NCsoft Master Account Security Issues

Two of my friends who play Aion have had this happen in the last two weeks. I wouldn't touch Aion with a 10' pole right now.

I get those all the time threatening to close my WoW account. I've gotten about 40 of them in the last month.

Care to guess what game I've never played in my life?

Originally Posted by Dechs Kaison See, it's gems like these that make me check Claws' post history every once in a while to make sure I haven't missed anything good lately.

I recently received an email that purported to be from NCSoft telling me (in bad English, and encoded in base64 in the body of the email, which nothing I've ever gotten from NCSoft has been) that my Aion account was to be suspended for chat violations, and that if I wanted to prevent the suspension, I needed to go to (URL redacted -- the hostname was "secure.ncsofti.com").

With mail like this, even with the obvious fraudulencies in the mail, I make a habit of opening the raw view of the mail, which the automated mail headers (the ones added by the mail system, not the person spoofing fields like 'From:') showed that it came from a Yahoo user, and showed that the phisher who was sending them out was insufficiently competent to keep the Yahoo mail system from identifying his IP address in the mail headers. NCSoft support has the email now, and has added it to the various phishing attempts they're investigating.

Several of my friends who played have in the past few months due to this have cancled and closed there entire account because of possible Id theft. They told me because they wanted me to know they weren't coming back and to make sure to remove them from the sg/vg incase there characters become active again to prevent base item theft.

I was sad because it means they will not be coming back at all.

AV

by Star Ranger 4 WIN LOSE OR DRAW, WE WILL FIGHT. WE ARE HEROES This is what we DO!

A friend of mine lost his account to one of these in exactly the same way. A warning that someone had changed his account password came, directing him to confirm or deny the change. He did, then found his account's password changed, then when he recovered it, found his characters stripped of items.

The moral of the story is that you should NEVER follow links provided in support e-mails, just in case it's a phishing scam. It's always better to go to the actual support site manually and log in from there. I used to get mail notifications when I got PMs on the old forums, and I still didn't follow the link from there. I'm naturally cautious and distrusting of official communication I didn't specifically solicit.

A couple of weeks ago I got a fake hotmail account phishing scam. Who the HELL would want to steam my hotmail details? Who WANTS somebody else's hotmail account?

Originally Posted by Arcanaville Samuel_Tow is the only poster that makes me want to punch him in the head more often when I'm agreeing with him than when I'm disagreeing with him.

The point I was making is that I don't HAVE a WoW account. I've never played the game in my life. They're trying to steal my account, and have met with abject failure because it is impossible to steal what doesn't exist.

And in answer to the question at the end: People will try to gain access to other people's email accounts so they can use them to spam or phish while keeping their identities hidden. Most of the people who do this have the hacking skill to hide their IP address.

Originally Posted by Dechs Kaison See, it's gems like these that make me check Claws' post history every once in a while to make sure I haven't missed anything good lately.

I don't think they have any way of knowing if you do or don't have a WoW account. As far as I'm aware, WoW is famous enough to where a blind phishing scam has a decent chance of hitting on someone who both HAS a WoW account and IS rather very gullible.

Originally Posted by Arcanaville Samuel_Tow is the only poster that makes me want to punch him in the head more often when I'm agreeing with him than when I'm disagreeing with him.