Phishing/da: Difference between revisions

From xat wiki
(Created page with "En kriminel vil starte med at oprette en side, der ser ud nøjagtig som din XAT registrerede brugerkonto side. Derefter vil den kriminelle oprette et link (som vil omdirigere...")
(Updating to match new version of source page)
(22 intermediate revisions by 2 users not shown)
Line 4: Line 4:


==Hvad er phishing?==
==Hvad er phishing?==
<span id="whatphishing"></span>
Phishing er et trick bruges af kriminelle til at stjæle personlige oplysninger, så som din e-mail-adresse og adgangskode. Det er ikke en sikkerhedsfejl og du bliver ikke hacket. Så længe du ved, hvad man skal kigge efter, kan du forhindre dig i at blive phished. Du er sikkert blevet advaret før med din netbank om phishing-websteder, men de fleste brugere har ikke tænke eller bekymre sig om at blive udsat for phishing, når de bruger deres xat konto. På xat, er der kriminelle, der ønsker at stjæle din e-mail adresse, adgangskode, xats, dage, powers, og mest af alt, din identitet.


Phishing er et trick bruges af kriminelle til at stjæle personlige oplysninger, så som din e-mail-adresse og adgangskode. Det er ikke en sikkerhedsfejl og du bliver ikke hacket. Så længe du ved, hvad man skal kigge efter, kan du forhindre dig i at blive phished. Du er sikkert blevet advaret før med din netbank om phishing-websteder, men de fleste brugere har ikke tænke eller bekymre sig om at blive udsat for phishing, når de bruger deres XAT konto. På XAT, er der kriminelle, der ønsker at stjæle din e-mail adresse, adgangskode, xats, dage, powers, og mest af alt, din identitet.
==How does phishing work?==
<span id="howphishing"></span>
En kriminel vil starte med at oprette en side, der ser ud nøjagtig som din xats registrerede brugerkonto side. Derefter vil den kriminelle oprette et link (som vil omdirigere til siden) og komme op med en overbevisende måde at lokke en bruger til at klikke på linket. Et eksempel kunne være at tilbyde xats, dage og/eller powers gratis, så længe du klikker på linket og indtaster din e-mail-adresse og adgangskode i tekstboksen. Det er absolut en {{Color|#FF0000|'''rød flag'''}}. Under INGEN omstændigheder bør du nogensinde klikke på linket, eller indtaste din e-mail-adresse og adgangskode, uanset om det er gratis. Bare ved at klikke på linket selv, kan den kriminelle allerede have din IP-adresse.


== Hvordan fungerer scam? ==
'''NOTE:''' If you come across a page that asks you for the password that's associated with your e-mail address (not your account), it's a phishing website. xat will '''NEVER''' ask you for that under any circumstances. Also, do '''NOT''' use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have getting compromised.


En kriminel vil starte med at oprette en side, der ser ud nøjagtig som din XAT registrerede brugerkonto side. Derefter vil den kriminelle oprette et link (som vil omdirigere til siden) og komme op med en overbevisende måde at lokke en bruger til at klikke på linket. Et eksempel kunne være at tilbyde xats, dage og/eller powers gratis, så længe du klikker på linket og indtaster din e-mail-adresse og adgangskode i tekstboksen. Det er absolut en {{Color|#FF0000|'''red flag'''}}. Under ingen omstændigheder bør du nogensinde klikke på linket, eller indtaste din e-mail-adresse og adgangskode, uanset om det er gratis. Bare ved at klikke på linket selv, kan den kriminelle allerede have din IP-adresse.
Udover at skabe en dublet side, er der også en anden måde at kriminelle bruger prøver at stjæle personlige oplysninger fra brugerne. Hvad de gør er enten at bede brugere om deres  flash shared object file, eller bede brugere om at downloade en tredjeparts program på deres computer kaldet ".sol Editor" og vil så have brugerne til at give dem den "Value", der er placeret over kategorien "Number." Under ingen omstændigheder bør du give dem den value, der er knyttet til din konto. At give dem value er lige som at give dem din adgangskode og du vil ende med at blive phished.
 
'''NOTE:''' If you come across a page that asks you for the password that's associated with your e-mail address (not your account), it's a phishing website. xat will NEVER ask you for that under any circumstances. Also, do NOT use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have getting compromised.
 
Besides creating a duplicate page, there is also another way that criminals are using to steal personally identifiable information from users. What they're doing is either asking users for their flash shared object file, or asking users to download a third party program on their computer called ".sol Editor" and wanting users to provide them the "Value" that's located above the category "Number." Under NO circumstances should you provide them the value that's associated with your account. Giving them the value is just like giving them the password and you will end up being phished.
 
