How to Prevent Hacking

Taken from an Original ACVault
Hacking Post by Quell

How to Prevent "Hacking"

First off most hacking is not hacking at all, normally what happens is that someone gives their log on to some one they trusted, or a friend. If you sift through all the "I was hacked" posts at the vault you will see that more times then not, this is the case. Another large percentage of the "I was hacked" posts turn out to be someone who bought the account over EBay and the account was recalled. If you do give your account information to someone, make sure that you trust them %120 .and are prepared if need be to lose that account. If you do buy an account from someone, make sure that the person has a "good" rating, or that the person no longer has the CD key.

With that said, there are the few incidents of "true" hacking , and we will go over ways to help prevent them.

1.) High value items:
If you somehow find a MAJOR war, MAJOR life, MAJOR will AL 240 wk 3 lore only helm, and plan on auctioning it off. I would strongly suggest that you register a separate account at the vault. This item is not only worth an enormous amount of sings, but is also worth hundreds of real life money. even with the dwindling population of AC, there are still people that have the money , and are willing to pay big bucks for their hobby.

2.) Getting your Email:
It would also be a good Idea to use a separate "dummy" email for registering for AC. I have one set up myself. Also do not use this email for anything other then zone/msn type activities. The simple reason for this, is if you make a friend or need to complete a trade, and the person needs to get in contact with you, and your zone Email is the same as your regular Email. That person is then half way to getting into your account.

Also with regards to Email, use a separate Email address for registering for boards then what you have used for the zone. This is for the same reason. In your profile at the vault for example your Email is listed under your profile. Even if you choose not to list it there, it is a lot easier to "hack" the
ACVault to get an Email then it is to hack the MS Gaming Zone.

3.) Tricks of the trade:
There are several tricks that people may use to get your info. One of the questions to change your password is commonly," what is the name of your pet?" Now this one is pretty slick, for the mere fact that this infact does come up in a normal conversation. A simple solution would be just to say, "I don't have a pet", or use the name of a niece or cousin instead. This can go hand in hand with making "look at my new puppy his name is spot" type posts.

4.) Plug-ins:
This is very rarely the case, however there is the odd plug-in that may contain code to hack accounts. The best way to prevent this is to only use trusted sites for the plug-ins. If you are in doubt in anyway, have a decal dev sift through the source code. One of my favourite things about AC is the decal side of it, if you have any questions feel free to contact me anytime.

5.) Cookies/malware/data ware:
One of recent advents of the internet is tiny programs that install themselves without your permission. Typical virus scanners do not yet have the capability to remove these programs and that's because Anti-Virus software don't consider
AdAware6 to be viral. The tool that I use to remove these programs is AdAware6, it is a free download and simple to install and run. You can use any Spyware remover you would like as well, another coukle highly recommended tools are Spybot. and CClean, Make sure if you do get these, that you update , and run them on a regular basis. Another way to prevent people getting information on you is to delete your cookies on a regular basis. you can do this by going to the top of your internet explorer screen.

Tools-> Internet options-> Delete cookies, Double click "Delete offline content"-> Delete files.

To delete information you may have filled out while applying to a website you can go to

Tools-> Internet options-> Content-> Auto complete-> Clear forms-clear passwords.

Make sure that if you have any passwords you need to remember you write them down. There are some programs that will do this for you as well. One of the ones that I like is called
History Kill.

6.) Virus scanning:
The title itself you should be enough. Get a good virus scanner. I would not suggest using a free/shareware one, as the money spent on this type of program is worth every red cent. I use Norton 2003 Pro myself and love it. UPDATE YOUR VIRUS DEFINITIONS OFTEN. you should be at least checking for updates 2 times a week. Hackers work full time it doesn't take more then 5 min to click "Update now".

If you are after a Firewall as well then don't assume your Anti-Virus software has one. In general, antivirus software doesn't come with a firewall. In the case of Symantec's products, you need to purchase the antivirus/firewall package to get both. McAfee also has bundles. But if you just buy Norton Anti-Virus or McAfee...uh...whatever they call it, you only get the AV software.

7.) Updates:
Update your web browser and OS (operating system) system files often. Windows is not "hole" free, however they at least try to fix these holes from time to time. You can download windows updates here at the
WindowsUpdate site.

8.) Firewalls:
Firewalls are another good idea, what they essentially do, is block unwanted internet traffic from accessing your computer. Most virus scanners have firewalls built in. A lot of the modern routers have hardware firewalls built in as well. You can also get free/trial/shareware firewalls from the net. some of the better fire walls are
Zonealarm ,and Black Ice.

