Wanderer D 5,558 followers · 66 stories

Patreon | Ko-fi are available for subscriptions/donations! Helping pay my bills helps me write more!

News Archive

  • 4 weeks
    Jinglemas 2024!

    Jinglemas 2024

    Jinglemas is the annual tradition on Fimfiction to exchange stories around the holidays with users on the site. This single event allows everyone to come together and celebrate the reason for the season. Ponies!

    Enroll in this Secret-Santa-style gift exchange to request a holiday themed story, to be written secretly by another participant during the month of December. And in turn, you will be tasked with writing someone else's request. Then all the stories will be exchanged at Christmas! Simplicity itself! Thanks to the hard work of the Breezies, everyone will be ensured to get their gift!

    You only have until November 29th to Sign up!

    Read More

    23 comments · 1,869 views
  • 16 weeks
    Paul's Thursday Reviews CCCLXIV

    Hello again, FIMFiction!

    My writing has been going extra slow this month. It’s no mystery why. The first reason is that I’ve been reading in great excess lately, owing to a special blog I’m preparing for early October. It’s padded my daily wordcount to the point that by the time I finally finish reading everything, I don’t really want to do anything “literature” anymore for the day. This has been going on for around four months now. It’ll be good to have all that extra stuff finished in September, at which point I can go back to my more regular 20k-30k daily wordcounts instead of the 40k-50k I’ve been doing lately.

    Read More

    41 comments · 2,893 views
  • 18 weeks
    Paul's Thursday Reviews CCCLXIII

    You know what I like to see? Progress. This is why I’m such a schedule-oriented person. Like the great Princess Booky herself, I find great satisfaction in seeing that thing marked as complete on time. It’s why being an achievement hunter in video games is compelling for me: I have goals and I’m often willing to tough it out through the longest, most frustrating tasks in the name of getting all of them. I like progress.

    Read More

    27 comments · 2,826 views
  • 58 weeks
    The Day of the Dead Anthology

    The Day of the Dead (Dia de los Muertos) is a now-famous tradition from ancient times that has been a huge part of Mexican Culture through the centuries. Like so many things in Mexico, it's influenced strongly by certain aspects of the Aztec people.

    It has shaped the way those of us with that heritage look at life and death in many ways, and most importantly on the remembrance of, and honoring the deceased. We traditionally decorate little altars dedicated to the memories of those that passed away… but it's not a somber occasion.

    Read More

    22 comments · 5,316 views
  • 58 weeks
    Jinglemas 2023!

    Jinglemas is the annual tradition on Fimfiction to exchange stories around the holidays with users on the site. This single event allows all Fimfiction users to come together and celebrate the reason for the season. Ponies!

    Enroll in this Secret-Santa-style gift exchange to request a holiday themed story, to be written secretly by another participant during the month of December. And in turn, you will be tasked with writing someone else's request. Then all the stories will be exchanged at Christmas! Simplicity itself! Thanks to the hard work of the Breezies, everyone will be ensured to get their gift!

    You only have until November 24th to Sign up!

    Read More

    30 comments · 6,388 views
  • 82 weeks
    PSA: Using AIs to Write and Publish Stories in Fimfiction

    Hello everyone, this is a PSA (Public Service Announcement, for those of ESL) to put to rest consistent questions about using AI to 'write' stories and publish them here. This is not intended as a poll or a request for feedback. It is exclusively a clarification on an already-existing rule.

    People ask: "Can I, oh great and powerful D, post a story or chapter that I got ChatGPT to write for me?!"

    And the answer, my friend, is... No.

    Absolutely not. Not in a thousand years!

    Because you didn't write it.

    It is not your creation. You are NOT the author. In fact, you are the opposite.

    There seems to be some confusion when interpreting the following rule:

    Don’t Post (Content)

    [...]

    Read More

    705 comments · 24,783 views
  • 110 weeks
    Jinglemas 2022!

    Jinglemas is the annual tradition on Fimfiction to exchange stories around the holidays with users on the site. This single event allows all Fimfiction users to come together and celebrate the reason for the season. Ponies!

    Enroll in this Secret-Santa-style gift exchange to request a holiday themed story, to be written secretly by another participant during the month of December. And in turn, you will be tasked with writing someone else's request. Then all the stories will be exchanged at Christmas! Simplicity itself! Thanks to the hard work of the Breezies, everyone will be ensured to get their gift!

