Welcome to Gaia! ::

Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

Crystal's Hack Prevention Guide

Have you ever worried that you might get hacked? Have you actually been hacked before? Wondering what you can do to prevent being hacked? I'll answer those questions and more in this thread! I'll teach you how to spot a hacking or phishing attempt a mile away! wink This thread utilizes the spoiler tags, so if you see a spoiler button, then click it to see more information!

Just click the question that best fits your situation and you will be taken to a post answering the question. It is as easy as that!

User Image - Blocked by "Display Image" Settings. Click to show.

Important Tip:
If you do accidentally give out your password, try and change your password right away!
If you wait too long, the hacker will change your password and you won't be able to sign back into your account.

[Report abuse or harassment] | [Report a hacking] | [Report a scamming]
[How to spot staff impersonation] | [How to stay safe on Gaia]

Where passwords are required:
Only in the following places will you be required to enter your password:

Buying a trading pass
Creating/confirming/canceling a trade
Listing an item for sale in the marketplace
Buying an item off the marketplace
Listing/buying an outfit in the outfit marketplace
Logging into Gaia
Confirming a change of username, password, or e-mail in your account settings
Donating gold to a guild
Sending a gift to a user
Signing the NDA when applying to become a moderator.

When doing any of the above, check to make sure the link always begins with:

Questions, suggestions and tips would be lovely. Don't forget to <3 this thread as well!
If you see anything I missed, please let me know by quoting me.
You may quote me by adding the following to your reply:

[quote="Crystal Sparda"][/quote]

Do you want to add a banner for my guide to your signature?
Just copy and paste one of the following codes into the box on your signature page!

High resolution banner:


The banner will look like this:
User Image - Blocked by "Display Image" Settings. Click to show.
Image file size is 22,107 bytes and image resolution is 235px × 45px
Please, do not exceed Gaia's signature maximum size of 100,000 bytes and 500px × 500px.

Low resolution banner:

The banner will look like this:
User Image - Blocked by "Display Image" Settings. Click to show.
Image file size is 10,872 bytes and image resolution is 235px × 45px
Please, do not exceed Gaia's signature maximum size of 100,000 bytes and 500px × 500px.

88x31 banner:

The banner will look like this:
User Image - Blocked by "Display Image" Settings. Click to show.
Image file size is 5,119 bytes and image resolution is 88px × 31px
Please, do not exceed Gaia's signature maximum size of 100,000 bytes and 500px × 500px.

200x40 banner:

The banner will look like this:
User Image - Blocked by "Display Image" Settings. Click to show.
Image file size is 13,116 bytes and image resolution is 200px × 40px
Please, do not exceed Gaia's signature maximum size of 100,000 bytes and 500px × 500px.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

What is the best way to prevent being hacked?

Strong Passwords
            xxxxxxxIf you cannot use the IP verification feature due to your modem refreshing your IP often, the next best thing to do is make sure your password is very strong. Follow most or all of these suggestions to ensure your password is as strong as you can make it.
                • Make your password at least 8 characters long. The longer, the stronger. wink
                • Make sure it includes uppercase and lowercase letters, as well as numbers.
                • If you can remember it, make it jumbled up letters and numbers (EX. Hc7Wk63vrO).
                • Change your password often.
                • Do not use the same password for all your internet accounts.
                • Do not make it easy-to-guess dictionary words.

            xxxxxxxWant some prime examples of what not to make your password? Check out Gizmodo's 25 most popular passwords of 2013.

IP Verification
            xxxxxxxThe best way to prevent being hacked is by using the newest account protection feature. It is called "IP Verification". Enabling it will make it so that if someone tries to log in to your account (from an unverified location), it will not log them into that account. A private message that looks like this will then be sent to you, along with an e-mail to your e-mail account listed in your account settings. The email address Gaia uses for this verification e-mail is verify@gaiaonline.com. The e-mail will then contain this message:

            Gaia Online
            Gaia Online

            Hello ███████!

            This email is being sent to you because an attempt was made to sign in to your Gaia account from an unfamiliar location (IP address). Using different IP addresses is common for many members, but it can sometimes indicate malicious activity is occurring on an account.

            The IP address that attempted to login was: ██.██.███.███.

            If you are trying to access Gaia from a new location, or from a computer you haven’t used for awhile, please click on the link below to verify that you are the true owner of the account. As always, if you weren’t expecting this email – because you’re not trying to access the account – you don’t need to click the link. As a general internet rule, never click on links in emails unless you’re expecting the email. We do recommend though that you change your password just to be safe the next time you access your account. The link below will expire upon use or 30-minutes after it’s sent, whichever occurs first.

