Email from play nc or phishing attempt? - Page 2 - Guild Wars Forums

CyberMesh0 · Oct 07, 2006, 02:58 PM // 14:58

Quote:

Originally Posted by Tijger

Common sense, people, common sense. Its not that hard.

Unfortunately that's not always true.

But like it's been stated before, always check sites once you're in them if you do click on email links- I had this happen once with another site where a phishing copy was very very well duplicated- all links went to the original site except the login page and account info stuff. I had fun entering all sorts of bogus crap and you're gonna get it crap

seut · Oct 07, 2006, 03:01 PM // 15:01

Quote:

Originally Posted by Gaile Gray

Again, apologies for not forewarning you about this, and Jeff tells me that in the future, they'll let me know in advance so that I can give you all a heads up on an incoming message.

I think, i remember an ArenaNet official writing: "We will NEVER user your login email other than to send you a new password". (or was this email to NCSoft accounts only?)

Please don't sacrifice our accounts security for marketing like newletters.
Spreading our email adresses over several systems or creating multiple entries for software to your database increase the risk of a security hole.

Although listserv is a matured piece of software it already had a CERT alert this year: http://www.kb.cert.org/vuls/id/841132

Coridan · Oct 07, 2006, 04:00 PM // 16:00

should i be concerned if i have not received this email??

Grubcat · Oct 07, 2006, 05:11 PM // 17:11

I came here immediately after opening my email (and without clicking on the link) and was sure there would be a thread about it! Nice to be able to get good information so quickly.

the_jos · Oct 07, 2006, 06:05 PM // 18:05

Quote:

Originally Posted by Tijger

Clicking links in emails is perfectly safe, entering your details and credit card numbers on a page you cannot verify is genuine isnt.
Common sense, people, common sense. Its not that hard.

I have seen some nice exploits for a couple of browsers, that allowed the owner of a website to put some software on your pc and run it.
Those are not wide spread and I doubt they will be targeted against GW users (since they don't have our e-mail addresses and mass-mailing would trigger attention they don't want).

I do follow the news on these kind of topics, because I'm working in the financial world (and information security is part of my job) and we are more of a target than GW players.

But, online games are more and more financial attractive to bad people.
Recently read an article on stolen WoW accounts, just to sell the stuff on e-bay and other places.
That's hard cash for virtual stuff.
And I have seen enough e-bay topics here to know there is also an e-bay circuit around GW.

Also, your e-mail address is worth money.
Clicking a link, confirming it is a valid addres, makes your address worth more to spammers.
And the latter is what you do when you click the link in the mail.

I think I am probably more paranoid than most other users, but it's not as simple to state clicking links in e-mails is perfectly safe.

seut · Oct 07, 2006, 06:13 PM // 18:13

Quote:

Originally Posted by the_jos

Clicking a link, confirming it is a valid addres, makes your address worth more to spammers.
And the latter is what you do when you click the link in the mail.

Even worse, it can get your email on a list of valid accounts for brute force attacks on your NCSoft master account, that shares the same password as your GuildWars account.

VitisVinifera · Oct 07, 2006, 06:39 PM // 18:39

[QUOTE=seut]I think, i remember an ArenaNet official writing: "We will NEVER user your login email other than to send you a new password". (or was this email to NCSoft accounts only?)

QUOTE]

I seem to recall this too. I guess NEVER has ended.

Knightsaber Sith · Oct 07, 2006, 06:52 PM // 18:52

Sigh.... I found a page on the official GW site about the newsletter
http://www.guildwars.com/support/newsletter/
and it looked like it was in latin which I thought was cool as I took five years of latin. Then I poked around and found this:

Quote:

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.

mrgoat · Oct 07, 2006, 07:33 PM // 19:33

Quote:

Originally Posted by Gaile Gray

You make excellent points about greater security, and I will definitely be passing those along. But doesn't everyone mouseover and really look carefully at the URL of the link, or right click and check "Properties" to be sure it is going where they assume it's going?

No. Everyone does not. Everyone should, and everyone should also have javascript support turned off in their email client (which is often a web browser), but they don't. So you can't rely on that. In fact, you can't rely on *anything* about the user-end.

Quote:

Originally Posted by Gaile Gray

Better still, I will suggest that in the future we have people insert the link themselves -- follow instructions, as you say, rather than click a link. The problem is, people may not do so because it takes more effort on their part, or they forget, or they're busy, or whatever. However, the greater security will be worth us offering the option in that way.

