[SIZE="5"]Infection/Hacking Prevention Guide[/SIZE]
There's a lot of fear and confusion when it comes to security online as far as MMOs are concerned.
This guide will attempt to teach you how to keep your computer and Mabinogi/Vindictus account secure.
There's a lot of fear and confusion when it comes to security online as far as MMOs are concerned.
This guide will attempt to teach you how to keep your computer and Mabinogi/Vindictus account secure.
[SIZE="4"]Basic Account Security[/SIZE]
It's important to have your Nexon account secured, and there's a few simple steps you can take to do that.
- Go to the account settings page on Nexon's site.
- Make sure that the e-mail address set there is one you have access to. If not, change it. it's very important that you have access to that e-mail address so you can recover your account if needed, and be made aware of changes to it.
- Click the "Add Security Questions" button.
[list=a] - If the page tells you that you first need to verify your e-mail account, click the button to send the e-mail, then check your e-mail and click the link Nexon sent to go back to the page so you can add security questions.
- Set up your two security questions and answers. Do NOT enter random crap here, because you may need to answer these questions in the future. Be sure to pick questions and answers that only you know, not ones that other people can easily find out or guess.
Now that you have your account's security set up properly, there's a few things to keep in mind.
- If somebody can access that e-mail account, they can try to get into your game account. Make sure that the e-mail account is secured as well.
- Consider making separate Nexon accounts for each game of theirs you play so that a security flaw in one game doesn't affect your standing in another, or consider locking down games you no longer play (for example, deleting characters) if that's possible.
[SIZE="4"]Computer Security[/SIZE]
Having the proper account security won't make much of a difference if you're being keylogged, 'ya know?
So here's some information and steps you can take to try to prevent infections/hacking.
A main source of protection, of course, are antivirus and anti-malware programs, so it's very important that you have a functional set of programs installed.
There's multiple classifications of infection in the computer world, just like there's multiple classifications of infections in the real world (for example viruses versus bacteria versus fungal infections). These infections work in different ways, and are often removed in different ways as well.
There's two main common categories for computer infections because of this. The first is "viruses", this generally includes viruses, worms, trojans, and malicious modifications to core system files. The second is "malware", which generally includes spware, adware, rogue software, and malicious system settings changes.
Often a scanner for one category won't aim for the other category due to the major differences, so it's recommended to have two programs. One antivirus and one antimalware, unless you have an antivirus that specifically includes antimalware instead (such as one of the paid anti-virus programs.)
It's important to only keep one anti-virus program installed at a time. Antivirus programs aren't normal programs, they hook into core parts of the system (such as filesystem I/O) and expect to be the only things doing so. Having multi antivirus programs can actually cause them to perform worse, or actually damage your system under rare circumstances.
- Anti-virus
- Free
Avast! - Has a boot-time scanner which can be really helpful to remove infections.
Microsoft Security essentials - Good at staying out of your way unless there's an issue. Updates definitions along with Windows Update, is light on requirements.
Comodo - Includes a software firewall and other such additional protections, but may be too restrictive for power users.
Avira - Standard antivirus, but the free version displays an ad when it updates.
AVG - Light on requirements, but can be seen as a little behind the times.
- Paid
Kaspersky - Big focus on Heuristics, so it can often catch infections before other AV programs can.
NOD32 - Low amount of false positives.
Bitdefender - Big focus on phishing protection, includes various other things such as parental controls (but the controls are easily bypassed).
F-Secure - Very fast and lightweight, but weak anti-malware protection.
Trend Micro - Website blocker, modern firewall, and a spam filter. Not the best malware protection.
- Free
- Anti-Malware
- Free
MalwareBytes - Excellent, takes steps that other programs don't in order to remove stubborn infections.
SUPERAntiSpyware - Light on resources when scanning.
Spybot S&D - An old standby, but can be considered deprecated. The TeaTimer component should not be installed or used.
- Free
There's a lot of misinformation about where infections/keyloggers come from and how you might catch them. What follows is a list of common causes of infection. Don't skip over it, you might be surprised.
- Advertisements
Yes, random advertisements on websites can attempt to infect your computer. You can even get infected by good sites like The New York Times. Almost any site that displays advertisements could possibly give an infection, this is partially why it's so important to keep some protection that's always on. You do NOT need to click on the advertisement for it to attempt to infect you! Simply viewing any page with a bad ad on it can be enough, which is why it's so important to stay secure.
- Rogue Software
Sometimes you might see a random popup or a page claiming it's scanning your computer, and showing you hundreds of problems it's finding that claims it can fix. THESE ARE FALSE. It is not scanning your computer, it is not detecting issues, all it's trying to do is scare you into buying it.