            To confirm that you are the owner of this account and that you wish to be able to login to Gaia , please click the following validation link:

            Have a safe and fun time on Gaia!
            The Gaia Online Administrative Team

            Privacy Policy:

            Terms of Service:
            Gaia Online and all images associated with GAIA Online are (C) Copyright 2003 - 2011 Gaia Interactive, Inc. All Rights Reserved
            Gaia Online P.O. Box 612680 San Jose, CA 95161-2680

            No one will be able to log into your account from the unverified IP address until you accept it by clicking the link in the e-mail.
            To enable this feature, go to your account settings page and scroll down to the very bottom. On the right side, there will be options that look like this:
            User Image

            Make sure the IP Verification option is checked, just like in the image and save your changes. After doing so, you will need to check your e-mail that is attached to your Gaia account. Gaia should send you an e-mail saying that you need to verify that you activated the feature. Click the link in that e-mail and your settings will be saved on your Gaia account.

Google Authentication
            xxxxxxxThe latest secondary authentication feature is one that is handy if you have an iPod, iPhone, iPad, Android, or Blackberry device. Once enabled, you will need to provide a secondary authorization token in order to login. The required authorization token will be provided by the Google Authenticator app. Google Authenticator is available for iOS, Android, and Blackberry. Please be sure to visit this page to see the instructions on how to enable and use the authentication application for your Gaia account.

            xxxxxxxIf for some uncontrolled reason you lose the Google Authenticator application from your device, you may file a ticket to get a Gaia staff member to fix it for you. When filing your ticket, make sure that the ticket is filed like this:
            Subject: General Account Inquiry
            Topics: Password Issues
            Sub Topics: Reset Password

            Be sure to explain in the details box that the Google Authenticator was removed from your device and that you need to have your settings reset to allow you to access the account again. The staff member who works on your ticket will more than likely ask for some sort of verification that the account is yours, so be prepared to give specific details regarding your account in order to get it back. 3nodding
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

Help! I've been hacked! What should I do?

Submit a hack report

            xxxxxxxYou need to fill out a hack report. Here are the guidelines for submitting a hack report (also found in the link I provided):
              • All reports must be filed within 30 days of the incident having occurred. Reports about incidents which occurred more than 30 days prior to the report being filed will be closed.
              • All reports must be filed by the owner of the compromised account. Do not file a report on behalf of another member of Gaia Online as the requested information needs to be provided by the account owner. If you have a friend or family member that has been hacked and cannot access his or her account, please tell that individual to make a new Gaia account and report the hacking from his or her new account.
              • Please provide accurate and detailed responses to the questions in the report. Read each section carefully before responding, and do not leave any of the question response fields blank or your report will not be submitted. You will receive a confirmation number if your report has been submitted correctly. Please enter as much information as you can. Responses such as "idk" can make it difficult for us to investigate properly and may delay the resolution of your report.
              • The information you provide in this report must, to the best of your knowledge, be truthful. This includes being honest about what the cause of your hacking situation may have been. Making false reports is a violation of the Terms of Service of Gaia Online and carries penalties up to and including an account ban.
              • Do not file multiple reports about the same incident.

I filed a hack report. Now what do I do?

            xxxxxxxMake sure you save the code they give you after you send the report. There isn't much you can do except wait. There are still people ahead of you who haven't been taken care of so it takes some time to get to your report. If after a month of waiting you haven't gotten a reply, you may PM a moderator to ask about the current status of your report (be sure to include the code that you received after submitting your report). If you don't remember or lost your form, be sure to let a mod know and ask if you can get it again. Just be patient and a moderator will get to your case eventually.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

A pop-up is asking me for my password! Should I give it?

Odds are, the pop-up looks basically like this:
User Image

            xxxxxxxTo answer the question, no, NEVER enter your username or password into strange pop-ups. This here is called "password phishing". It is commonly found in forums, signatures, and comments on profiles. NEVER, under any circumstance, will Gaia create a pop-up requesting your username and password. The best thing to do when you find one of these pop-ups is to report it. If the pop-up is found in a forum thread, you will want to find the User Image button, and file the report as Password Phishing and explain what page you found the pop-up on. Reporting the thread will NOT get the thread owner banned (unless they are the ones posting the code that causes the pop-up to appear).

            xxxxxxxIf the pop-up is found in a profile, you can follow these steps to find the hidden code and report the user who posted it.
                  1. Go to the profile and before canceling out of the phishing pop-up, copy the link in the pop-up (The part I have blurred in my example up top)
                  2. Cancel out of the pop-up then press Ctrl + U ( this will bring up the "page source" )
                  3. Press Ctrl + F (opens a search box) and paste the link from the pop-up into the box
                  4. That will take you directly to the place where the code is hidden. Look before the highlighted link and you will see a username. That will be the user who posted the code
                  5. Go back to the profile and click the report link associated with the comment and file it under password phishing
                  6. A moderator will get to the report soon enough, so don't report it more than once, otherwise you might get warned for abusing the report system.