Frankly, I'm a lot more comfortable with an active sign-up on our website. I will definitely pass along your security concerns and your suggestions for handling this better in the future. In fact, I'm writing an email right now.

This makes me a happy goat. If making people do a little tiny bit more work will protect them better from phishing, I'm all for it. It's ultimately less work for you too Gaile, since you won't have to explain to some angry group of GW players who had their accounts stolen that they should have moused-over the link in the email better.

Navaros · Oct 07, 2006, 07:46 PM // 19:46

I too was wondering if this was a phishing email as soon as I got it.

In a day and age when phishing emails are received constantly, a wise person would never click on any links from such emails even if they may be legit. Simply not worth the risk. I personally get phishing emails related to eBAY, Paypal, Bank of America and all other sorts of things several times per week; I bet that is typical for many email users.

Glad to see Anet now realizes this.

led-zep · Oct 07, 2006, 09:25 PM // 21:25

Quote:

Originally Posted by Coridan

should i be concerned if i have not received this email??

give me your account details and i'll make sure you get sent one

that is a joke by the way, dont send your details

Malice Black · Oct 07, 2006, 10:25 PM // 22:25

Just got this as well...real or not it still gets deleted.

VitisVinifera · Oct 08, 2006, 12:52 AM // 00:52

Quote:

Originally Posted by The Admins Bane

Just got this as well...real or not it still gets deleted.

I'm with you on this. Even though we (supposedly) know this was sent by Anet, I don't want my account details kept in a seperate database for marketing purposes. That's pretty outrageous.

strcpy · Oct 08, 2006, 01:24 AM // 01:24

Even had I seen the link posted I still would have said "phishing". For one thing it has two URL's in it - that is usually something phishy going on trying to hide what is going on.

As to clicking links in e-mail - there are tons of things it can do. Javascript, Activex, and general security issues. All of them can access private data, install keyloggers, Viruses, and all sorts of things.

Essentially any attack that goes through websites can be gotten that way. Of course, just plain browsing is unlikely to ever hit these attacks, however following links from e-mail is quit likely to get you to one of those places. That is why most places send you instructions and have you do it from their main website.

If you really want to send a link because people are lazy (and I know what you mean - I also develop software and it is surprising both what people will and will not do) do like we do - at the end also include the link. That way people like me, who are pretty security conscious can do it the correct way and other people who do not care can still hit the link.

Winx.ZN · Oct 08, 2006, 06:00 AM // 06:00

Quote:

Originally Posted by Agyar

Assuming people are wise enough to not follow links without checking them isn't really security. The assumption should be that people will not =P.

QFT.

Theres a lot of knowledgeable who play GW, but theres also a lot of people that just starting GW and putting in a user and pass is the extent of their knowledge. These peoples accounts are just as dear to them as to the guy who knows all about internet security.

You said about people being lazy not doing what is required to recieve your newsletter. Well if they are, they probably dont care to recieve it, will probably consider it "spam" and delete it anyway. If we can assume they will be too lazy to do it follow a few simple steps by reading that email, I think we can safely assume they will be too lazy to read anything else too.

Putting a few simple steps to follow is a much safer and smarter idea.

I got this email, laughed, and deleted it. I thought it was phishy. Coincidentally, I added that address to my "spam" list while I was laughing. I guess Ill consider taking it off now that I know it was official.

Its MY account! *hugs it tightly*

Zeddy · Oct 08, 2006, 10:21 AM // 10:21

I thought something fishy was going on as soon as I read the beginning of the e-mail.

"Please take a moment to update your privacy settings for your Guild-wars account"...or something like that.

What the heck?! I ain't going to update any of my privacy settings through clicking on a link in an e-mail! I asked a friend if he also had got an e-mail like this, at which he replied he haven't. So I deleted it and only now when I've read this post I understand that it might have been legitimite.

However, since the e-mail is now deleted, what do I do if I want the newsletter anyway?

Big_Iron · Oct 08, 2006, 12:54 PM // 12:54

While I think it's cool that Anet will be publishing a newsletter, I very rarely click on any links in an e-mail even after checking the porperties. I've seen too many legitimate LOOKING e-mails from Amazon, Bank of America and so on to take any chances. I think that maybe sending an e-mail simply announcing it a long with an official announcment on the MAIN page of the GW site would have been sufficient.

Monkey Blonde · Oct 08, 2006, 05:15 PM // 17:15

I received this e-mail and we sceptical as well. But I also received it on the email used for my second account, which I just recently opened and that email doesn't have an junk coming yet. So I clicked and found they only wanted to know if I was interested in receiving their publications or whatever. The followup was a page in the GW format that made it obvious it was legit.