    Read More

    62 comments · 12,738 views
  • 149 weeks
    All Our Best [Royal Canterlot Library]

    As should be obvious from 15 months without a feature, life has taken the Royal Canterlot Library curators in different directions. While there’s still plenty of awesome stories being written in the My Little Pony fandom, we’re no longer actively working to spotlight them, and it’s time to officially draw the project to a close.

    Thank you for all of your support, suggestions, and comments over the years. We’re grateful to have been able to share seven years of exemplary stories with you, and give more insight into the minds behind them. In the spirit of the project, please keep reading and recommending fantastic fics to friends—the community is enriched when we all share what we love.

    Read More

    115 comments · 18,592 views
  • 153 weeks
    Jinglemas 2021 has come to a close!

    Jinglemas had 114 stories written and exchanged this year!
    You can read them all here, in the Jinglemas 2021 folder!

    Jhoira wrote The Hearths Warming Eve Guest for EngageBook
    GaPJaxie wrote Twilight and Spike Hide a Body for Telly Vision
    SnowOriole wrote The Armor Hypothesis for BaeroRemedy
    snappleu wrote Words Said So Often That They Lack Any Meaning for Trick Question
    NeirdaE wrote Starlight and Trixie Direct a Play for Moosetasm
    Ninjadeadbeard wrote Garland Graveyard Shift for NeirdaE
    Roundabout Recluse wrote Apples to Apples for Ninjadeadbeard
    MistyShadowz wrote The Times We Shared for NaiadSagaIotaOar
    Petrichord wrote A Gentle Nudge for Angel Midnight
    Jade Ring wrote Past, Future, and Present for Frazzle2Dazzle
    Jake The Army Guy wrote The Big Talk for Dreadnought
    The Red Parade wrote Heart Strings for Franso
    Greatazuredragon wrote A Hearth’s Warming Question for GaPJaxie

    Read More

    20 comments · 10,248 views
  • 184 weeks
    Reunions: A Swapped Roles Contest!

    Okay guys here's something fun presented by Nitro Indigo.

    Presented by me, I guess, but I digress.

    Last year, I (Nitro Indigo) noticed that there was a surprising lack of roleswap fanfics on this site. To fix that, I decided to run a roleswap contest over the summer themed around secrets. While it didn’t get many entries, it nevertheless attracted the attention of some big authors and was the origin of two of my favourite fics. Overall, I think it was a success, so I’ve decided to run another one!

    Read More

    57 comments · 17,075 views
Apr
23rd
2022

Site Post » Phishing Awareness · 10:23pm Apr 23rd, 2022

Have you ever found yourself in a situation like this?



And then you magically find yourself in a suspiciously familiar site, except that you're not logged in, and it requires you to do so?

Well. Don't log in. This is a scam, and a cheap one at that. 

There've been recent attempts to obtain Fimfiction users’ personal data, like passwords and/or emails through links like the one I'm making fun of above. And a distressing amount of people don't seem to know what phishing attempts are.

If you HAVE entered a site like this and put in your data, make sure to follow these basic steps at least.

These accounts are then used to further post fraudulent links to trick others. Bear in mind, "just because it's a fimfic account" doesn't mean that the data obtained cannot be used for worse things than simply posting more messages to gain access to more accounts. That's not their final objective.

Given that we're a community and communities should help their members when possible instead of simply leaning back and watching them suffer, I have decided to put up a handy little guide for y'all. Now, this is not a comprehensive guide on how to avoid BITB attacks or stuff like that, but a general familiarity with what is common out there can help.

So, D, you ask: "Besides questions about how you ended up being such a handsome SOB, my burning curiosity right now is focused on this word you used. Why is this scam named so similar to a sport that can be summarized as sitting on a bench or boat with a line and a hook waiting for oblivious swimming animals to bite and be lured out of the water so they can be butchered called... oh. Oooooooooh."

Yes. That is why it's called Phishing. The lure being a link, or a text message with a link, or an email that urges you to click on this link to save yourself from having your money vacuumed by pirates, etc. Usually there's "tells" for emails and such sent to companies with bad grammar and such, but in the comments here... that's, let's just say not unusual enough to raise eyebrows.

The idea is that by clicking that link you are providing these people with data that they can use against you. IP, possibly email, and even your password if they trick you into putting in your credentials. 

THIS IS WHY TWO-FACTOR AUTHENTICATION IS YOUR FRIEND AND YOU SHOULD BE USING IT HERE AND EVERYWHERE ELSE IT IS IMPLEMENTED.