9.) Peer to Peer downloading:
Since Kazaa is the most widely used, I will touch on that. Kazaa, is a peer to peer file sharing program. Essentially what it is a Napster for all types of files/programs. Kazaa, is a huge gateway to access information on your computer. and Kazaa also installs data tracking programs like was mentioned above onto your computer. Now you might be saying, "ok well Ill remove them with
AdAware6". As far as I know, you cant. The only way to remove Kazaa, completely off your computer is to re-format. If you do choose to run Kazaa, I highly recommend Kazaalite, as that seems to be a more stable/safe program.

10.) Passwords:
When ever you create a password you should try to make it as complex as possible, using # and letter combinations is a good idea. For example It would be very stupid for me to have my password be Quell. A better password would be something like 0U311 and even better would be something like t65hsak6k3d.

SIDE NOTE
#s 5, 6, 7, 8 ,9 and 10, are VERY good ideas for internet security in general. You should be doing these things ,and more. i.e. scanning Emails, to prevent your computer from being a gateway of private information about you. Most operating systems and programs can be configured to update themselves and to operate without you being at the computer. I strongly suggest that you configure these settings. You might be amazed at what people can do with your social security number alone.

11.) Be nice to people:
Ok, ok, I know there are some real a@@munchs out there, but there is an easy solution, ignore them. If that hasn't worked /squelch. The less people you piss off, the less motivation people have to try to mess with you. Again this carries over to the boards as well.


How to Stop Thieves

1.) Tinkering:

This may be the only "true" way of stealing. People ask around marketplace if there is a tinker in the house, and someone responds with "hey quell, I have 550 armor tink with brill". Well there are still ways to prevent this. "thieves" are normally short lived as their reputation is destroyed after the first few scams. In turn they have to reroll quite often. If someone who is level 32 says I have 550 armor tink with brill, you better use someone else. So before you have someone you don't know do some tinks, take these steps.
1. check their level, and make sure that what they claim is inline with what level they are.
2. /tell some of your friends or allegiance members that may be online ,and ask if they used, know of this char.
3. Do a RepCheck at the ACVault.
4. Check tier character name on Treestats or ACStats. Most respected tinkers have registered on one of these sites.
5. Check whom their monarch is, if you have played AC for more then a few months, you should know the names of most of the monarchs on the server.
6. Assess them , take screen shots. That way if they do keep an item, you have proof.
7. Inscribe the items that you are going to have tinkered. This makes it ALOT harder to trade the items, as people in general do not want to deal with items that were ill gotten.
8. Currently on the Leafcull server Bloodguard II (Armor 646, MIT 683, Weapon 646, Item 601) is a very trusted tinker bot. I would suggest using him/her when you can, or of a trusted clan member cannot do it for you.

Remember that you are taking a risk when you have someone tinker for you.

2.) Bot scam:
There are several ways to scam people with the different kinds of bots out there.

Don't use gamble bots, if I have to explain why, you deserve you items to be stolen.

Be careful with buffbots, Most of the new buffbots are able to Impen and bane your armor while you wear it. With Insane bot, you have to hand your items to the bot in order for them to bane. Some . I have experimented with this, and have found it is VERY easy to set up a bot that will keep all the items handed to them, and have also been able to set up the XML (the code) to bane some stuff and keep others. Make sure that you use trusted bots, or use the version that allows you to keep the armor.

Different bots are created nearly everyday, so if you have a doubt about the legitimacy of the bot, simply move on.

3.) Real-estate:
This one is a bit tougher, as you have to have some degree of trust in the person you are trading with.

If you are doing a real-estate trade that involves yourself or someone else to drop a home, make sure you have someone very close by, and with ALL the purchase items necessary. With the new plug-ins that are out, people can show up on your doorstep in less then 2 min, depending on where they are at. You don't want to drop villa to buy another just to find out that you are missing a write, have to recall back to your cottage to get another.

Planing, Planing ,and more Planing, with villas being as high value and as in demand as they are make sure you have planed this as well as possible to make the transition go smoothly.

Do not post on the boards the time and date of your transfer (IE: Ok, I'll be in at 8pm to pick up the villa). That just makes it easier for someone to be lurking during the trade. Or, they can just walk up and stand next to the crystal/force field, and now you have to gamble on being faster than they are.

