The sheep on the Neopets site are bleating very loudly at the moment about cookie grabbers again. I have always asserted that one has nothing to fear from the turd burglars who write these things if one uses a bit of common sense:
1) Don’t use IE for browsing. It is an electronic trainwreck.
2) Use NoScript in Firefox and CONFIGURE IT PROPERLY. Whitelist neopets.com and don’t let any even marginally questionable sites run script.
3) Don’t bother with stupid IM programs, silly add-ins for social networking sites, or P2P software.
4) If you are going so surf for porn, expect keylogging/spyware installs.
5) Don’t share passwords between sites…especially for your email accounts (which are often the weak link and gateway for people to get into your account).
6) Install and keep your antivirus software up to date.
7) Don’t choose easily guessed PINs or passwords.
I’m putting my Neopoints where my mouth is, too. I have had a board up on BDChat for over two days now challenging anyone to send me a link from which I can get cookie grabbed. I’ve tried over a dozen so far…nothing. Zip, zilch, nada.
It makes one wonder which of the 7 things above people are doing wrong to have their accounts lifted. 
I’ll extend the challenge to here while I am at it. Drop me a link. What is the worst that could happen? You might walk away with my account!
Or…if you have some CG code that you have seen, feel free to post it. I am quite curious about how this latest variant works. I don’t buy for a minute that I am in any danger, but I would like to see what the unwashed masses using IE are up against.