Yes that is optional but it's also stupid not to use it. There. I said it. Use that. The codes, phone numbers or text messages automatically required by 2FA could be your lifeline, especially if you're one of those people that use a single password for everything.

Which let me make clear: DON'T. HOLY CELESTIA, DISCORD, AND LUNA! DON'T DO THAT! If you do, make it your mission to fix that sh*t NOW. 

Any one site can be spoofed. Any text message you receive can be clicked on if you're distracted. Any email can look legit unless you're paying attention.

This is for your safety. This is not a joke.

People are taking advantage of your lack of information. You've all heard the stories of old people getting duped by scammers from India to give them their money by convincing them to buy Apple Gift Cards. This doesn't only happen that way, and it's not just old people that are targeted.

Keep track of what's happening out there and remember to protect yourself. There are many ways to keep updated.

We can tighten up security in the site, but ultimately you are the last line of defense against scammers. These sad, bitter, less-than-human morons take advantage of ignorance. Don't let them win.

If you believe you have been a victim of a phishing scam here, please make sure to contact us.

Report Wanderer D · 15,751 views ·
Comments ( 167 )

I've seen these scams so many times, I instinctively avoid all links that beg me to click on them.

Yeah, i remember almost falling for one in discord a couple of years ago. The robotic way the user was answering my questions and how quickly responded should made it clear that I was speaking with a bot. Either way, when i asked the admins of the server I shared with the scammer I was informed of the ploy the scammer was using. Since then I’m more carful.

It’s amazing how you also took the time to create those first three screenshots.

Recently we’ve also been getting some weird blogs in foreign languages with very sus links as well.

Get all of thou a password manager and use a different thirty character randomized password for every site. I like 1Password.

Yeah it’s ridiculous who has ever logged out

I'm guessing whoever's doing the phishing is the one downvoting every comment here

if so, we know it's you m8 - you're not very good at this

...and some butthurt baby downvoted all the comments. I think you found your spammer, D.

5652796
Exactly.

Also, if you use a manager with browser integration it WILL usually tell you "Oh dear, I don't have ANY login+password for www,phishingsite,whatever" which is an excellent secondary fail-safe in case you fail to spot the scam and click on the link.

I mean, one should always check the URL. That screenshot clearly says "fimficton," like it's some kinda friendship weight measurement. And any popup message telling you about server errors (5xx errors) should be considered very sus. Most respectable server admin's will ensure those errors have a dedicated page.

Also, your "totallylegituser" screenshots are great!

It's worth mentioning that you can hover your mouse over a hypertext link and you'll get a preview of the link's address, so you can see where it'll actually take you. Most browsers display that preview in the bottom left corner of your browser, iirc.

5652796
Yup. It takes a lot of time to reset all of your account's passwords to a password manager but it's totally worth it. I like to use Bitwarden for my needs.

5652804

It's worth mentioning that you can hover your mouse over a hypertext link and you'll get a preview of the link's address, so you can see where it'll actually take you. Most browsers display that preview in the bottom left corner of your browser, iirc.

Doesn’t always help. Link shorteners like bit.ly (the use of which is yet another clue that a link should be treated with suspicion!) can obfuscate the actual URL until the link is clicked. That said, there are browser extensions that can unshorten such links for perusal without following them.

Thanks for letting us know. Was getting worried when that banner warning popped up. Will be on guard for sure.

Luckily I'm naturally suspicious/paranoid of links like that by default, but still, gonna be keeping my eyes open.

There’s an easy trick to deal with this. Check the site. Look for any inconsistencies in the layout, not just the URL (although that is usually the smoking gun, at a glance you may not notice). I know for a fact that AO3 mirrors often feature strange details that give them away, like missing interface options and weird bugs. I wouldn’t be shocked if the same goes for stuff like this.

Yes to everything above and below. And one of the most important things is to always be aware of what you might be clicking on.

True story: just the other day I got a text that my Wells Fargo credit card had been frozen due to suspicious activity, please click the link to correct the issue.

Two small issues with the text.
1. It directed me to a tiny url link which I don't think any legitimate vendor would ever use. :twilightoops:
2. I do not have, and never have had, a Wells Fargo credit card. :pinkiehappy:

Things like this are why I never even open any text messages unless I'm fairly confident that it's legit. Don't want to accidentally send a read receipt to the potential fisherman.

oh, come on. they could at least try a less obvious trick.

like i would ever log out

or close my site window

or respond to a comment

I've been the victim of two scams, one of which fits this description. You may feel like you'd never fall for this, like I did, but the attempts never stop and eventually in a moment of weakness where I was overwhelmed by life coming at me all at once, my mind was busy with other problems and I didn't think twice. I have two-factor authentication everywhere that I can get one now. This was a very expensive life lesson.