                  1. Go to the profile and cancel out of the phishing pop-up.
                  2. Click the "View All Comments" link in the comments section. Once again, close out of the phishing pop-up.
                  3. If it is your comments section, click the [view safe comments] link. If it is someone else's comments section, add &safe=1 to the end of the link and press your return/enter key.
                  4. Look for coding that looks suspicious. The usual phishing codes use the [color=white] or [img] codes in an attempt to hide the bad code.
                  5. Once you find the comment with the phishing code, click the Report link at the top right corner of the comment and report it for password phishing.

            xxxxxxxA misconception about the pop-up is that if it is on someone's profile, or appears on someone's thread, it is the owner's fault. That is almost NEVER the case. It is usually someone trying to take advantage of a featured profile, or a very common thread, by posting a code so that more people will fall for it. The more visitors to a profile or thread, the higher the chance is that people will fall for the scam and give up their information.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

A mod/admin sent me a PM telling me I need to be investigated!

If you get a PM like this, User Image

                        FAKE ADMIN MESSAGE
                        Official Admin private message

                        ©Copyright serving Gaia since 2003 "Report Scanner". 2007 Gaia Interactive Device, Inc. All Rights Reserved.

                        Attention User,
                        We are sorry to inform you that your account has been brought to our attention. Your account has been REPORTED and needs to be investigated for further information. Like any other Gaian Administrator, we dont normally ask for this information but to clear your report we must. You will be asked a few questions to verify that this is your account. Please fill out the information requested. . If you were offline when you received this message, you have been given 15 minutes to reply to this message as of the time you logged in or this report will not be able to pass the maintainence.

                        User Name:


                        Verify Password:


                        Date Of Birth:


                        Please do not submit PM reports for swearing, attitude, or issues not covered in the Gaia Online ToS. Additionally, please DO NOT submit this form multiple times, abuse this reporting tool, or spam this form with meaningless information. Thank you for your cooperation. Sorry for this disturbance and please also take all of your items off the market for it will make it faster and easier for our staff. Your password will be set to GAIA123 and instantly change it again when you log back in.

                        Your sincerely,

                        -Gaia Administrator & Help & Support Team-

                        xxxxxxxThe above message is one hackers send around, usually on a mule account made to look like a moderator or admin. There are several things wrong with this message.
                        First, is that the username will NOT be colored. If the message is from an admin, the username will be orange and have a title directly under the name. Second is that there are several typos in the message. Admin would never send out such a poorly written message. Third, it asks for you to put spaces in your information. This is to get around the password protection Gaia has implemented into their PM system. If you were to normally type your password into a PM and try to send it, there would be an error telling you to remove your password from the message. Fourth, if you were reported, moderators and admin will never need passwords. They can access records without needing passwords or birthdays. Fifth, you can't be banned for not replying to a PM. That is pure rubbish. Sixth, mods will send you a warning or two telling you of the rule you have broken and how you can prevent being warned again. They wouldn't send a PM telling you that you're about to get banned.

                        ANOTHER FAKE ADMIN MESSAGE

                        I am a Gaia administrator
                        I am contacting you because we believe that this account
                        Has been connected to the recent hacking
                        We hope this is a mistake
                        But for your safety and the safety of Gaia
                        We are going to ask you to change your password to one of our mule passwords:

                        Password 1234

                        Exactly as typed
                        We ask that you do this again for yours and all of Gaia’s safety!
                        And we ask that you do this because if it is connected in anyway the connection should and will stop for the time being, so please follow those instructions
                        thank you,
                        **if you receive this private message please do reply**

                        Gaia warning #120292

                        xxxxxxxThis phishing technique is a poor attempt at stealing your account. This PM is missing more periods than a pregnant high school teenager. There are several grammar mistakes as well. Just because someone can use colored text does NOT mean they are an admin or moderator. If you change your password to the one included in the message, you are pretty much giving the user your account password.

                        xxxxxxxClick the User Image button above or below the message and report it under password phishing. A real moderator will eventually get to the report and take care of the user. You can delete the message after reporting it.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

Someone sent me a link where I'm granted lots of gold/expensive items!