==How can I protect myself?==


==Hvordan kan jeg beskytte mig selv?==
<span id="howprotect"></span>
For at forhindre dig i blive phished af en kriminel, anbefaler vi at du følger disse forebyggende skridt:
For at forhindre dig i blive phished af en kriminel, anbefaler vi at du følger disse forebyggende skridt:


'''Step #01:''' Når du logger ind på din konto, altid sørge for du er på xat´s registrerede brugerkonto [http://xat.com/web_gear/chat/register.php page]. du kan finde ud af, om du er på den rigtige side ved at se på adresselinjen, som er placeret i øverste venstre hjørne af din browser. Hvis linket viser '''http://xat.com/web_gear/chat/register.php''', er du på den rigtige side. Hvis den viser noget andet end linket, MÅ DU IKKE indtaste din e-mail-adresse eller registreret brugernavn og adgangskode på den pågældende side. Forlad siden med det samme og rapportere phishing-websted ved at indsende en [http://util.xat.com/support/open.php ticket] under kategorien "Report Phishing Site." Du behøver ikke at være en betalt bruger for at indsende en ticket i denne afdeling.
'''Step 1:''' When you are logging into your account, ALWAYS make sure that you are on xat's registered user account management [https://xat.com/web_gear/chat/register.php page]. You can find out if you are on the correct page by looking at the URL bar, which is located at the top-left corner of your web browser. If the link shows '''https://xat.com/web_gear/chat/register.php''', you are on the correct page. If it shows anything other than the link provided, do NOT enter your e-mail address, username or password on that page. Leave the page immediately, and report the phishing website by submitting a [https://util.xat.com/support/open.php ticket] under the category "Report Phishing Site." You do not need to be a paid user to submit a ticket in this department.


'''Step #02:''' When you're logging into your account, you have the option of either entering the e-mail address that's associated with your account, or your registered username. When it comes to entering your password, ALWAYS make sure it's the password that's associated with your account and not your e-mail address. xat will NEVER ask you for the password that's associated with your e-mail address under any circumstances. In order to ensure your account is fully protected, use a password that isn't the same password as your e-mail address. Also, make sure your password is alphanumeric, which consists of both letters and numbers (but not symbols). Be sure to make it so it's easy for you to figure out, but hard for a criminal to figure out. As long as it contains at least 10 characters (or more), you will be fine. Don't make your password too long or you might forget it. We highly recommend you avoid using patterns or words in your password and always change your password on a monthly basis. It's better to be safe than sorry.
'''Step 2:''' When you are logging into your account, you have the option of either entering the e-mail address that is associated with your account, or your registered username. When it comes to entering your password, ALWAYS make sure it is the password that is associated with your account, and not your e-mail address. xat will NEVER ask you for the password that is associated with your e-mail address under any circumstances. In order to ensure your account is fully protected, use a password that is not the same password as your e-mail address. Also, make sure your password is alphanumeric, which consists of both letters and numbers (but not symbols). Make sure that your password is not easily guessable. As long as it contains at least 10 characters (or more), you will be fine. Do not make your password too long or you might forget it. We highly recommend you avoid using patterns or words in your password, and to always change your password on a monthly basis. It's better to be safe than sorry.


'''Step #03:''' When it comes to fully protecting your account, we highly recommend you enable the following features: Account Protection, Account Locking and Account Authentication. For more information regarding Account Protection, click '''[[Account_Protection|here]]'''. For more information regarding Account Locking, click '''[[Account_Protection#Account_Locking|here]]'''. For more information regarding Account Authentication, click '''[[Authentication|here]]'''.
'''Step 3:''' When it comes to fully protecting your account, we highly recommend that you enable xat's account security features: [[Special:MyLanguage/Account protection|Account Protection]], [[Special:MyLanguage/Account_Protection#Account_Locking|Account Locking]] and [[Special:MyLanguage/Authentication|Account Authentication]]. For more information on any of these account security features, click the respective links.


==Hvad gør jeg, hvis jeg tror, jeg har været udsat for phishing?==
==Hvad gør jeg, hvis jeg tror, jeg har været udsat for phishing?==
<span id="helpphished"></span>
If you suspect that an unauthorized user may have compromised your account, do NOT panic. It will only make the situation much worse than it needs to be. The first thing you need to do is change the password to not only your account, but your e-mail address as well, for extra security measures. Also, if you remember the link of the phishing website you were on, report the phishing website as soon as possible by submitting a [https://util.xat.com/support/open.php ticket] under the category "Report Phishing Site" and provide as much sufficient proof about the occurrence as you can, such as the date and time of when you went on the phishing website and the date and time of when you got phished. The sooner you report the phishing website, the faster the phishing website will be shut down.


If you suspect that an unauthorized user may have compromised your account, do NOT panic. It will only make the situation much worse than it needs to be. The first thing you need to do is change the password to not only your account, but your e-mail address as well, for extra security measures. Also, if you remember the link of the phishing website you were on, report the phishing website as soon as possible by submitting a [http://util.xat.com/support/open.php ticket] under the category "Report Phishing Site" and provide as much sufficient proof about the occurrence as you can, such as the date and time of when you went on the phishing website and the date and time of when you got phished. The sooner you report the phishing website, the faster the phishing website will be shut down. Under NO circumstances should you EVER log into another user's account, even if you've been granted permission to. You will be in direct violation of xat's terms of service. Failure to comply with xat's terms of service will result in your account being torched and/or deleted.
Under NO circumstances should you EVER log into another user's account, even if you've been granted permission to. You will be in direct violation of xat's [https://xat.com/terms Terms of Service]. Failure to comply with xat's terms of service will result in your account being torched and/or deleted.




