file, which in this case was that code that took advantage of the blackhole; that code loads an HTML image right?
_____________
The link they provide you with will take you to a look-alike-Gaia site. What you dont know is that the site itself has Cookie Grabbers and Keyloggers planted into it. Users who have been hacked had NOT put any of their information into the Login Bar, they simply exited out and next thing they know they've been logged out with password and emails changed. Once this hacker takes over your Account they change your Links in your Gaia Account (whether it be Signatures or Links in your profile) in order to get more unsuspecting victims. Not only will they do this, but they will not undress your Avi until they have sent the Links through PMs (the victims Friend List) or post it in Forums. Im guessing they keep the Avi dressed also because its their way that you wont think anything suspicious of the user (come on, if the user was undressed posting this everywhere wouldnt you be suspicious and report it right away?).
Those of you who claim there cant be any Cookie Grabbers/Keyloggers on that site, explain to me why these people have been hacked while they have not given out any information whatsoever. Whether it be Rich Gaians or Regulars to N00bs this is serious. Someone in my Quest Thread (with Devil Horns) had clicked on that Link and had been hacked, the hacker hasnt removed any of their Items at all it seems.
tl;dr version: Watch what the hell you click here on Gaia! There have been hackings just from being redirected to a website that looks like Gaia (with planted Cookie Grabbers in it).
● || Questions:_______
What are Cookies?: HTTP cookies, sometimes known as web cookies or just cookies, are parcels of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. HTTP cookies are used for authenticating, tracking, and maintaining specific information about users.
I did not put any information into that fake site, am I safe?: Even if you didnt type anything into the site, theres a chance you're still at risk. Follow the procedures I listed below on how to keep safe.
I received a PM like that from my friend! Is she trying to scam me? gonk Theres a chance she could've been the victim of hacking by clicking on the link. These hackers use accounts and send PMs through the users Friends List in order for it to spread. Just report the PM and add the user to Ignore.
● || Things you can do to keep safe:___
• Run your Anti Virus / Spyware programs to get rid of any files which contain " Cookie Grabber " or anything familiar.
• Delete your cookies from your browser, after doing so change your password quickly.
• Dont click on any suspicious looking links, especially tinyurl ones. If its a tinyurl, go to its website and type the address to the Tinyurl link previewer in order to see where that Link will take you.
• Before clicking anymore Links see where the URL goes, usually you can check its properties by right clicking on the Link itself.
● || Definitions (Coming Soon):_______
- Here you will find definitions to most hacking/spyware terms.
● || GUIDELINES:_______
- In this section you will find information on what to do's and do it yourself (DIY) guides if you are having one of the following problems:
How can I clear the cookies in my browser?
It's easy for most browsers like FireFox, Internet Explorer, Safari, Opera, AOL, Avant...etc. They have the clear cache button into their options or settings, if you're not familiar with your browser you should go to your browser's homepage and see their guidelines on their options menus.
There's a Trojan(s) in my PC, what do I do?!
• DO NOT PANIC, however act fast, quickly; first make sure you are in your Gaia account and change your password to something safe, make sure you note it on paper. I would recomend you to shut down or disable your internet connection to close any stablished connection between the hacker and you so he cannot longer sneak into your PC. Then run an antivirus scanner followed by a spyware scanner, you'll find some useful programs below keep reading please.
I think I have a keylogger in my PC, what now!?
- Again, stay calm and do things fast, a keylogger records all your keystrokes (every time you press a key) and sends it to the hacker. There are two solutions for this knowing the hacker will know every single thing you type or what you have on your cache.
1) If you own a second computer, quickly log into your account from there and change your password to something safe, write it down on paper for future reference.
2) Ask a friend or someone VERY trustable so they can change your password and note it back to you.
3) Make a quick scan with an antivirus /spyware removal so you get rid of the keylogger and then change your password
The third option would take quite some time though, I'd recomend the first two options better to keep your account safe as fast as possible and then running the scan to delete the keylogger.
I just pressed on a fake phishing site (Cookie Grabbers), what do I do?
- ok, FIRST do not, I repeat, DO NOT click anything, not even the back, home or any button on your browser, the cookie grabber only works if you click on the back button or any of the buttons on your browser, so if you find yourself in a fake Gaia site the best thing to do is to close your browser better to do it by clicking Alt+F4, then open your browser again and make sure you clear all cookies, this option mostly lies on each browser's settings. Remember that you should always change your password just in case. Better safe than sorry.
● || Suggested Downloads:_______
- If you do NOT have any good Anti Virus/Spyware programs (lolnorton) I suggest you download the following. They're free and update regularly:
Antivirus Software
• AVG Anti Virus (Recomended)
• NOD32 Standard Version (Recomended)
• Avast! Anti Virus Home Edition
• Avira Personal Edition
Spyware Removal Software
• Ad-Aware Spyware/Adware Removal (Recomended!)
• Trend Micro Anti-Spyware (Recomended!)
• Spyware Removal
• Web-Root Spy Sweeper Download
• Spyware Blaster
Firewall Software
• Sygate Personal Firewall (RECOMENDED!)
• Zone Alarm Firewall
• Lavasoft Personal Firewall
Monitoring Software
• WinPatrol Monitoring (Recomended!)
I apologize for my long post, I wish you all well and good luck! Keep safe!
Also: I advise that you spread the word so no more Hackings occur (or at least not often), this way more users are aware of whats going on here at Gaia.
- Love zenki, your friendly neighborhood hero heart
[