Use a "real-estate agent" There are a few people that are for lack of a better title that are "real-estate agents". They normally have set prices on homes, have a very trusted reputation, and know how to make this go smoothly.
LizzyB of Leafcull is probably the most well known of these rare people. If you are looking for a new home, you can PM LizzyB at the vault.

4.) Vault name switch:
Fairly recently a scam has come to my attention. The way this scam works is, a potential "thief" watches what auctions are going on at the vault. If the scammer sees an item they would like, or say a good item go for less then what it is worth they will log onto, or create a new char. This char will normally have a name similar to the vault name of the person who won the auction. They then contact the person who was running the auction impersonating the auction winner. They make the trade and get the item. Keep in mind that this can work both ways, as someone who has a similar item can pose as the auctioneer, and complete a trade for a different item.

The easiest way to prevent this is to PM the the person , and ask them what char name they are going to make the trade with, and sure that the person you do complete the trade has that same name, with the same spelling , and capitalization.

Conclusion

There are several things that you can do to prevent hacking ,and getting items stolen from you. People who are going to do these things are going to look for easy targets, the harder you make it for them, the less likely you are to be taken advantage of.

My personal view is that maybe %1 of the all the hacks that have happened were true hacks, and that maybe %1 of items that were stolen were truly stolen. In fact I have a lot of respect for people that role-play thieves, not that I condone it, but some of the most successful thieves are people that openly admit it, and yet still manage to scam people.

If I have missed anything ,need correction or would like to add a link, on anything please feel free to get in contact with me. Via


PM'ing at Acasylum Forums
PM'ing at
ACVault.Com
AIM Liquiddrumbeat
Or contacting me in game as
Quell

Add on by Crilen007
PROBLEM: Messenger: The grey popups that say from blah to blah
FIX: Start, run, type "services.msc" without quotes, find messenger, double click it. Click stop, and change automatic to disabled.

PROBLEM: Web-popups: (the ones that aren't flash, or embedded into a website)
FIX:
 Google Toolbar
(say no to allowing them so see where you browse)

Keeping your computer in tip top shape.

PLEASE READ ALL OF THIS BEFORE DOING IT
1. A computer gets dusty inside. Clean it out. I would recommend using compressed air in the cans (because it has no moisture in it) and taking the tower outside, and blowing it out. DO NOT VACUUM unless you know what you are doing. The static electricity can ruin the electronic components in the system. (Air cans run for around 10 bucks Canadian, or 5-7 US, 10 bucks Australian).

2. While cleaning, removing the cards and blowing the slots they are in is also a good thing to do. Be sure to use static bags or something that does not generate static electricity when setting down the components. You can do this one at a time, or you can do them all at a time. REMEMBER WHERE EACH CARD GOES. If you donít, sometimes Windows will want to re-install the drivers, and itís a pain.

3. After you are done cleaning out the system, plug it in without the side panel on, and verify that each fan works (Processor, Power supply, Video (may or may not have one), any fans on the inside of the tower itself)


4. Be sure to run the Spyware removal tools frequently (once a week), AdAware6,   Spybot and CClean as Spyware will cause your system to run slow. They can be found here:

5. Go through your add/remove programs at least every month (once a week if you install a lot of things) and remove anything you donít use anymore. If you are unsure about what a certain thing is, leave it in there until you can find out further information about it.

6. A computer will run a lot faster after a format. If you have the resources (hard drive space on a spare drive, or a friends computer you can network to), and you also have knowledge on computers, it is a good idea to format the main drive (the one containing your windows install) and reinstalling windows. THIS IS NOT RECOMMENDED FOR NOVICE USERS. Before reinstalling, write down the serial numbers of all your cards inside your computers, along with brand names, do the same for your mainboard. Back up your documents, mp3s, anything that is NOT A PROGRAM onto a spare drive or CD/DVD. BE SURE TO KEEP A COPY OF THE NETWORK CARD/MODEM DRIVERS BEFORE YOU FORMAT, if you do not, you may not be able to access the internet again. Do the format and reinstall then update everything for drivers from each website (so you have the most up to date).

I would do motherboard first (ALWAYS), then Video second, because then you can go into higher resolutions. If you are having troubles finding a driver, go to the DriverGuide web site and use the L/P: drivers/all. Once all the drivers are up to date, update your windows using Windows update. Be sure to update
DirectX also. After everything has been updated (Direct x, drivers, windows), begin to re-install your software, then copy your files back over from the backup you created.

This page was last modified