Phishing: Difference between revisions
From xat wiki
No edit summary |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 5: | Line 5: | ||
Phishing is a fraudulent attempt to steal personal information, such as your e-mail address and password. On xat, you might encounter users who try to steal your e-mail address, password, xats, days, powers, and sometimes, your identity. Protect yourself whenever using xat by knowing how to recognize phishing attempts so you can report and not fall for phishing tricks. | Phishing is a fraudulent attempt to steal personal information, such as your e-mail address and password. On xat, you might encounter users who try to steal your e-mail address, password, xats, days, powers, and sometimes, your identity. Protect yourself whenever using xat by knowing how to recognize phishing attempts so you can report and not fall for phishing tricks. | ||
==Common phishing | ==Common phishing tricks== <!--T:2--> | ||
</translate><span id=" | </translate><span id="commontricks"></span><translate> | ||
<!--T:3--> | <!--T:3--> | ||
* Linking a page that looks exactly the same or similar to xat's registered user account management page. | * Linking a page that looks exactly the same or similar to xat's registered user account management page. | ||
* Convincing users to click on a link by | * Convincing users to click on a link by offering free xats, days, and/or powers. | ||
* | * An urgent request for personal information: passwords, e-mail address etc. | ||
* A message requiring immediate action to avoid a problem like losing access to your xat account or your account being deleted. | * A message requiring immediate action to avoid a problem like losing access to your xat account or your account being deleted. | ||
* Asking | * Asking to download a third party program called ".sol Editor" and to provide the "Value" that's located above the category "Number." | ||
* Impersonating administrators or [[<tvar|1>Special:MyLanguage/Volunteers</>|volunteers]] in an attempt to collect information or purchased items. | |||
'''NOTE:''' | '''NOTE:''' NEVER click on suspicious links/downloads or provide any personal information to unknown users. | ||
==Tips for spotting a phishing e-mail== <!--T:4--> | ==Tips for spotting a phishing e-mail== <!--T:4--> | ||
| Line 24: | Line 25: | ||
<!--T:5--> | <!--T:5--> | ||
* Always look at the 'from' e-mail address, and ensure it isn't suspicious. Even the e-mail can sometimes be spoofed. | * Always look at the 'from' e-mail address, and ensure it isn't suspicious. Even the e-mail can sometimes be spoofed. | ||
* | * Scammers often attempt to make the e-mail look as legitimate as possible by including a logo or professional name such as "Account Support." | ||
* Hover over links in an e-mail before clicking on them. | * Hover over links in an e-mail before clicking on them. The link could direct you to a suspicious address completely unrelated to the text in the link. | ||
* Never open or download anything unless you are sure they come from a safe source. | * Never open or download anything unless you are sure they come from a safe source. | ||
| Line 33: | Line 34: | ||
<!--T:31--> | <!--T:31--> | ||
To prevent yourself from getting phished by a criminal, we recommend the following: | |||
<!--T:32--> | <!--T:32--> | ||
*Consider reading the [[Password]] wiki article for tips on creating a strong password. Do NOT use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have from being compromised. | *Consider reading the [[<tvar|3>Special:MyLanguage/Password</>|Password]] wiki article for tips on creating a strong password. Do NOT use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have from being compromised. | ||
*ALWAYS make sure that you are on xat's registered user account management page by looking at the URL bar. The link should appear as https://xat.com/web_gear/chat/register.php or https://xat.com/login. | *ALWAYS make sure that you are on xat's registered user account management page by looking at the URL bar. The link should appear as https://xat.com/web_gear/chat/register.php or https://xat.com/login. | ||
*Enable xat's account security features: [[<tvar|1>Special:MyLanguage/Account protection</>|Account Protection]] and [[<tvar|2>Special:MyLanguage/Account_Protection#Account_Locking</>|Account Locking]]. | *Enable xat's account security features: [[<tvar|1>Special:MyLanguage/Account protection</>|Account Protection]] and [[<tvar|2>Special:MyLanguage/Account_Protection#Account_Locking</>|Account Locking]]. | ||
| Line 45: | Line 46: | ||
<!--T:33--> | <!--T:33--> | ||
If you | If you think you may be a victim of phishing or an unauthorized user may have compromised your account, change the password to not only your account, but your e-mail address as well. | ||
<!--T:34--> | <!--T:34--> | ||
To report a phishing website, submit a [https://util.xat.com/support/open.php ticket] under the "Report Phishing Site" help topic | To report a phishing website, submit a [https://util.xat.com/support/open.php ticket] under the "Report Phishing Site" help topic. Provide proof about the occurrence, such as the date and time of when you went on the phishing website. The sooner you report the phishing website, the faster the phishing website will be shut down. | ||
<!--T:35--> | <!--T:35--> | ||
NEVER log into another user's account, even if you've been granted permission to. You will be in direct violation of xat's [<tvar|1>https://xat.com/terms</> Terms of Service]. Failure to follow xat's terms of service will result in your account being torched and/or deleted. | |||
</translate> | </translate> | ||
{{Category|Security}} | {{Category|Security}} | ||
Revision as of 02:26, 5 June 2019
Phishing is a fraudulent attempt to steal personal information, such as your e-mail address and password. On xat, you might encounter users who try to steal your e-mail address, password, xats, days, powers, and sometimes, your identity. Protect yourself whenever using xat by knowing how to recognize phishing attempts so you can report and not fall for phishing tricks.
Common phishing tricks
- Linking a page that looks exactly the same or similar to xat's registered user account management page.
- Convincing users to click on a link by offering free xats, days, and/or powers.
- An urgent request for personal information: passwords, e-mail address etc.
- A message requiring immediate action to avoid a problem like losing access to your xat account or your account being deleted.
- Asking to download a third party program called ".sol Editor" and to provide the "Value" that's located above the category "Number."
- Impersonating administrators or volunteers in an attempt to collect information or purchased items.
NOTE: NEVER click on suspicious links/downloads or provide any personal information to unknown users.
Tips for spotting a phishing e-mail
- Always look at the 'from' e-mail address, and ensure it isn't suspicious. Even the e-mail can sometimes be spoofed.
- Scammers often attempt to make the e-mail look as legitimate as possible by including a logo or professional name such as "Account Support."
- Hover over links in an e-mail before clicking on them. The link could direct you to a suspicious address completely unrelated to the text in the link.
- Never open or download anything unless you are sure they come from a safe source.
Protecting yourself
To prevent yourself from getting phished by a criminal, we recommend the following:
- Consider reading the Password wiki article for tips on creating a strong password. Do NOT use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have from being compromised.
- ALWAYS make sure that you are on xat's registered user account management page by looking at the URL bar. The link should appear as https://xat.com/web_gear/chat/register.php or https://xat.com/login.
- Enable xat's account security features: Account Protection and Account Locking.
How to report phishing
If you think you may be a victim of phishing or an unauthorized user may have compromised your account, change the password to not only your account, but your e-mail address as well.
To report a phishing website, submit a ticket under the "Report Phishing Site" help topic. Provide proof about the occurrence, such as the date and time of when you went on the phishing website. The sooner you report the phishing website, the faster the phishing website will be shut down.
NEVER log into another user's account, even if you've been granted permission to. You will be in direct violation of xat's Terms of Service. Failure to follow xat's terms of service will result in your account being torched and/or deleted.
