Welcome to Gaia! ::

User Image
A simple guide.


::Current News::
19.9.09

There's reports of a pop-up appearing on the site asking for your username and password to confirm you're not a bot. Don't fill it out, it's not really from Gaia!
Generally to confirm you're not a bot, sites ask you to fill out those random letters and numbers inside a picture. They don't ask for your passwords. Why should they?
Several people have gotten hacked and lost quite a few things from filling out these pop-ups, so be wary and remember to never give out your password!


User Image


Okay, welcome to the thread. First of all, I'd like to let you know that these will not 100% PREVENT hacking, but will HELP.
Also, some of this stuff is my opinion on how you can help prevent it.
If I find anything else, I'll post it.

Rules
1. Please follow Gaia's ToS.
2. Be nice, alright?
3. Don't quote any of these 6 posts.
4. Let's not advertise here, alright? Signatures are fine and so are other helpful guides. But only those can be advertised here. =]
5. Please don't name drop (as in telling us who scammed who or whatever, if you want to share information and decide to say "soandso said this" or whatever, that's fine).***

***Name dropping can actually get you in trouble. If they see you accusing them (be it true or not) they can report you for harassment.

If you want to add something to this guide, please feel free to PM me or post it and I'll add it when I can.


::Quick Info!::
Alright, this is in the first post because you really need to know this and it will be stated again.
Moderators will never ask you for your password. EVER.
So NEVER give out your password.


Colors to know (and their meanings):

User Image Admins are ORANGE
Moderators are GREEN
Non-Player Characters are RED
Other Staff Members are BROWN
Regular users are BLACK
These colors refer to their names.
Regular users are just normal people who simply use this site and not run it.

More information about the moderator types (as well as a list of moderators who take care of the "Welcome to Gaia" forum) can be found here.


::Updates::
(My way of dating may be different from yours. I go by day/month/year)
19/9/09 - An update after a long while, we've added to the "Definitions", "I fear...", "Prevention", and the current news. Thank you for the support everyone, and the information (iNemisis, popetoast, Lura Bell)!
23.6.08 - More examples of scams, thanks to Anti-Hacking Mule and Rose-McLane. Trying to get back on track here, sorry I've been gone a while.
16/6/08 - [Community Spotlight - Gaia's Helping]
31.3.08 - New example of a Scam PM (Thank you nelrina), news has been moved around.
27/03/08 - Added another example scam PM. (Thanks bd004)
18.03.08 - More in the Prevention post. (More about mules)
10/03/08 - Moved news around - New current news. (Weird bans?)
09.03.08 - Added another person to the Proof list
01/03/08 - Moved a few things around to make another post. (Special Things) Also edits on the Other Guides post.
26.02.08 - New rule added.
24/02/08 - Added things to the "Definitions" post and "Prevention" post. (Thank you DataMilo and bd004.)
11.02.08 - Moved more things around and added example scam PMs to the Definitions post.
17/01/08 - Moved stuff around, that's about it.
07.01.08 - New section added to the "Trying to Recover" post; "Got Proof?"
06/01/08 - Different things added here and there.
28.12.07 - New section added to the "I Fear..." post (Special Things)
25/12/07 - More added to the prevention post (thank you Vegie) and more added to the Introduction post.
21.12.07 - Added a new security program to the prevention post.






Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image


::Hacking::
Gaia's Definition
Hacking is the illegal access of someone else's computer or account. Usually for destroying, stealing, or harming information or items.
Like a burglary.

    :::Cracking:::
    Cracking is like another term for hacking. I've heard it's usually used just for the recovery of lost passwords. It's a guess and check system.
    While many say they are pretty much the same thing, many others beg to differ.

    "The Cracker uses a text file from notepad full of possible passwords, and tests it against a User ID or password to gain access to the account. However, most password lists out there have only words without letters. So, the more complicated the password is, the harder you will be to hack." -
    iNemisis


::Scamming::
If you have ever heard someone say "they were trying to scam me" then you might know what this means.
A scammer tries to trick you to give them things. On Gaia, a scammer usually tries to pretend to be a moderator or some special part of the Gaian staff/crew and tell you to give them your password, username and often times your email address.
If their name is black and they are asking you these in a PM or in the forums, then they are a scammer.
    :::Examples of scam PMs:::
    [Submitted by Blue Uno Reverse] [Submitted by Hiro_Hiroko] [Submitted by bd004] [Submitted by bd004] [Submitted by nelrina] [Submitted by bd004] [Submitted by Anti-Hacking Mule] [Submitted by Rose-McLane] [Submitted by bd004]

    ::Keylogger::
    A keylogger is a program that gets onto your computer and monitors you. It records your keystrokes and sometimes monitors where you go and what time you go there. It sends the information to someone else and they then have access to your accounts. (Like your Gaian account.)

