Let's face it. There's people out there who have no morals and will do anything for a quick buck. These people will look for ways to hack your account and steal items and money from you. I will show you some steps on how to prevent from being hacked!

Sections:

I. What is keylogging?
II. Where do I get keyloggers from?
III. How do I prevent myself from keyloggers?
IV. Oh noes! I've been infected! What shall I do?
V. Bruteforcers
VI. How to protect yourself from a bruteforcer
VII. Phishing. What is it?
VIII. How do I get phished and how do I prevent it?
IX. Sharing accounts.

I. What is keylogging?

A keylogger is a program that is sent to the victims computer in which logs every single keystroke you type on your computer. This includes everything from notepad files to your passwords on Firefox. It then sends every single key you've pressed to the assailant; with this information he knows all your log-ins and information to sites, game accounts, even bank info.

For example:

Let's say I downloaded some program off the net. It's not a very popular program and it was from some suspicious site. The program was actually a key logger. Anyways, I ran it and it's running a program like it's supposed to and I'm completely unaware of the keylogger.

It then logs every keystroke I type. Let's say I go to Youtube, sign in, search for a video, and comment it. It would log like the following:

11/21/2010
7:53 PM:

http://youtube.com
SeriousSamIsSerious
ThisIsMyPassword

Katy Perry I kissed a girl music video
Haha, this video is so awesome. I LOVE KATIE PERRY Anyone else like Katy Perry? (comment)

End of logs.

II. Where do I get keyloggers from?

Keyloggers can be found anywhere on the net. Users get infected when they download a executable file from the internet and run it. Usually keyloggers are made for specific information such as bank info, game accounts, etc. So, they will hide the virus in files that people would download for that particular thing.

Take for example, Twelve Sky, they might write a program that is a "Silver Jeon Generator" and instead of it being a program that makes you free Silver. It steals your account information along with anything else the person wants. That's why it is stressed that you DON'T download bots, hacks, money generators, etc these are fake and are most likely keyloggers to steal your account information.

III. How do I prevent myself from keyloggers?

The best way to not get keylogged is to prevent it. Do not download suspicious files such as bots and hacks. Do not open up any emails from unknown email addresses or spoof emails (Emails that pretend to be from a company such as Aeria). Those are the best ways to prevent it. This ensures you will not be keylogged.

However, there is a nifty add-on for Mozilla Firefox that you can use to stop Keyloggers from logging your keystrokes on Firefox (this prevents them from seeing what sites you go to, and the logins you use. ONLY on Firefox though), it does this by encrypting every single key stroke you type then decrypting it just for Firefox (Encrypting is like hiding something in secret code that nothing but the program that encrypted it can decode). This program is called KeyScrambler and can be found:

Here.

IV. Oh noes! I've been infected! What shall I do?

The best way to get rid of a keylogger is having efficient Anti-Virus programs and Anti-Malware programs. There are many free Anti-Virus and Anti-Malware programs out there that are extremely good. I personally use a paid Anti-Virus but free work almost or just as good in most cases.

Free Anti-Viruses:

AVG Free (Recommended)

Avast! Anti-Virus

Paid Anti-Viruses:

ESET Nod-32 Anti-Virus (Highly recommended if you have the money to dish out. I personally use it and LOVE it.)

AVG Internet security 9.0

(NOTE do NOT install two or more ant-viruses. They will interfere with each other and mess up your computer. If you already have a Anti-Virus then use that or un-install your current Anti-Virus COMPLETELY and install the new one.)


Anti-Malware programs:

MalwareBytes (User friendly and effective. Recommended)

SpyBot Search And Destroy

Now, some viruses prevent you from going to the Anti-Virus's sites. So, you can go to http://download.com and search for the Anti-Virus.

Also, it's best to run the scans during safe mode if you're infected.

To get into safe mode you must:

1. Restart the computer.
2. In the boot up process pressing F8. It can sometimes be a different key but it's usually F8
3. Run the anti-virus/Malware program and start the scan.
4. Be sure to scan the whole computer.

