There has been a lot of panic, about this, and despite what many of you think, it is actually very easy to avoid. There are many warning signs to a CG'er, and all will be explained in great depth here. Example: %3C%00 Important Link: To see where hex leads you, go to this site: NickCiske.com | HEX- "sweet sixteen", put the hex in the decode section, and press the decode button. Example: javascript:document.write Example: (%22%3Cscript%20 If you follow these steps you will never get cookie grabbed, or hacked through cookie grabbing, and beware of any strangers giving you complex, or wierd links, ask yourself is it worth it not to double check? ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- FAQ Question: What if I clicked on a cookie grabber link? Answer: If you beleive you may have been stupid enough to have actually clicked a CGe'r, change your password. This will render the cookie the CG'er got useless, because it makes the neopets cookies unusable.
Autobuyers don't have CG'ers, once I get the forum cash for my guides, then I will post how to check for Password Stealers in programs.
This was actually very useful, for the sake of general knowledge and keeping users aware. Great topic.
Also, if you suspect that you have been CGed, if you are logged into Neopets, Log out first, then re-login and change your password! For some reason logging out prevents them from using the cookie.
It actually ends your session, changing your password will be just fine also, because that makes the information in the cookie invalid.
Any other comments, just saying "nice guide" looks like spam, and doesn't give me any information to improve my guide with.
Can someone explain how a "cookie" can get you hacked? I don't even know what a cookie is but I often hear it.
What about the fact that cookie grabbers were actually in Neopets webpages and not in external URLs? I know that people have been cgrabbed by only visiting userlookups or shops, without clicking any "script", "hex", or "javascript" link...
Yea I heard that a while back as well. But I think TNT did something to stop that because I haven't heard anything of it in a long time.
Well if you surf in the English board and you have nomore heard of it, I can feel a bit more safe... I thought that people would have been still cgrabbed ._."
Lol CG'ers onsite are available and are in use. Theres other forums that sell them, and CG@d accounts etc IF YOU SUSPECT YOU HAVE BEEN CG'D JUST CHANGE PASSWORD! as the 1st post says Just be careful of anything suspicious if you see a BGC for 1np , be warey if you see someone advertising selling a SuAP for 200mil or things, use common sense If you saw a shop saying, SELLING IPOD FOR $5 would you go in? Probably not, as its 99.999% a scam or trick.
That's so... and this is what I knew ._. Why hasn't TNT still been doing anything to stop them? Such for example blocking particular HTML strings? :| I can't take it anymore to be always suspicious when I surf on Neopets and to have always to change passw after I buy something!