    ::Cache/Cookies::
    Defined by kage-ookami4:
    cache doesn't store passwords cookies do that. the cache is purely graphics from webpages you've visited to accelerate load times. (hence why clearing your cache won't log you out... but clearing cookies does)

      :::Cache Busters/ Cookie Stealers:::
      They have several names either way, they get onto your computer and try to take the information from your cache and send it to someone else.
      I've seen some disguised as pop-up ads.


    : razz op-Up::
    A pop-up is usually a window that opens up either unexpectedly or when you trigger something. Commonly used to advertise things or to warn/inform you of something (like if you're filling out forms, it might come up and tell you "Please fill in all required fields." if you don't fill everything out in the form and try to submit). Some pop-ups are also viruses (a pretty common one is something that claims it is an anti-virus program, it'll offer you a free trial download to scan and remove the viruses you have on your computer. This thing actually downloads the viruses instead.) other pop-ups ask you for information that you fill out and it gets sent to the origin of the pop-up.


    Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image

Alright, like stated before, some of these are my opinion.

Okay, getting hacked can be a horrible thing. Especially if you're online and watching it happen.

1. Let's stress this again.

Moderators will never ask you for your password. EVER.
So NEVER give out your password.


2. Pay attention to the links you're clicking on. Since Gaia has the ability to change the name of links they can take you to places the look exactly like Gaia or to viruses.
_____They can be checked at the bottom of the window ( The load bar [Image] )
_____Right click the link and choose "Properties" from the list. A window will open and it should tell you the address that the link takes you to.
_____Since Gaia takes you to a warning page by default (you can have that page disabled) it will tell you the actual link before you actually go to the page.

................2a. Keep an eye out for pop-ups. Some pop-ups aren't what we expect. Most are used to advertise something or to give you a message, but recently one has been appearing on Gaia that asks for your password to confirm you're not a bot. This is a trick to get your password, don't fill it out!

3. Clear your cache/cookies occasionally. Cookie Grabbers/Cache Busters can take any information in there.


How to Clear your Cache

Windows
Start Menu > Control Panel > Network and Internet Connections > Internet Options
Then a new window should come up looking kind of like this. In the Browsing History section click the Delete button.
Again, another window should pop up looking like this one.
I usually just click the "Delete all" button because it clears space on my computer as well.

Keep in mind, if you do clear everything or the Temporary Internet Files, then webpages you visit will be cleared and you will have to download those pages again.

Internet Explorer
Tools Tab > Internet Options > follow the last two steps in the Windows one.

Firefox
Tools Tab > Clear Private Data (Ctrl+Shift+Delete)
Afterwards this should come up in another window. (You can select "Cookies" too, but that's just the default selection in the picture) then finally click the "Clear Private Data Now" button.
Authenticated Sessions (Explained by CrimsonRainFalling):
Authenticated Sessions are just what they say. A "session" can be though of as a visit to a website, and authenticated of course, means recognized or logged in.
Essentially, Authenticated Sessions are why Firefox will keep you logged into a site (Until you log out or delete the authed session) if you log into it a single time.


4. Scan your computer. Viruses like keyloggers or other harmful things can get on your computer and steal your information. Adware, Spyware and other harmful things should be cleared too to keep your computer running well.
Here's a list of programs you can use for scans.
_____McAfee
_____Norton Anti Virus
_____AVG Virus Protection (The Free Edition can be found at Free.grisoft.com.) Be sure to click the Free one.
_____Adaware (An Adware/Spyware scanner) (Adaware for free can be found at lavasoftusa.com. Remember to click the Free download.)
_____Windows Defender (protects against spyware mostly. I believe it is only for Windows. More information as well as the download can be found here. Windows Defender at Microsoft.com)

There are others, those are just some that I've used.

Here is a topic with a list of others:
http://www.gaiaonline.com/forum/computers-technology/t.10685641/


5. Have a secure password. Many hackings occur because someone's password isn't very secure. If you make your password too simple then your account could be hacked into.

[Community Spotlight: Keep your account safe!]