V. Brute Forcers


Brute forcing is generally a program that tries tens of thousands to hundreds of thousand passwords on your account until it finds the right one. It takes a while but it can be done easily to the victim if they aren't careful.

Brute Forcers typically have a list of passwords that it go's through. That list could be a simple few thousand words or the whole dictionary. In theory if your password is words of meaning then a brute forcer can always find the password in a certain amount of time. It's just like if there were an infinite number of monkeys writing stuff, one of those monkey's will write the work of William Shakespeare. It all has to do if the words make sense, etc.

VI. How to protect yourself to a Brute Forcer

Now, Brute Forcers will usually try to brute force two things. One, your account or your email account (this is because with access to your email they can request to change your password from the site). Brute forcing can happen to anyone because it's not a virus, the assailant just needs to know your accounts name and nothing else.

To help prevent being brute forced you can make your password secure and I'll show you how to do that:

The best passwords are ones that are longer, are a combination of letters and numbers, don't make common words, aren't in relation to you (birthdays, name, etc), capital letters, and so on. Some examples of good and bad passwords are here:

Good passwords:

1. So20Allo1Tss

(since it's long, doesn't make a word, and uses capital letters and numbers it's going to be nearly impossible to brute force because a brute forcer looks for common words)

2. TtT921nsIl999

(Please don't use my examples. Just type gibberish that makes no words, has letters and numbers with capital letters, also make it long).


Bad passwords:

1. apple

2. banana

3. john

All these are bad because they are simple words. A brute forcer targets simple passwords such as basic words, names, etc.

VII. Phishing. What is it?

Phishing is when you either type in your information on a site that looks like Aeria games or when you send your info to suspicious emails and send your information to the assailant. Phishing sites and emails can be extremely convincing. They will sometimes look exactly the same as a legit site or email would look like. It's rather scary.

For example:

Ever wondered why someone on Myspace is spamming people's profile with ways to get free ringtones or something along those lines? Or, maybe your account has done that. That's because at one point that person (or you) somehow managed to go to a site that looks EXACTLY like Myspace and logg in. It then redirected you to your real My Home page on the REAL Myspace and you still don't know that you just entered your information to another site who is going to use that info to spam with your account.

VIII. How do I get phished and how do I prevent it?

There's many ways to get phished. Mainly they disguise themselves as a site that looks the same as the real site (Check that URL before entering your information!), they will also disguise themselves as emails that look like their from the site but aren't (Such as GameMastersAeria@hotmail.com, Aeria@hotmail.com, AdminsAeria@hotmail.com, etc) so, just be careful with what you click on in your inbox. (Some emails may even look legit because they will have a @aeria. so, just be careful)

Ways to spot a spoofed email:

Subject: CONGRATS! You've won 1 million AP!
From: AeriaAdmins@hotmail.com

Body:

We have randomly selected you to win 1 MILLION AP!!!! Congratulations! Unfortunately our AP rewarding system is currently down. So, we will need your account information to manually put the AP on your account. We're sorry for the inconvenience but it's the only way we can get your AP at the moment.

Yours truely,

Aeria Games.


Obviously the first sign of a phishing email is the title. Why would they randomly select you without any notification on the site that they were going to. Why so much AP? etc.

Second, is the email (AeriaAdmins@hotmail.com) Aeria doesn't use Hotmail accounts. They use @aeria (but it's still possible to get a phishing email from a account that's from @aeria. There's way to get an email (they'd be fake) to any site. I could be billgates@microsoft.com if I wanted to.)

Third, is the message and how they ask for your account information. NEVER will any staff of Aeria ask for your log in details. Never.

IX. Sharing accounts.

Sharing accounts is not only against the rules (I think, confirmation on this?) it's also a security risk. It doesn't matter how much you trust that person. There's still a chance for them to backstab you. It's true! Backstabbers are everywhere (Anyone remember "Et tu Brute?") So, just be careful and don't share your account. You could get hacked, scammed, or even banned. It's just not worth it!


That's all I can think of for right now. I'll add more if I think of anything else. But, hopefully you guy's follow these steps to prevent you from getting hacked!

Best of luck,



~L00tsma