Possible Phishing
4 posters
Blackgate :: Guild Wars 2 :: Round Table
Page 1 of 1
Possible Phishing
by Blank De Ratche Fri May 03, 2013 6:20 pm
I received this email the other day:
Greetings!
Due to an unusual change in your access pattern, the Guild Wars 2 account under this email address has been locked. This can be caused by logging in from a new location, but it may also signal an attempt to compromise your account. If you feel that your account's security is at risk, please follow the steps below.
Step 1: Verify Your Account Ownership
Click on the link below to verify your e-mail address of the Guild Wars 2 account:
[You must be registered and logged in to see this link.]
Step 2: Secure Your Computer
Ensure that your computer is free from any malicious programs, as a password change alone may not deter future attacks. Visit our Account Security website to learn how to protect your computer from unauthorized access.
Step 3: Secure Your Email Account
Choose a new password for your email account and review your email for any filters or rules you did not create. For more information on securing your email account, visit our Account and Computer Security page.
Step 4: Choose a New Password
Change your password to resume using this Guild Wars 2 account, as your former password no longer grants access to any login-protected Guild Wars 2 account service or game. Visit our Password Reset page to begin the password change process.
Once you’ve regained access to your account, you can add additional security with Mobile Authenticator, a free service that allows you to unlock your Guild Wars 2 account on your own with a few simple steps. For more
information, see the Account Protect FAQ
--The ArenaNet Team
Need help or have questions about your Guild Wars account? Visit our support site: [You must be registered and logged in to see this link.]
As a somewhat suspicious person I decided to try to log on first and low and behold I wasn't locked out and nothing in my account had been touched.. Following the link took me to a place that looks just like ANET page, and even linked to their forums etc.
Just wanted to let you all know if you see something like this, there is a good chance it is not true.
Greetings!
Due to an unusual change in your access pattern, the Guild Wars 2 account under this email address has been locked. This can be caused by logging in from a new location, but it may also signal an attempt to compromise your account. If you feel that your account's security is at risk, please follow the steps below.
Step 1: Verify Your Account Ownership
Click on the link below to verify your e-mail address of the Guild Wars 2 account:
[You must be registered and logged in to see this link.]
Step 2: Secure Your Computer
Ensure that your computer is free from any malicious programs, as a password change alone may not deter future attacks. Visit our Account Security website to learn how to protect your computer from unauthorized access.
Step 3: Secure Your Email Account
Choose a new password for your email account and review your email for any filters or rules you did not create. For more information on securing your email account, visit our Account and Computer Security page.
Step 4: Choose a New Password
Change your password to resume using this Guild Wars 2 account, as your former password no longer grants access to any login-protected Guild Wars 2 account service or game. Visit our Password Reset page to begin the password change process.
Once you’ve regained access to your account, you can add additional security with Mobile Authenticator, a free service that allows you to unlock your Guild Wars 2 account on your own with a few simple steps. For more
information, see the Account Protect FAQ
--The ArenaNet Team
Need help or have questions about your Guild Wars account? Visit our support site: [You must be registered and logged in to see this link.]
As a somewhat suspicious person I decided to try to log on first and low and behold I wasn't locked out and nothing in my account had been touched.. Following the link took me to a place that looks just like ANET page, and even linked to their forums etc.
Just wanted to let you all know if you see something like this, there is a good chance it is not true.
Blank De Ratche- Light
-
Guild : AoL
Number of posts : 1444
City : Florida
Hobbies : GW
Registration date : 2007-06-03
Re: Possible Phishing
by d-shadow Sat May 04, 2013 5:23 am
yea i received several of those recarding to gw2/d3/rs.... its always misleading link whenits clicked after it takes u to the page check up the link in url...its chancedc to sometihng it should not be....
all these are hacking attemps dont go inm their sites tho...keyloggers are what u get
all these are hacking attemps dont go inm their sites tho...keyloggers are what u get
d-shadow- Level 41
-
Guild : army of lightness [aol]
Number of posts : 414
City : helsinki
Occupation : cashier/security
Registration date : 2010-06-17
Re: Possible Phishing
by neoteo Sat May 04, 2013 10:17 am
Its horrible how many people fall in scams like this everyday .. most people cant see the diference from a true and a fake website or email
neoteo- Light
-
Guild : AoL
Number of posts : 1595
City : Macau
Hobbies : Electric Devices
Registration date : 2006-11-20
Re: Possible Phishing
by Sylent Sat May 04, 2013 12:19 pm
The URL in this email actually does belong to ArenaNet, so this is probably the best phishing attempt I've seen. Of course, I think most email accounts let you use HTML to hide where the link is actually going. Of course, you always, always, always want to check the hover text before clicking a link, because they can replace the link's text with anything, which is probably what happened here, so clicking the provided link would probably take you to a malicious site.