The Abbott · Oct 08, 2006, 08:10 PM // 20:10

Quote:

Originally Posted by Sooty

ahhh, well that's a relief, thanks for letting us know Gaile

damn right,, I had JUST clicked the link before reading this thread..

Oct 07, 2006, 04:00 PM // 16:00	#23
Coridan Forge Runner Join Date: Jun 2006 Location: US Guild: Old Married Gamers {OMG} Profession: W/	should i be concerned if i have not received this email??

Oct 07, 2006, 05:11 PM // 17:11	#24
Grubcat Academy Page Join Date: Aug 2005 Guild: Team of Oblivious Targets [TOOT]	I came here immediately after opening my email (and without clicking on the link) and was sure there would be a thread about it! Nice to be able to get good information so quickly.

Oct 07, 2006, 06:39 PM // 18:39	#27
VitisVinifera Banned Join Date: Nov 2005 Location: Northern California Guild: HoTR Profession: N/Me	[QUOTE=seut]I think, i remember an ArenaNet official writing: "We will NEVER user your login email other than to send you a new password". (or was this email to NCSoft accounts only?) QUOTE] I seem to recall this too. I guess NEVER has ended.

Oct 07, 2006, 07:46 PM // 19:46	#30
Navaros Forge Runner Join Date: Apr 2005 Profession: Mo/Me	I too was wondering if this was a phishing email as soon as I got it. In a day and age when phishing emails are received constantly, a wise person would never click on any links from such emails even if they may be legit. Simply not worth the risk. I personally get phishing emails related to eBAY, Paypal, Bank of America and all other sorts of things several times per week; I bet that is typical for many email users. Glad to see Anet now realizes this.

Oct 07, 2006, 10:25 PM // 22:25	#32
Malice Black Site Legend Join Date: Oct 2005	Just got this as well...real or not it still gets deleted.

Oct 08, 2006, 01:24 AM // 01:24	#34
strcpy Desert Nomad Join Date: Jul 2005 Guild: One of Many [ONE]	Even had I seen the link posted I still would have said "phishing". For one thing it has two URL's in it - that is usually something phishy going on trying to hide what is going on. As to clicking links in e-mail - there are tons of things it can do. Javascript, Activex, and general security issues. All of them can access private data, install keyloggers, Viruses, and all sorts of things. Essentially any attack that goes through websites can be gotten that way. Of course, just plain browsing is unlikely to ever hit these attacks, however following links from e-mail is quit likely to get you to one of those places. That is why most places send you instructions and have you do it from their main website. If you really want to send a link because people are lazy (and I know what you mean - I also develop software and it is surprising both what people will and will not do) do like we do - at the end also include the link. That way people like me, who are pretty security conscious can do it the correct way and other people who do not care can still hit the link.

Oct 08, 2006, 10:21 AM // 10:21	#36
Zeddy Pre-Searing Cadet Join Date: Mar 2006 Location: Sweden Guild: Ghostly Zeroes	I thought something fishy was going on as soon as I read the beginning of the e-mail. "Please take a moment to update your privacy settings for your Guild-wars account"...or something like that. What the heck?! I ain't going to update any of my privacy settings through clicking on a link in an e-mail! I asked a friend if he also had got an e-mail like this, at which he replied he haven't. So I deleted it and only now when I've read this post I understand that it might have been legitimite. However, since the e-mail is now deleted, what do I do if I want the newsletter anyway?

Oct 08, 2006, 12:54 PM // 12:54	#37
Big_Iron Desert Nomad Join Date: Dec 2005 Location: The Edge Guild: Tormented Weapons [emo]	While I think it's cool that Anet will be publishing a newsletter, I very rarely click on any links in an e-mail even after checking the porperties. I've seen too many legitimate LOOKING e-mails from Amazon, Bank of America and so on to take any chances. I think that maybe sending an e-mail simply announcing it a long with an official announcment on the MAIN page of the GW site would have been sufficient.

Oct 08, 2006, 05:15 PM // 17:15	#38
Monkey Blonde Academy Page Join Date: May 2006 Guild: Siege Turtles (ST) Profession: Mo/	I received this e-mail and we sceptical as well. But I also received it on the email used for my second account, which I just recently opened and that email doesn't have an junk coming yet. So I clicked and found they only wanted to know if I was interested in receiving their publications or whatever. The followup was a page in the GW format that made it obvious it was legit.