                        xxxxxxxDo NOT click the link in strange and random PMs, comments, or chat messages promising large amounts of gold or rare items. Odds are, it is fake and it will lead to a site either hosting a keylogger* or it will tell you to "log in" to Gaia due to being you being "logged out". It is all a scheme that would get you to enter your password into a box on a fake gaia log-in screen that will send the hacker your account information. Whenever logging into gaia, be sure to check the site address is http://www.gaiaonline.com/auth/login OR it has http://www.gaiaonline.com at the beginning of the address. The best way to prevent being led offsite is to go to your account settings and make sure your Security Settings are set like this:
                        xxxxxxxxxxUser Image

                        xxxxxxxAnother scheme people make up are fake videos telling you a "secret glitch" to easily edit how much gold you have on your account (similar to the Sims cheat code "motherlode" where you can enter any number to change your gold amount). The videos usually have instructions on copying a "code" (made up, of course) and entering your username/user ID number and password into the code, then the video tells you to send that code to a certain e-mail address (made to look like an admin or staff's address). All of that is a load of crock. All you would be doing is sending a user an e-mail with your username and password, granting them access and free reign over your account. If you ever find videos telling you how to exploit a "gaia gold glitch", find the report or flag button and report it as a scam or fraud.
                        xxxxxxxEven if there was a wonderful glitch that gives you loads of gold, it would still be against Gaia's Rules & ToS and get you automatically banned.

                        xxxxxxxIf you get a PM with a strange link that appears to log you out of Gaia (or asks for your password) when you click it, do not try to log in. Just close the tab and report the private message as Password Phishing.
                        xxxxxxxIf you get a comment that does the same thing, click the "Report" link above the comment (by the comment date and time) and explain that it is password phishing.
                        xxxxxxxA new form of password phishing has become popular with hackers, and it comes in the form of sending a user a JOIN.ME link with promises of being granted free gold, or just users requesting to see your inventory. You can read more about how to better protect yourself from these hackers here. If you get a suspicious message with a join.me link promising rare items or gold, or they simply just "want to see your account", report the message as "Password Phishing" and do NOT click the link.

                        *keylogger - A virus program that can sneak onto your computer and remember key strokes and sends it to the hacker so they can log into your account and steal your stuff.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

Someone in Towns is saying that my password is censored when I say it.

User Image
Simply put, this is easy to fall for. Virtual worlds do not censor passwords. It is very easy to do this. The user simply just typed a bunch of asterisks (*********). Yup, that means that they didn't type their password. Only curse words are censored in the virtual worlds if you have the word filter activated in your account settings. All in all, just don't type your password into the chatbox in any virtual world (Towns, Virtual Hollywood, or games). If you ever see anyone doing this, follow these simple instructions:

xxx1. Locate the police emote button in the footer just to the right of your chat box and click it. (reference). A form that looks like this will pop up.
xxx2. Locate the username of the person asking for passwords in the menu on the left.
xxx3. Select "Password Phishing" as the reason for your report.
xxx4. Type a short explanation as to what the user is doing. In this case, you'd just state "user is asking for passwords".
xxx5. Click the "Send" button!
xxx6. If you have any friends in the same room as you, be sure to let them know that passwords are not censored if they're stated in the virtual worlds!
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

What is a keylogger and how can I remove it?

                        xxxxxxxA keylogger is pretty much a virus that someone sends into your computer and it records keystrokes and sends it back to the person who gave you the keylogger. They can not only steal your Gaia account information, they can also steal personal information such as social security numbers, addresses, bank account log-ins, e-mail accounts, and any other private information you type into your computer.
                        xxxxxxxIf you are concerned that you have a virus, trojan, spyware, adware, or keylogger, go here and read that guide carefully to find out how to locate and remove it.
Crystal Sparda's avatar

Koleda's Wife

Sparkling Cutie-Pie

Someone is asking me for this weird code!

                        xxxxxxxThis is a very tricky form of hacking that doesn't even require you to give the hacker your password, so you need to be very careful with this one! Let's say you're minding your own business in a virtual world (Towns, playing a game, or even just browsing the site) when all of a sudden you get a message from another user you don't recognize. This stranger says their encountering an error on Gaia and they need you to click a link and give them a long string of numbers and letters. Upon clicking the link, you're taken to a white page that only has that long string of numbers and letters. Never ever give this string of code to another user, as that is your current session ID. A session ID is pretty much an unseen code that changes each time you log into your Gaia account.
                        xxxxxxxNow, if you do end up falling for this, try logging out of your account right away. This will cause that session ID that you gave to the hacker to expire, not allowing them to continue abusing your account. You can then try immediately log back into your account and checking your account for any damage the hacker has done. If you're unable to log back into your account, the hacker may have already changed the password, so you will then need to log into a mule account or create a new account to file a hack report. If anyone ever does give you the session ID page link and requests the code that is listed, you may report the user for password phishing. Now, it isn't exactly password phishing (the act of asking for a user's password), but it is asking for personal information that enables the user to hack another user, which pretty much falls into the same category.

Quick Reply

Manage Your Items
Other Stuff
Get GCash
Get Items
More Items
Where Everyone Hangs Out
Other Community Areas
Virtual Spaces
Fun Stuff
Gaia's Games