As a quick anti-phishing lesson for those that don't know, anytime you see a link and you're not sure who it belongs to, check out what comes immediately before the last ".com", ".net", or whatever it is. For example:
account.guildwars2.com/account/login-support.html
Because "guildwars2" comes before .com, and because we know that the website for GW2 actually is guildwars2.com, the link they showed in the email is actually the real GW2 account page for login support.
You do have to be careful looking at the link though, because it can have multiple ".com"s and ".net"s. So:
account.guildwars2.com57496446987.notgw2.com/account/login-support.html is a totally legit url, and belongs to "notgw2".
Just be careful friends, and avoid clicking links in emails whenever possible! When I get emails like this, I usually just find the link they're talking about myself. So if "ArenaNet" sends me an email saying my account is in trouble, I go to guildwars2.com and maneuver around to the account page and take care of business there.
As a quick anti-phishing lesson for those that don't know, anytime you see a link and you're not sure who it belongs to, check out what comes immediately before the last ".com", ".net", or whatever it is. For example:
account.guildwars2.com/account/login-support.html
Because "guildwars2" comes before .com, and because we know that the website for GW2 actually is guildwars2.com, the link they showed in the email is actually the real GW2 account page for login support.
You do have to be careful looking at the link though, because it can have multiple ".com"s and ".net"s. So:
account.guildwars2.com57496446987.notgw2.com/account/login-support.html is a totally legit url, and belongs to "notgw2".
Just be careful friends, and avoid clicking links in emails whenever possible! When I get emails like this, I usually just find the link they're talking about myself. So if "ArenaNet" sends me an email saying my account is in trouble, I go to guildwars2.com and maneuver around to the account page and take care of business there.
Sylent- Level 0
- Guild : Army of Lightness [AoL]
Number of posts : 6
Registration date : 2013-04-28
Re: Possible Phishing
by Sylent Sat May 04, 2013 12:32 pm
Oh, and I didn't see the last part of your message, Blank. Since you did follow the link, you most certainly will want to run a virus scan! Like shadow said, the purpose those sites isn't necessarily that they expect you to log in. Sure, they'd love it if you did that, but a lot of them install viruses and keyloggers on your machine.
If you don't have a good virus scanner (McAfee and Norton are NOT good virus scanners!), get one! A couple good options:
Malwarebytes: malwarebytes.org/
SUPERAntiSpyware: superantispyware.com/
My brother swears by both of those. I can definitely vouch for SUPERAntiSpyware, although the website/program is designed to look malicious, supposedly to make actual viruses not be able to recognize that you have a virus scanner.
Also, you should probably grab a good firewall while you're at it. I use Avast (avast.com/en-us/index) as my firewall, and I'm 99% sure that if I had clicked the link they provided you in the email, it would have set off an alarm about a malicious site and not taken me there in the first place.
If you don't have a good virus scanner (McAfee and Norton are NOT good virus scanners!), get one! A couple good options:
Malwarebytes: malwarebytes.org/
SUPERAntiSpyware: superantispyware.com/
My brother swears by both of those. I can definitely vouch for SUPERAntiSpyware, although the website/program is designed to look malicious, supposedly to make actual viruses not be able to recognize that you have a virus scanner.
Also, you should probably grab a good firewall while you're at it. I use Avast (avast.com/en-us/index) as my firewall, and I'm 99% sure that if I had clicked the link they provided you in the email, it would have set off an alarm about a malicious site and not taken me there in the first place.
Sylent- Level 0
- Guild : Army of Lightness [AoL]
Number of posts : 6
Registration date : 2013-04-28
Blackgate :: Guild Wars 2 :: Round Table
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|