Tips for staying safe online

Tips for staying safe online

The Russo-Ukrainian cyberwar has suddenly revealed many vulnerabilities in software and web services — many of which are now being used on random people. Below are some general tips for staying safe while playing Minecraft and using Discord, as well as some general internet safety advice, to lower your footprint to getting hacked or other problems.

This article is geared towards being advice for the staff of the UltraVanilla Minecraft server, but you may copy and adapt for your own use under the terms of the CC-BY license.

Use strong passwords, and don’t give them away #

If someone has borrowed your account in the past, change your password now. If you use the same Minecraft/Discord password as other websites, change your password now.

Consider enabling 2-factor authentication on your accounts.

Lock your computer when not in use, if you live with younger family members they almost certainly wish to screw up your computer!

Consider using a password manager that supports master passphrase encryption.

Know how to report #

You should familiarize yourself with how to report posts, comments, or behaviors that are in violation of the guidelines of any online community you are a part of.

UltraVanilla: We have #grief-and-theft-reporting channel and a @Staff ping, and you can also contact staff members privately. I vouch for all of the staff members. They are all trained the same and are vetted for maturity and alignment with our values of being respectful and competent.

Avoid downloading malware and adware #

Malware can steal accounts, and some malware even causes Minecraft to crash.

Avoid account stealing tools such as MCLeaks or AltDispenser, as they will screw up your ability to login to Minecraft even after uninstalling. If you have used a tool like this in the past, please join the Minecraft Community Support discord for help with removing.

Consider installing the StopModReposts browser extension, which is specifically designed for safety against malware while browsing Minecraft-related websites.

UltraVanilla: Minecraft mod .jars can only be posted to #redstone-and-farms by this list of trusted users: lordpipe, EcksD, Beeper, Spacewardharpy7, TheSecondLord, thewindmillman.

Install an ad blocker #

uBlock Origin can be installed for most web browser and considerably increases your resilience to malware websites. It also cuts down on your data usage.

Avoid phishing #

Below are some examples of phishing attempts. Report them to the platform you find them on.

Phishing to get you into a QR code scam. This message will come from your CONTACTS. Meaning your friend has been hacked.

Dangerous QR code. Do not scan ANY QR codes using the discord app

Discord nitro scam

Discord login scam — Looks identical to normal login screen. Scanning the fake QR code is just as dangerous as entering a password. Check the URL!

Phishing to get you into a QR code scam.

Video game developer scam. With this type of scam, advanced social engineering tactics may be used, possibly even building up trust over a period of several months.

In this scam, a real Discord URL is placed visually close to where the embed for a fake URL is. Embeds always show up at the end of the message, no matter where the URL is, and their styling can be faked to look like anything!

Fake moderator academy page.

Mojang account scam. Your transaction ID is sensitive info, as it can be used to steal a Minecraft account.

Be cautious with personal information and IRL meetups #

Don’t post too much identifying information. If you ever see anything online that you find particularly upsetting, or are unsure about a situation, tell someone you trust.

Be nice to people #

The golden rule is pretty good. Avoiding stepping on people’s toes keeps you safe.

Appendix: UltraVanilla staff policy #

Moderators and above must:

Additionally, Admins must:

© lordpipe

Licensed CC BY — copy this document for your own use.

Copyright © Uri Herrera and others (KDE Breeze icons)

Copyright © Twitter (Twemoji)