Password help

Ilikemilkandcookies ............ This is NOT a very good password, it is much too simple.
1l1k3m1lk4ndc0ok13s ......... This one is better, but can still be rather simple to guess.
alkdfjalkfdiwehg3498udDtaieojq ......... This one is completely random. It's pretty secure as well. The longer could be the better though.

Random passwords like the one above are (from what I can tell) pretty secure. If you are afraid of losing the password or just don't want to memorize the whole thing, send it to your email address and save the email. If you're worried someone will look there for your password, then don't label it as a password and don't put your username in the email.
All you'll have to do is copy and paste the password each time you want to log in or use it. Remember to be careful when copying it. Sometimes you can accidentally select something you don't want.
Be careful if you make a random password (the third one). My friend put a special character in their password and couldn't log in.

Here's a site that can help you with checking how secure a password is:
[Microsoft.com : Password Checker]
"It does not store, transmit or do whatever else with what you enter." - Vegie

DataMilo talking about KeePass
That, and other password database programs can protect you from cookie grabbers and keyloggers, since all passwords are kept in an encrypted db and cut-pasted into browser windows instead of typed.
Plus, with one master password, you can safely keep as many super-complicated 96b (12 digits) passwords as you want. Every password can be unique, so you don't have to worry about your gaiahacker going after your email or bank accounts.
Here's a few links for keepass:

The info site and
the sourceforge repository.

There's loads more, but I'd recommend sourceforge software first. Open source code gets fully vetted by millions of programmers, so vulnerabilities get patched fast, plus everything is free.



6. Keep a mule account. Mules can come in really handy when you think you're going to be hacked soon or when you want to keep a few items on another account to keep them safe. If you're not using a valuable item that you're afraid is going to be taken or you want to keep some old items that can be sold or gold or something that you can fall back on when you're hacked, then I suggest you put it on a mule.
If you are currently being hacked and they have yet to change your password, you could try and send some of your items in a trade to a mule. I'd suggest kicking them off your account first though if you are still able to use your password. (If you log out, it kicks them out too, but you should hurry to get back on before they do.)

(Zykura suggested I talk about this.) If you're really paranoid, keep a mule account that has the items you're not wearing. Keep the mule's profile as private, PMs and gifts blocked, don't post with the mule, don't even dress it nicely. Dress it like a newb. [Pretty much cut it off from civilization.]

7. Take it slow. If you're being asked to enter a password, be it for trades, logging in, or other things, take it slow. Be sure to type it correctly if you can and be sure to read everything and notice everything. Like stated several times, if you're being asked for your password, it should not come from a Gaian moderator and if it comes from a user on Gaia, report it. NEVER give out your password to others, be sure to only enter it in the correct places. (Tip from DataMilo, sorry I wanted to reword it a bit.)

8. Take it seriously. Anyone and everyone can get hacked, even you and me. If you're not serious about keeping your things safe, then you shouldn't be serious about trying to earn everything back all over again. Taking security seriously can help save you a lot of time and effort. So what if it causes you to spend several moments a day scanning or protecting yourself? Would you rather be spending days just getting everything back?
This guide won't protect you 100%, but it really can help if you take the right measures. (Sorry DataMilo, wanted to reword this one a bit too. o: )



Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image
that someone is trying to hack me.


::Things To Notice::
Alright, there are things you need to notice to tell if someone is trying to break into your account or not.

Are you getting warnings (not by PM) saying that you have been banned due to too many failed logins?
Okay, with this one you have to also pay attention to other people too. It might just be a glitch so ask about it in the Questions & Assistance forum or better yet, look for any recent topics about your problem. (It saves space.)
Most of the time (my opinion) it won't be a glitch so try to take care of your items. (Look at the Prevention post)


Are you getting PMs from regular users (people with black names) saying that they are some secret service for Gaia and asking for your password?
That is not a real Gaian staff member! That's a scammer. Whatever you do, DO NOT give them your password.
If they threaten you by saying that if you do not respond in a certain amount of time of if you do not give out your password that you will be banned, they are LYING.


If you do get a PM like the one mentioned above then report it!
To report a PM like this simply go to the PM and press the User Image - Blocked by "Display Image" Settings. Click to show. button under the PM.

-OR-

Go to the Forums then scroll to the bottom of the page and click the Report A Scamming link and fill out the form.

[Click here to see an image of how to get there.]

Is there a keylogger on your computer?
Alright, keyloggers aren't always on your computer for Gaia, they could be there for many things, either way, it can still get your password.
Do a virus scan on your computer to check first. If one is found, get it off of your computer as soon as possible.