- Crack/Serial/Warez Sites
These are absolutely packed with infections and should be avoided. Their advertisements are rarely monitored and often contain infections, and the cracks and warez on the site itself often hide keyloggers and other such infections.
- Game Hacks Or Mods
There's many places out there that pretend to have various hacks and cheats for online games. These are often simply keyloggers or will directly ask you for your account information, in order to prey upon users trying to cheat.
- P2P/Filesharing Programs
When you use programs like Frostwire, you are downloading files directly from other people's computers, and other people are downloading files from your computer. That's why it's called "file sharing"! If anybody has an infection on their computer, you could catch it since your computer connects to theirs in order to get the file. Every single one of these programs has a very high risk of infection, you should try to avoid these. The Done To Death sticky has lists of where to get free music safely and legally.
These are just a few of the places to pick up infections. The people who make them are always looking into new ways to infect a large amount of machines, so if you're not sure on something look it up before you use it!
Here's steps you can take to prevent things from infecting you even if they try.
- Turn windows update on and leave it on! It's very important that your version of windows is kept up to date!
- If you are in windows Vista/7, make sure UAC is on.
- Make sure to allow your antivirus to update automatically.
- Make sure your web browser is always updating, It doesn't matter if you like the look if Firefox 0.9 better, if it's way out of date you shouldn't be using it as the security holes in it will not be fixed. There's often methods and options to make new programs look or function like old ones, so just update and get used to it. Running an older browser is just asking for infections.
- Make sure the plugins in your browser are up to date. Security holes in flash/java and other such plugins can allow malware in easily.
- Make sure that your antivirus is set to automatically scan every file that's created/modified. Any good antivirus software will have what's known as an "active guard" or "resident shield". What that does is scan every file before it enters your computer, like a robot security guard at the door of a nightclub. If it detects an infection, it can stop it from doing anything, and alert you.
- If you're suspicious of a program, try running it in a sandbox. If your antivirus doesn't offer a sandbox, try a program like Sandboxie.
[SIZE="4"]Social Security[/SIZE]
Many people get info via Social Engineering, not any hacking.
Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical hacking techniques; essentially a fancier, more technical way of lying.
This can be done various ways.
- Pure Text
Think about it with this example... let's say your username on a Mabinogi forum is the same thing as your Nexon account name. Somebody contacts you and starts talking, and suddenly wants to e-mail you something. Well, you give them your address and you two e-mail back and forth a few times, and they start asking you various questions and talking about things... say, who your favorite actor is, what primary school you went to, you know, normal stuff like that.
Well, that's your account name, e-mail, and security question answers right there! Be careful about what sort of information you give out online, and try to make your account names on various places different.
- E-mail
It's entirely possible to fake the e-mail address a message appears to have come from. If you get an e-mail that's supposedly from Nexon, but is directing you to weird sites or asking you for your account information, ignore it.
- Websites
People make sites that appear to be Nexon's official site, but are just copies that send them your login information if you try to log into them. These are known as "phishing" sites, and the major way to tell the difference is by looking at the URL bar to see if it's actually Nexon's site or not. Check the URL/location bar of your browser before typing your login information, if it's not Nexon's site then do not type anything in and close the window.
[SIZE="4"]Personal/Hacking Threats[/SIZE]
Actual computer hackers don't issue hacking threats on people for games, because despite what kids like to believe, you are not anonymous on the internet. You can be tracked easily (by law enforcement, not normal people), even if you use a proxy. The Computer Fraud and Abuse Act of 1984 states you can go to jail for up to ten years for hacking another person's computer. You don't have internet access in jail in order to brag about it, and you're often not allowed to use the internet once you get out, so you're not going to hear anybody except script kiddies bragging about "hacking" because a videogame isn't worth it.
You ever see how cats puff their fur up, arch their backs, and make loud noises to scare other animals?
Ever notice how fast a cat runs when you spray water at it?
You ever seen those little poodles that are always barking at everything?
Ever notice how they're just tiny poodles and you could send them flying with one kick?
People prey on fear, and they will try to threaten you into giving them items or doing things for them. Don't let people boss you around with threats. If somebody is threatening to hack you, ignore/report them. Do NOT give into their demands, and do not continue to talk to them.
Changelog...
1/4/2012 - Removed the spoilers.
1/4/2012 - Added mention of sandboxing suspicious programs in the prevention section.
1/3/2012 - Added mention of game hacks/mods as a common source, also fleshed out the social security section a bit with info on phishing and e-mail stuff.
1/3/2012 - Created. - If somebody can access that e-mail account, they can try to get into your game account. Make sure that the e-mail account is secured as well.