« Calling all space engineers | Main | N^2 »

Sep 08, 2005



Ebay? IGE, more likely.


This isn't new by any means. Usually scams like these will direct users to a website that appears to be run by the MMORPG company in question and presented with a login screen. Accounts who are collected then are cleaned out of any liquid assets.

Variations on this theme include "You have been selected for our new beta!" and "You've been given a free account! Click here to set up."

Our always amusing Internet Relations Manager has at times made a game out of warning our users of these:



Hm, links should really auto-HTML themselves. :)


"To secure your account and quickly restore full access, we require you to login in you account .This process is mandatory, and if not completed within the nearest time your account may be subject for suspension or will be banned"

I love how these scamming nerds can go out of their way to punctuate and spell correctly for the first few paragraphs, and then you inevitably see lapses such as the paragraph I just quoted. There's about 5 serious errors in it, and even though EVE's team is from Iceland (which results in the occasional typo in its game), the scammers are losing a fair portion of their targeted fishies by not investing 60 more seconds of their time in some proofreading.


No surprise that phishers are looking for other lucrative markets, but thanks for posting the info so that these scams don't take people off-guard. Worth an update to the recent post we did on our blog about worms and other malware that attempt to steal such account info -- thanks!!


What about phishing while in game?



Since I don't have an EVE account, I felt safe clicking on the link. Doesn't work; you get a 404


On a completely unrelated note (I wish I could submit stuff to TN): Ex -WoW devs form a new company and are looking for talent.


This type of phishing email showed up rather frequently in Everquest as well. Like DaoC, the Community Rep would generally post a sample and remind everyone that this sort of email would never be sent out.


This is nothing new. I remember various phishing techniques (in-game, on the forums, and email) being used in the early Runescape beta. This would have been about four years ago.


In Diablo 2, phishers tell noobs to check their stats by whispering their account name and passord to a third-party member (someone with a registered name of like "BlizzTech" or "BlizzStats"). While this is common, it is interesting the lengths to which some phishers will go. It seems as if the one who wanted your account is very devious. I expect means of phishing will only get more subtle.


Man, you think that's bad? The other day, someone attempted the first scam in a VW on me. It was unreal. I guess it goes to show how valuable in-game items are to some people!


"Expect more attempts in other MMORPGs in time."

In fact, this has been going on for year(s) already and is not really new. But yes, it is increasingly becomming problematic. In south korea, http://www.zdnet.com.au/news/security/0,2000061744,20277029,00.htm>over 50% of the cybercrimes involve games and the selling game money to launder the ill gotten money.

And why would we be surprised? With all the impressive quotes about the total value going on in what's called the secondary market of MMORPG's, something like this could only be expected.


Runescape is plagued with these scammers. Every time there is a game update people will start saying something like "the new update blocks your password when you typre it. Look! ******" And with fansites like Rune Tips people are always sending out e-mails to players with spoofed e-mail adresses from "jagex.com". Also some people have been puting keyloggers in image files and putting them in there signatures on fansite forums.

The comments to this entry are closed.