Are items missing from your inventory?
You could be being hacked.
Some hackers take only certain items, I suppose to scare you or because those items are the only ones they want. Either that or to make it look less noticeable. I suggest you make sure your email address is the same and change your password as soon as possible.
Report what has happened as well.


Is your avatar suddenly stripped of all its items? And you're not the one doing it?
You are probably being hacked.
Contact a moderator as soon as you can, send them a PM and tell them what's going on, you should possibly ask them to disable trades or gift giving if they can. Next you can check to see if your email address is the same, change your password quickly (if it lets you) then log out.
Logging out will kick the hacker off your account. Log back in to keep monitoring your account.
Don't forget to report the hacking!


"Help! My email has been changed and so has my password! (While I'm still on my account!)"
Hurry! Don't waste silly time!
You can't change your email address unless you know your password, so, contact a mod as soon as you can and ask them to ban your account for a few days. I dunno if you'll be able to get it back or not. Don't forget to report a hacking! (Because you've just been hacked.)


A pop-up came up on my computer screen and told me I've been sending messages too fast. It asked for my password to be sure I wasn't a bot.
Gaia will send you messages if you're posting too quickly, some of you may know that. If it asks for your password, though, don't fill it out! It's not an actual message from Gaia.

Those are just some things to look for.
If you fear your account is a soon to be hacked victim, then try talking to a moderator about it. The Prevention post should help you too.


Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image
How do I recover?


Many questions could be going through your mind right now. (Or not.) Either way, do you want to know some ways you can recover from it?

::Need-To-Know::
Alright, first off, you want to Report the hacking.
To do so go to the Forums Page then scroll to the bottom of the page and click the Report A Hacking link and fill out the form.

[Click here to see an image of how to get there.]

Alright, I don't know how many times this must be stressed to get this through people. BUT Report ONE hacking ONE time that's ONCE per hacking.
It takes them up to 18 MONTHS just to get back to you on the hacking. Filling up their report inbox with the same report only makes the wait longer for other people and a lot of irritation for them.
Don't forget to save your report number in case you need to talk to a moderator about your report!


::Trying To Recover::
Okay, once the report is finished, the next thing to do is try to start again if you want to continue your life on Gaia. If you have lost your account completely, but want the same friends, see if you can contact the ones you had and tell them the story. If they're your friends then I'm sure they'd understand.
Next thing to do is to recover your lost items and gold if you want them again.

Most of the time, you have to get the items back yourself.

    1. You can ask charities to help you in the Charity/Quests Forum.
    2. You can ask your friends if they are willing to help.
    3. Earn them back yourself the old fashioned way. Posting, playing games, Towns, polls, roaming the site, sending in money, or selling items.


Keep in mind, people usually don't like people begging for gold so it might not always help. Also, understand if they accuse you of lying, it's probably because there are a lot of scammers who try to get gold and items that way.


::Got Proof?::
Alright, many of you think that people never get their items back from a hacking through the report system. (As in, going without earning it back yourself or with the help or others, but actually recovering it from the hacking.)

[The List]
(Click a name to see what they had to say.)
- Hino Daruma
- Moonlight Reverie

So there's your proof, sometimes you can get your items back, but not always and not always all of them.


:Need other proof?:
I'll be keeping a list of people who've told me they've gotten their items back after a report. (after I ask them though). PM me to be on the list, ok?


Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image
This post is for past news or things that just didn't seem to fit anywhere else.


"Someone knows exactly how much gold I have! I never told them either!"
Try not to worry about it, there's a website where you can type in someone's username from Gaia and it will tell them the exact amount of gold that person has. They're not hacking you, just seeing your gold. Nothing much you can do about it. If they were really hacking you, then I doubt they'd ask you for donations (they'd just take it themselves).
If they start to harass you by asking you to donate several times, then report them.
If they do it in a PM, then click the User Image button,
If they are elsewhere on the site then report it here:
[Report Abuse Or Harassment]


Someone in Towns/Rallies is talking through invites! What's going on?!
Old News
Don't worry about it, they're just people who found out how to mess with the scripts of Towns and Rallies, nothing to really make a fuss over. They can't hack you through Towns/Rallies, even if they say they will. Towns/Rallies aren't connected to your account.

