http://www.digitalfiz.com/hax/secondlife.php

Now normally a phisher would setup sub domains so you would see something like https://secure.secondlife.com.phishingsite.com/login.php or something similar to fool people who pay a little more attention. If you went to that site and tried to login you should have seen the page that told you when the information was stolen. Again I didnt log any information you may have put in that fake login page but I would hope you didnt use your real information anyways.

The best most secure way to make sure you never fall victim to a phishing site is to go to the site directly. Like if your logging into secondlife go to secondlife.com and login then try the page you clicked on again. If its the correct and safe site it will notice you logged in elsewere and redirect accordingly. You should NEVER EVER put your information into a page that comes up from a link given to you by anyone or anything. It is easy to spoof urls in emails and messengers and make you think its the right site when its not. Also you can check the sites security certificate to validate that its actually secondlife or whatever place your trying to login to. Like if you go to https://secure-web20.secondlife.com/my/account/login.php you should see a lock either in the bottom right corner or up but the url bar you can click on to see the security certificate and who it belongs to. Also make sure that the url in the url bar starts with https:// if it doesn’t then its more then likely a fake site. I don’ know many sites anymore that dont make you login via a secure connection.

One thing I would like to point out about friendships and security. You have to remember that just because a link in an email or messenger or any other type of message from a friend ISN’T safe. You always have to think “what if they have been hacked already” because thats how these things spread. People think oh its from johnny he is my best friend its safe and BAM they are a victim too and it spreads like wild fire. Thats why I said never login to pages you clicked from anyone or anything. Always ALWAYS go to the site directly and login first. I would also suggest reading my older post about lazy passwords to learn more about sand boxing incidents and protecting yourself from to much damage. I wrote something on checking the URL awhile back too I would recommend reading its a long the same lines as this.

Group 1 – would be for financial sites. This is your most important information and should be separate from anything else you do. In all reality you should have a different password for each financial site you are on. But if your a lazy user separating financial sites should be good enough.

Group 2 – this group would be for social networks. Since social networks get hacked a lot and people often fall victim to phishing pages/emails it is a good idea to keep the password for those separate. These are probably the most dangeous places because they are so insecure. Now again it is still good practice to keep a different password for every place you go to keep things the most secure.

Group 3 – Pretty much everyplace else. After the previous 2 groups all other sites are up to your discretion those are just the 2 main ones.

Now remember that I am in no way saying that this is the way people should do things but if your not going to do it right at least do it in a “safer” manner to prevent yourself from getting totally fucked. Really it is best to have a different password for each place you go and the password should be 8-10 characters long (the longer the better) and have at least 1 uppercase letter and at least 1 number. Now remember there is no such thing as a full proof password. Any password with time can be cracked but the harder you make it the more chances that hacker will give up out of bordom. Unless you really pissed someone off then you really don’t have to worry unless the database is cracked which goes back to why its a good idea to use a different password for each place you go to.

/end/