Pink Poogle Toy Forum

(Hope this is in the right place)

I was just wondering about some of the ways these people use to scam others. Cookie grabbers, for instance...how many ways can they be hidden? Can they be in an image, or does it have to be embedded in the site? For instance, many of us look at screenies on Photobucket, but I assume you can't get cookie-grabbed for that, right?

Just wondering after the fiasco on the Avatar Board tonight. Apparently, someone posted a topic saying, "Am I Ugly?", with a link inside. The link went to a CG, and lots of people lost their accounts. I never go to outside links I don't know, but just want to make sure I'm doing everything I can to stay safe.

Well, I never would go to any link that did not have http://www.neopets.com in the url if someone posted it on the neoboards. Especially if they ask if they are ugly or something, then the obvious thing to do is check the url for the .gif, .jpg, or .bmp extension. Also notice their account status. Newbies-3 monthers usually are trying something, although it is not to say, some people on older accounts should be trusted as well.

My understanding of Cookie Grabbers were that they were like programs/scripts embedded in a page/document that could collect your information. I do not believe that one could be placed in an image. But if you are viewing the image on a page (extension .html .htm .phtml etc) then one could potentially be there.

Don't trust older accounts just because they're older. Scammers that scam people will usually use the account they have just taken to scam others

Don't trust ridiciously low priced items in usershops. They can either link to cookie grabbers or fake login pages, or the user can switch the prices to a similar looking price between the time in which you see the price and the time in which you enter the store.

Don't trust images that people link to. If it is on a site but there is no image then you could be linked to a 404 page which can easily have a cookie grabber on it

Dont give out your word no matter who asks. Even if the account theneopetsteam mails you asking for your word. Neopets has every user's word saved in a seperate server, they'll never need to ask for your word in any manner or form

People on AIM/MSN etc are not staff. Ever.

One that tricks a lot of people that see it is a domain masker. It makes the URL on the page appear to be http://www.neopets.com. Usually this is coupled with a fake login page. Never log in on any address except http://www.neopets.com/loginpage.phtml If you are browsing the site while not logged in and you need to log in to view a page, go specifically to the neopets log in page URL and then log in. Smart scammers can make pages appear to be http://www.neopets.com when they're not, but they can't add anything other than that.

Do not give out your Email address for the account that your word is sent to. People can get into those with your secret question on Hotmail accounts etc. If they can't work the answer out themselves they'll say things like :

"Crud! I'm supposed to have done my homework by now. I had to interview somebody about (). So can you tell me ()"

Do what I do, I have an Email address for my personal life. One for my Neopets email and one that I give to people that want my email address from PPT/Neopets etc

You know, that's a good point, I never really thought of 404 pages before

I never thought about 404 pages either! Yikes!

Basically, I go nowhere while I'm logged in on the site. If someone has something on Photobucket, I'll write the url down and visit it later. Photobucket itself IS safe, but I don't trust people to not make some sort of fake url. There's just too much of that kind of thing both outside and within the site (the auction link that would auto-bid on you, things like that).

If someone says they have an auction or a trade, if I'm interested I will go to their lookup and click the trade or auction icon there.

On IE if you have all the updates you're supposed to be pretty safe from cg, but I don't know. I can tell you I clear cookies, etc. after any and all sites I visit.

Just a question. What about aim/msn? Can you be sent a keylogger without your knowledge? or do they have to send you something

Cookie grabbers are scripts embedded on webpages to steal cookies from other sites (such as Neopets) and gain access into the victims accounts. Keyloggers are malwares hiddened in some softwares that are installed without your knowledge together with the desired programs.

If your windows xp is original, download and install Microsoft Antispyware from http://www.microsoft.com/athome/securit ... fault.mspx and also turn on Windows XP SP2 Firewall. Control Panel -> Windows Firewall.

But if you were running a firewall already you wouldnt need to turn on XP would you? better running 1 good then 2

Yea, you wouldnt need windows xp sp2 firewall if you already got a 3rd party one running. For my case, I am behind a router/ firewall, running zone alarm firewall with windows xp sp2 firewall on as well.

Oh by the way, Microsoft Antispyware is really awesome, other than preventing malicious scripts such as a cookie grabber, it also protects against hijackers, some trojans and spywares.

Add: Always keep your windows up to date is the best protection. http://windowsupdate.microsoft.com

From what I know, cookie grabbers don't work on Firefox.

I wouldn't mind having a chocolate chip cookie grabber, myself.

Wow, that's alot of interesting info!

I've heard the same thing, that alot of the programs don't work for Firefox, but I'm not sure. I'm running a Linksys firewall and AVG antivirus. I don't IM with people I don't know....I don't check out links that I don't recognize. Actually, Photobucket is probably the only link I'd look at...I don't recognize most other hosts.

It just seems like the amount of scammers on Neo has increased lately. My sister showed me a shop today that tried to take you to a fake login page, and the thing on the boards. It makes me a bit nervous.

True, the amount of scams and inappropriate posts on the Neoboards has increased. It's sad that these people can't just accept that Neopets is a game and really scamming is a pretty stupid and low thing to be doing (particularly when younger kids are involved). Wouldn't suprise me if one of the reasons is the McDonalds promotions and such that have increased the advertising and traffic to the site and as a result the amount of scammers.

I once got a keylogger from someone on MSN, I was over a year had the greatest neohome the greatest petpets, a great amount of money.
They told me it was a chat room, but it was a keylogger, the next thing i know I was frozen!!!

I should not have clicked.

After reading all these stuff i actually feel unsecure. I feel scared.

I FEAR MY ACCOUNT !!!