At 7/15/09 02:21 PM, Lizzardis wrote:
Interclue
Thing about that is, a good phishing attack (if they're phishing and not just using keyloggers) perfectly copies the site's layout. A proper NG phish would look just like Newgrounds, except that you'd look logged out. You'd use your NG login information, and they'd get it as you clicked "Jack In".
Making links on NG look different, however, sounds like a good idea. But it doesn't even have to be that: liljim or someone could just make a redirect screen when you click an off-site link. Could be something like "http://www.newgrounds.com/redirector.ph p?http://yoururlhere.net/stuff/images.ht m" (not a real link, obviously, just hypothetical), with a warning for 5-10 seconds afterward, like "You are leaving Newgrounds.com for a page at yoururlhere.net. Do not, under any circumstances, enter your Newgrounds account information on this or any other site except NG." They could add some humor to it, whatever, but it would help cut down on phishing. Wouldn't be hard either: I've seen plenty of other websites with such a feature.
On the other hand, the mods are telling people that the hacked mods are not being phished, but instead are getting their e-mail passwords and security questions guessed by the account thieves. If that's the case, it's up to the users and mods in question, not Newgrounds, to take preventative steps to stop the yeeking.