StanMiniShow
Career
- Joined
- May 18, 2013
- Messages
- 114
- Reaction score
- 481
That could have gone really bad if you didn't change your password. Wise man! 
-
Our Minecraft servers are offline but we will keep this forum online for any community communication. Site permissions for posting could change at a later date but will remain online.
Minecon Cape FRAUD!
- Thread starter Jon | Lqzer
- Start date
Lucidictive
Diamond
- Joined
- Dec 29, 2012
- Messages
- 1,176
- Reaction score
- 1,576
this is not a java drive-by.
this is a very very very very very simple logger. anyone who had like 20 minutes and a host could do this.
what happens when you enter any information (whether valid or invalid), it will tell you, you some random premade message bullcrap.
what then happens is the admin of the site, can view whatever was typed into these fields. he may have a email set up for it, or it may be a panel. then, if he wants to get to the level of where other people send it to others, he will make bots to send it to people.
NOW, if you download something off the site, that's when you get RATed and you're bf'd for life. If I RAT'd you, I could A. Shut down your internet B. Look at your screen and through your video camera C. do lots of other nasty stuff to you that'd make you consider never touching your computer again. I could even just completely terminate your computer, so you'd have to reinstall windows. but then I don't have the RAT anymore.
however the guy who made this site is maybe 14 years old. nobody else is interested in minecraft account tbh.
HOWEVER, there are RATs out there that will stay hidden on your pc even if you reinstall windows. that requires hand removal IF POSSIBLE. Usually a RAT will infect EVERY FILE ON YOUR COMPUTER. Every one. And it will create new ones.
Good luck with those RATs. you might need a new HDD.
demonsushi
District 13
- Joined
- Feb 18, 2014
- Messages
- 2,160
- Reaction score
- 1,882
...
MCSG_pro011
Diamond
- Joined
- Feb 18, 2013
- Messages
- 178
- Reaction score
- 29
The awful thing about this is that I cannot change my password. Apparently I do not have access to my original e-mail that I used to create my mc account. Now I cannot change my password nor migrate to a mojang account...
G33ke
Community Engagement Team Representative
- Joined
- Jul 22, 2012
- Messages
- 999
- Reaction score
- 1,889
Thread is a tad bit old now, but hey, I'm not the one bringing it back to life:
A general tip for everyone affected by this scheme: Free things are almost always too good to be true. Logically, a minecon cape for free would defeat the entire purpose of it's exclusivity, wouldn't it...?
I'm sure many of you are already aware of the dangers of clicking on a "you've won a free iPad!!1!!1!!!" ads. Honestly, a free minecon cape is no different. If it was as simple as putting in your username and password to get a cape...wouldn't everyone already have one?
Now, if MCSG was giving away diamond donor ranks in a contest, it could be completely legit, but just do some simple checks: Is it on the official MCSG website? If you came from the forums/news announcements the same way you always do, it's likely legit. But if you get a link, even from a friend, and the activity to achieve the donor rank doesn't make sense, (MCSG has no reason to have your account information - MCSG wide things are stored in server user files, not directly to the Minecraft/Mojang account.) then be cautious about it. Tweeting them "#diamonddonorcontest" is likely fine for the contest, similar facebook things is likely fine, these things help advertise the servers, but a "click this button and get free stuff instantly" button is extremely suspicious. They'd simply lose sales of donor ranks and gain zero advertisement in return. (Not that they wouldn't ever give away stuff like that, but it's extremely unlikely.)
But in general, check the url. If it looks like the Minecraft website, look at the url anyway: minecon.support? I'll be honest, that looks mildly legit, but do your research anyway: If you've never entered your login information on the website before, do a background check. Often times, simple google searches can help immensely. And heck, even simply enter fake information and see what happens: Username: Flappybird133769001hax. Password: 54JE#^^#sfghfdgf#. If that produces a "login successful", something is really wrong.
You'd be surprised, people have made some phishing sites made to look like steampowered before, where the url is literally the exact same with two letters switched.
Also, on "don't even trust links from friends," I mean if a friend acts strange when sending you a suspicious looking link, there is always a chance their steam/skype/minecraft account has been compromised. I've had several skype friends have their accounts compromised and continue to send me suspicious links. Never once have I clicked on one. Heck, even when I know it's my friend, I sometimes don't click on it if it looks weird. I don't know what websites they visit or how much they actually know about it.
I've only had my computer compromised by a "virus" once, and it was completely my fault for not checking what I was downloading. I didn't follow my own instructions above about checking the url or anything. Given the circumstances, it seemed silly to do that, but I've quickly learned from that just how easy it is for some guy to put that stuff online and have it overshadow the legit stuff.