I've been noticing some of those myself, though I didn't think to consider what exactly it was they were trying to accomplish. As a result, in the process of reporting some of those accounts, I — in immediate hindsight, really stupidly — clicked on two or three links to be 100% sure they were from bots. (I was operating under the erroneous assumption that they were "only" adbots trying to sell me things.)

With a singular exception (a fake login page I immediately exited out of), they all led to "404 error" messages, though I'm not entirely convinced that's what they truly were. I never entered any personal/account information, but would you suggest I change my password — or anything of the sort — just in case?

Either way, thanks for the heads up.

Wanderer D
Moderator

5652815 Yes. Change your password. And make sure that if you use it for any other site, you also change the ones there. Like 5652796 said, a password manager is a good idea.

I got one a few days ago, but luckily my antivirus blocked it when I clicked it (I know, I know, I still beat myself over it) and I didn't enter any information, just got a heart attack for a second and understood what SpongeBob felt when he got hooked.

Followed the steps and learned a good lesson that day.

I had a feeling something was up when I saw that banner.

5652816
I just went and preemptively changed my password anyway.

Me who passed Computer exam: *prepared everything*

Sincerely appreciate the heads-up. :twilightsmile:

At last, a look into Wanderer’s internet tabs…

My question is why do they even want to phish brony information lmao

This should be part of the decade of schooling most developed countries force you to have. I mean, it's actually part of the curriculum now (or it was when I went to school up here in Canada, but I can't speak for the Uneducated States of America), but you might be shocked how old some of the people here are.

Honestly, someone leaves me a comment like that, I'm probably either ignoring or reporting it.

Of course, I also have a tendency not to respond to "Hi! How are you?" PMs, even when they look legit. I'm not exactly the most social...

--Sweetie Belle

5652828
The email, password, etcetera — especially if they're being used across sites — can be the phishers' gateway to more "valuable" information.

I wish Google would let me disable the simple 2FA "prompts" sent to Android in favor of using only the more complicated options. I'm terrified of accidentally accepting a fraudulent one.

I’ve seen enough from my email. Never thought I’d get one from this site too.

I saw that banner and I was like :trixieshiftleft: “What happened?”

5652830
Well, that explains it.

Least I know why, I won't bother ya again.

Thankyou for providing information on this. A lot of times from what I've experienced a tell tale sign of a scam is that someone is insisting that they're not scamming you. The fact that the guy said this was a totally legit website should cue people in that it's a scam.

What I find funny is even the website URL says, 'totallylegit' in it! LOL

But either way I think this is good that you're taking steps to inform people of what's going on. The fact that comments on this post are being downvoted means somebody doesn't like that you're calling them out on their shit. I love immature people, don't you?

I hate scammers and hackers a like. They need to get off their butts, get a job and stop stealing from people. I don't like scammers and hackers because they're the worst kind of thieves.

I was confused on why I wasn’t signed into this site so I just left that sight and focused on my writing. Glad I did that.

Dang that’s scary, feel like it’s best for me to not log in till it’s over. Or at least only log in to write a story I’m writing...

I do have a question, are embedded links safe or should we be careful of them too?

Also, if someone were to press the link on accident would they and their account/data be safe if they quickly close the tab? Or would they need to do more?

Must be getting really bad if this site has to make a post like this.

Dan

SMS 2FA has flaws of it's own, but it's better than nothing.

I actually liked the authenticator keychains that some places like The Old Republic tried to popularize a while back.

Dan

5652832
You cannot have a google account and have any expectation of security. Every word of their "Privacy policy" and account security pages is a lie.

Use FreeOTP+

Google is trash.

in the words of Dante

Dan

5652823
Oh? Which one?

Pretty much anyone can get an A+ Cert.

CCNA is where the fun is... That's what I'd say if Cisco weren't stool pigeons for the NSA pigs.

What a bunch of A-holes! For trying to do that to us, or anybody else. Thanks for that nice warning.

5652844
Got a 50/50 on my last Computer exam. That's all I have to say.

5652838
Are you referring to embed links such as YouTube videos?

Login or register to comment