{{Category|Security}}
{{Category|Security}}

Revision as of 22:29, 10 July 2017

Har du nogensinde været i en situation, hvor du logger ind på din konto, blot for at finde ud af, at nogle af dine xats, dage og/eller powers mangler? Har du mistanke om, at en uautoriseret bruger kan have forsøgt at kompromittere din konto og det lykkedes? Kan du være offer for det, vi kalder "phishing".

Hvad er phishing?

Phishing er et trick bruges af kriminelle til at stjæle personlige oplysninger, så som din e-mail-adresse og adgangskode. Det er ikke en sikkerhedsfejl og du bliver ikke hacket. Så længe du ved, hvad man skal kigge efter, kan du forhindre dig i at blive phished. Du er sikkert blevet advaret før med din netbank om phishing-websteder, men de fleste brugere har ikke tænke eller bekymre sig om at blive udsat for phishing, når de bruger deres xat konto. På xat, er der kriminelle, der ønsker at stjæle din e-mail adresse, adgangskode, xats, dage, powers, og mest af alt, din identitet.

How does phishing work?

En kriminel vil starte med at oprette en side, der ser ud nøjagtig som din xats registrerede brugerkonto side. Derefter vil den kriminelle oprette et link (som vil omdirigere til siden) og komme op med en overbevisende måde at lokke en bruger til at klikke på linket. Et eksempel kunne være at tilbyde xats, dage og/eller powers gratis, så længe du klikker på linket og indtaster din e-mail-adresse og adgangskode i tekstboksen. Det er absolut en rød flag. Under INGEN omstændigheder bør du nogensinde klikke på linket, eller indtaste din e-mail-adresse og adgangskode, uanset om det er gratis. Bare ved at klikke på linket selv, kan den kriminelle allerede have din IP-adresse.

NOTE: If you come across a page that asks you for the password that's associated with your e-mail address (not your account), it's a phishing website. xat will NEVER ask you for that under any circumstances. Also, do NOT use the same password for any other e-mail addresses or accounts you may have, even if it has nothing to do with xat. You're only increasing your chances of other accounts you have getting compromised.

Udover at skabe en dublet side, er der også en anden måde at kriminelle bruger prøver at stjæle personlige oplysninger fra brugerne. Hvad de gør er enten at bede brugere om deres flash shared object file, eller bede brugere om at downloade en tredjeparts program på deres computer kaldet ".sol Editor" og vil så have brugerne til at give dem den "Value", der er placeret over kategorien "Number." Under ingen omstændigheder bør du give dem den value, der er knyttet til din konto. At give dem value er lige som at give dem din adgangskode og du vil ende med at blive phished.

Hvordan kan jeg beskytte mig selv?

For at forhindre dig i blive phished af en kriminel, anbefaler vi at du følger disse forebyggende skridt:

Step 1: When you are logging into your account, ALWAYS make sure that you are on xat's registered user account management page. You can find out if you are on the correct page by looking at the URL bar, which is located at the top-left corner of your web browser. If the link shows https://xat.com/web_gear/chat/register.php, you are on the correct page. If it shows anything other than the link provided, do NOT enter your e-mail address, username or password on that page. Leave the page immediately, and report the phishing website by submitting a ticket under the category "Report Phishing Site." You do not need to be a paid user to submit a ticket in this department.

Step 2: When you are logging into your account, you have the option of either entering the e-mail address that is associated with your account, or your registered username. When it comes to entering your password, ALWAYS make sure it is the password that is associated with your account, and not your e-mail address. xat will NEVER ask you for the password that is associated with your e-mail address under any circumstances. In order to ensure your account is fully protected, use a password that is not the same password as your e-mail address. Also, make sure your password is alphanumeric, which consists of both letters and numbers (but not symbols). Make sure that your password is not easily guessable. As long as it contains at least 10 characters (or more), you will be fine. Do not make your password too long or you might forget it. We highly recommend you avoid using patterns or words in your password, and to always change your password on a monthly basis. It's better to be safe than sorry.

Step 3: When it comes to fully protecting your account, we highly recommend that you enable xat's account security features: Account Protection, Account Locking and Account Authentication. For more information on any of these account security features, click the respective links.

Hvad gør jeg, hvis jeg tror, jeg har været udsat for phishing?

If you suspect that an unauthorized user may have compromised your account, do NOT panic. It will only make the situation much worse than it needs to be. The first thing you need to do is change the password to not only your account, but your e-mail address as well, for extra security measures. Also, if you remember the link of the phishing website you were on, report the phishing website as soon as possible by submitting a ticket under the category "Report Phishing Site" and provide as much sufficient proof about the occurrence as you can, such as the date and time of when you went on the phishing website and the date and time of when you got phished. The sooner you report the phishing website, the faster the phishing website will be shut down.

Under NO circumstances should you EVER log into another user's account, even if you've been granted permission to. You will be in direct violation of xat's Terms of Service. Failure to comply with xat's terms of service will result in your account being torched and/or deleted.