I keep seeing posts about a Gaia AutoPoster... what's that about?
Old News
AutoPosters are not legal on Gaia and as far as I can tell, are another trick scammers are using to get your information. They're using the autopost to help advertise the poster and make others try and fall for it. Just... don't fall for it, alright?

My computer has viruses? ( Random popup "let us scan your computer" )
Old News
Alright, there's a problem hitting a few people lately. They'll go to a page and then they'll get a warning pop up in another window on their screen. It will tell them that their computer has viruses or other harmful things on their computer, the the security is low and to click a button to go to the website and run a free scan. Even if you x out of the little warning or click "cancel" it will take you to a website. I only caught a glimpse of it, but I think it had some red on it with a bar that started to fill up with green claiming to scan your computer.
Really, it's downloading viruses and things onto your computer. Whatever you do, do not let that bar fill up, close out of that window/tab ASAP!
Once done, I suggest scanning your computer. If you have a good firewall then it should have stopped the viruses from being downloaded.


Weird bans?
Old News
So far, I only know little about this problem, but it appears that people have been banned lately for no apparent reason. I've seen someone say that many of them happened on the 10th of March.
I don't know much about it yet, but if anyone does, it would be lovely if you could share. :]
Lanzer
Hello everyone,

I've just found out that there was an error on the security code which caused a lot of users to have their accounts banned on March 10. We're working on fixing the problems now and your accounts will be restored shortly. We're terribly sorry for the trouble this had caused and we'll keep you updated with any more information.




Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
User Image

After typing all of this and putting it all together, I'm a little tired to go out and look for other guides at the moment. If you have a guide you'd like to see in this post, please PM me and tell me.

::Link Us::
Sorry guys, had to convert everything to photobucket. ( I hate long links. Dx )
User Image
[url=http://www.gaiaonline.com/forum/t.35487779/][img]http://i125.photobucket.com/albums/p46/Lockhearts_Raven/Guide/7w6d304-1.png[/img][/url]


User ImageBanner by `Ryuzakii
[url=http://www.gaiaonline.com/forum/t.35487779/][img]http://i125.photobucket.com/albums/p46/Lockhearts_Raven/Guide/6wp3k92.png[/img][/url]


User Image
[url=http://www.gaiaonline.com/forum/t.35487779/][img]http://i125.photobucket.com/albums/p46/Lockhearts_Raven/Guide/2lks56u.png[/img][/url]


::Other Places::
User Image User Image User Image


Introduction | Definitions | Prevention | I Fear... | Recently Hacked | Special Things | Other Guides
D3ath Th3 K1d's avatar

550 Points
  • Gaian 50
  • Member 100
  • Dressed Up 200
Mephestopholes
A day late and a dollar short for my other account, they hacked me. If I had only seen this thread before I could have prevented the loss of over 4 years worth of strenuous work.


You hate that feeling right? Well lets all work together to spread the word! Although, i have also been here for almost 4 years too, by now you would think you would sort of know whats a scam and whats not ._.
they are getting more realistic though, except the name coloring, the one thing i didn't see
Sorry, had to delete two posts and rewrite another to make room for another post for the guide.
Here's a screencap of what was deleted (in one post though): [Link]

Keep this in mind. Moderators will never ask for your password, even if you're threatened with being banned. Moderators don't need your password to ban you.
If you get a PM and you really feel iffy about it, then you can post it in the Q&A.
Thanks, I'm sure all of the non-hacked users out there will find this useful. I sent the person who received my inventory a few pm's and responded to them, I have reported this perosn to admin, but nothing has been done as of yet.
D3ath Th3 K1d's avatar

550 Points
  • Gaian 50
  • Member 100
  • Dressed Up 200
Mephestopholes
Thanks, I'm sure all of the non-hacked users out there will find this useful. I sent the person who received my inventory a few pm's and responded to them, I have reported this perosn to admin, but nothing has been done as of yet.


I have never been hacked but I have been an idiot, and your DP depresses me cause it reminds me of that time when I sold my december 2003 letters (all of them) by mistake thinking they where 2005 letters for 5k each, and the guy would not give it back T.T

Bah. xD it was the first letter I ever bought.. razz
D3ath Th3 K1d's avatar

550 Points
  • Gaian 50
  • Member 100
  • Dressed Up 200
Bump for safety and account protection!

Quick Reply

Submit
Manage Your Items
Other Stuff
Get GCash
Offers
Get Items
More Items
Where Everyone Hangs Out
Other Community Areas
Virtual Spaces
Fun Stuff
Gaia's Games