(For the record, skype is extremely insecure. I don't recommend adding anybody you've never personally spoken to through voice before. Ever. They can do some nasty things with you as a skype contact. Viruses isn't one of them unless you let it happen, but other things.)
A general tip for everyone affected by this scheme: Free things are almost always too good to be true. Logically, a minecon cape for free would defeat the entire purpose of it's exclusivity, wouldn't it...?
I'm sure many of you are already aware of the dangers of clicking on a "you've won a free iPad!!1!!1!!!" ads. Honestly, a free minecon cape is no different. If it was as simple as putting in your username and password to get a cape...wouldn't everyone already have one?
Now, if MCSG was giving away diamond donor ranks in a contest, it could be completely legit, but just do some simple checks: Is it on the official MCSG website? If you came from the forums/news announcements the same way you always do, it's likely legit. But if you get a link, even from a friend, and the activity to achieve the donor rank doesn't make sense, (MCSG has no reason to have your account information - MCSG wide things are stored in server user files, not directly to the Minecraft/Mojang account.) then be cautious about it. Tweeting them "#diamonddonorcontest" is likely fine for the contest, similar facebook things is likely fine, these things help advertise the servers, but a "click this button and get free stuff instantly" button is extremely suspicious. They'd simply lose sales of donor ranks and gain zero advertisement in return. (Not that they wouldn't ever give away stuff like that, but it's extremely unlikely.)
But in general, check the url. If it looks like the Minecraft website, look at the url anyway: minecon.support? I'll be honest, that looks mildly legit, but do your research anyway: If you've never entered your login information on the website before, do a background check. Often times, simple google searches can help immensely. And heck, even simply enter fake information and see what happens: Username: Flappybird133769001hax. Password: 54JE#^^#sfghfdgf#. If that produces a "login successful", something is really wrong.
You'd be surprised, people have made some phishing sites made to look like steampowered before, where the url is literally the exact same with two letters switched.
Also, on "don't even trust links from friends," I mean if a friend acts strange when sending you a suspicious looking link, there is always a chance their steam/skype/minecraft account has been compromised. I've had several skype friends have their accounts compromised and continue to send me suspicious links. Never once have I clicked on one. Heck, even when I know it's my friend, I sometimes don't click on it if it looks weird. I don't know what websites they visit or how much they actually know about it.
I've only had my computer compromised by a "virus" once, and it was completely my fault for not checking what I was downloading. I didn't follow my own instructions above about checking the url or anything. Given the circumstances, it seemed silly to do that, but I've quickly learned from that just how easy it is for some guy to put that stuff online and have it overshadow the legit stuff.
(For the record, skype is extremely insecure. I don't recommend adding anybody you've never personally spoken to through voice before. Ever. They can do some nasty things with you as a skype contact. Viruses isn't one of them unless you let it happen, but other things.)
Lucidictive
Diamond
- Joined
- Dec 29, 2012
- Messages
- 1,176
- Reaction score
- 1,576
Also, if you do this and it asks for your permission to run Java, do not do it. That is another sign the website may be fake. You might be thinking 'it's minecraft, that makes sense I guess,' but by hitting yes you are letting an onslaught of trojans and RATs into your computer.
TheCornStealer
Platinum
- Joined
- Sep 1, 2013
- Messages
- 4,155
- Reaction score
- 11,489
Ew fraud
Nineharted
Career
- Joined
- Apr 9, 2014
- Messages
- 583
- Reaction score
- 384
But it's totally worth it because you're good if you have a minecon or optifine cape. Totally worth it.
SixZoSeven
Community Engagement Team Lead
- Joined
- Jun 2, 2012
- Messages
- 2,307
- Reaction score
- 6,155
I see many of these.
On the steam platform, there are many websites that claim to be the official steam page. They have a near identical copy of every icon, text, widget, etc. on the page.
The only difference is, the URL will be something like www.staemcommunity.com ---- Notice the switch of the letters ae.
Commonly, the fraudulent steam website will also ask the unsuspecting user to upload their SSFN file from their steam folder.
*shakes fist* always be sure of what you are doing!
The only way to be 99.9% safe from common germs living on your hand is to use Purell Hand Sanitizer.
On the steam platform, there are many websites that claim to be the official steam page. They have a near identical copy of every icon, text, widget, etc. on the page.
The only difference is, the URL will be something like www.staemcommunity.com ---- Notice the switch of the letters ae.
Commonly, the fraudulent steam website will also ask the unsuspecting user to upload their SSFN file from their steam folder.
*shakes fist* always be sure of what you are doing!
The only way to be 99.9% safe from common germs living on your hand is to use Purell Hand Sanitizer.
ThePompeiian
Diamond
- Joined
- Mar 7, 2014
- Messages
- 159
- Reaction score
- 183
