In the past week I have reported many in-game tells as "RMT activity" though this does not accurately describe the issue. All of the tells have the same pattern:
A most likely compromised account mass spam tells everyone in the area a tell with a phishing message like "Square Enix should not allow X to happen at this sensitive time, please vote against it before they ruin the game" and then gives a link that mimics the offical forums, but with a slightly different domain of .xyz at the end. I don't want to be TOO specific on the address for obvious reasons.
Anyone that actually goes to the spoof site gets a page that mimics the Square Enix account page. The goal of course is to trick someone into entering their account information.
I have done what I can to combat the problem, but I am sure Square Enix can likely do more since they (I would hope) have actual lawyers that could send something more substantial to the domain registrar.
In all cases thus far, they have registered these spoof sites through Namesilo. When I have gotten a phishing tell, I report them via their abuse email address with the fake site link, a link to the offical forums it is spoofing, and an ingame screenshot of the message trying to trick people into visiting the link. So far it looks like they ARE going and looking, and then shutting that site down, but they aren't stopping another one from being registered right away, or doing any real due diligence on investigating similar infractions.
Feel free to delete this post if it is too far outside the rules, or there is somewhere better it should be directed, I just hate to see longtime players falling for this social engineering 101 BS and have nothing done about it.
Continue reading...
A most likely compromised account mass spam tells everyone in the area a tell with a phishing message like "Square Enix should not allow X to happen at this sensitive time, please vote against it before they ruin the game" and then gives a link that mimics the offical forums, but with a slightly different domain of .xyz at the end. I don't want to be TOO specific on the address for obvious reasons.
Anyone that actually goes to the spoof site gets a page that mimics the Square Enix account page. The goal of course is to trick someone into entering their account information.
I have done what I can to combat the problem, but I am sure Square Enix can likely do more since they (I would hope) have actual lawyers that could send something more substantial to the domain registrar.
In all cases thus far, they have registered these spoof sites through Namesilo. When I have gotten a phishing tell, I report them via their abuse email address with the fake site link, a link to the offical forums it is spoofing, and an ingame screenshot of the message trying to trick people into visiting the link. So far it looks like they ARE going and looking, and then shutting that site down, but they aren't stopping another one from being registered right away, or doing any real due diligence on investigating similar infractions.
Feel free to delete this post if it is too far outside the rules, or there is somewhere better it should be directed, I just hate to see longtime players falling for this social engineering 101 BS and have nothing done about it.
Continue reading...