These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
12Next page
 

Protect Your Accounts! [Updated October 5, 2011]

First post
Author
Previous Topic Next Topic
CCP Spitfire
C C P
C C P Alliance
#1 - 2011-09-06 06:09:42 UTC  |  Edited by: CCP Falcon
As you may have noticed, spammers have been recently paying us a visit, opening paying accounts for the sole purpose of spamming our forums. The sites and executable that they have been linking to contain keyloggers. These keyloggers capture your account and password information, rendering your account vulnerable to third-party access and abuse.

We are, and will continue to work diligently in regards to this form of abuse towards our community, and strongly urge you those of you who may have accidentally clicked those links to run a full system scan and change your passwords. It is also advisable to always make sure that your operating system and virus scanner (you do have one, right?) is up-to-date.

We apologize for the inconveniences this spam may be causing you. If you come across said spam, please use the report link, which is located in the top right-hand corner of the offending post. Alternatively with phishing emails, the best route to follow in order to ensure that they're not fooling others is to forward the mail to security@ccpgames.com. That way we can deal with the matter with all of the best possible information available to us.



Game Master Support Blogs
* Account Security

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#2 - 2011-09-06 06:09:56 UTC
One of the avenues of attack by ISK sellers has been through emails that appear to be legitimate emails sent by CCP. Their goal is to trick you into providing them with your account information so they can steal it and your hard-earned ISK. A recent email sent by these ISK sellers talks about how much ISK your account had when you quit and talks about how you can use it for buying PLEX. This is very similar to an email we sent out in October, however, this current email has not been sent by us.

Please be careful when clicking links from emails and websites. Verify they are from CCP as these emails are attempting to install malware to steal your account information. If you at any time you are concerned that an email you received may not be a legitimate email sent from CCP, file a petition and provide the full body and headers of the email.


Fly safe everyone!

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#3 - 2011-09-06 06:10:07 UTC
We’ve had a significant increase in hacking in the past months probably in response to our Unholy Rage campaign. Accounts are being keylogged by ISK sellers. The same pattern is being witnessed in other MMOs. We have made it harder for them to “farm” ISK by ingame means and thus they turn to desperation in order to stay afloat.

We are working as hard as we can in solving these issues. Unfortunately, Customer Support has to take preemptive action when accounts have been accessed by IPs frequently used by hackers, even though nothing has been stolen yet. We need to make sure that our affected players are aware of the danger and that they take appropriate action in order to secure their systems.

There are ways to avoid getting hacked and we urge all players to take note;

1. Never buy ISK for real money.
2. Never visit ISK selling websites.
3. Never user macro programs.
4. Never share accounts with anyone.
5. Avoid logging into EVE using public computers.
6. Do not use the same username in different MMOs and if you do, certainly do not use the same password.
7. Change your password periodically.
8. Have your password complex.

Following these simple steps will make it much less likely that one’s account will be hacked.

We hope that you, our fine players, will assist us in this by not doing business with hackers and ISK sellers and by encouraging other to do the same.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#4 - 2011-09-06 06:10:15 UTC
A new phishing email purporting to offer 5 days and a free gift is going out by phishers. The email looks similar to this. This is not an email from CCP.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#5 - 2011-09-06 06:10:23 UTC
We've identified a new phishing attempt with a PLEX reactivation offer, similar to an email we sent out late last year. The email sender is using "offers@eveonline.com" in an attempt to make the email appear to be legit. Please be advised that CCP has not sent this email out, and we encourage you to discard it immediately.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#6 - 2011-09-06 06:10:29 UTC
We've been informed that there is a new phishing email being sent out with the subject of "Two Days Left to Reactivate for Free!" This is not an offer CCP has sent out.

Update: this email appears to be sent from offers@eveonline.com.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#7 - 2011-09-06 06:10:37 UTC
We have discovered a new account Phishing scam.

It's offering 5 days of free activation. It gives you a link that shows "eveonline.com" but is hyper linked to a different address.

DO NOT click on it.

If you have any question of any link in any email right click it and copy it. Paste it into note pad to reveal the actual web address. It will show you the link's actual destination. If it doesn't look legitimate do not click on it.

In this case the web link has eve-online in the address portion then has .zxq.net instead of .com. It also has an extension that "copies" eveonline.com at the end of it to catch the images.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#8 - 2011-09-06 06:10:44 UTC
This is the latest fishing attempt:


This is an automated notification regarding the recent change(s)
Our goal is to make the experience may be the most eve, so we hope to get epic of your feedback for registered users of EVE. We invite you to join an online survey in your feedback will help us to decide what will we focus on the next few months , and will give you a new mounts .

http://www.******eve-onlina.com/EVE%20Online%20%20My%20Account%20login.htm?ReturnUrl=%2faccountinfo.aspx

The URL has been obviously altered to protect the innocent. When receiving these types of emails, please pay close attention to URLs (here: eve-onlina). Also, we don't have mounts. We have Internet space ships. And that's serious business. We also know how to write EVE properly, and occasionally our grammar is gooder ;)

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#9 - 2011-09-06 06:10:49 UTC
We have another phishing email informing people that there have been changes to their account and asking you to check your account if you did not make these changes. The URL they are giving is of course false, please do not put in your account information there.

Remember to only use secure.eveonline.com (and spelled correctly Smile) to access your account details. Surf safe everyone!

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#10 - 2011-09-06 06:11:18 UTC

New phishing email that was discovered:

Hello,

This is an automated notification regarding the recent change made to your EVE account. Your account security info has recently been modified through the Account Management website. If you did NOT make any changes to your account, we recommend you check the account with the following link for assistance keeping your account as secure as possible: http://eveonline.contact(badsitedontclick)verify.net/accountlogin.html. For more information, click here for answers to Frequently Asked Questions or to contact the Account Services team.

Sincerely,
The EVE-online Account Team

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#11 - 2011-09-06 06:11:59 UTC
New phishing mail:

Hello,

This is an automated notification regarding the recent change made to your EVE account. Your account security info has recently
been modified through the Account Management website. If you did NOT make any changes to your account, we recommend you check the account with
the following link for assistance keeping your account as secure as
possible:

http://www.eveonline.info*badstuffhere*html"> http://www.eveonline*badstuffhere*.html

For more information or answers to Frequently Asked Questions, contact the Account Services
team.

Sincerely,
TheEVE-online Account Team

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#12 - 2011-09-06 06:12:28 UTC
Greetings Pod Pilots! A new phishing email has been identified and we ask that you please be aware of it and do not follow the links included in this email. Remember to surf safe and please keep your account information safe and be aware of what websites you are visiting.

The latest phishing email looks like this:
Hello,

T‏‏‏‏his is an aut‏‏‏‏omat‏‏‏‏ed not‏‏‏‏ificat‏‏‏‏ion regarding t‏‏‏‏he recent‏‏‏‏ change made t‏‏‏‏o your EVE account‏‏‏‏. Your account‏‏‏‏ securit‏‏‏‏y info has recent‏‏‏‏ly been modified t‏‏‏‏hrough t‏‏‏‏he Account‏‏‏‏ Management‏‏‏‏ websit‏‏‏‏e.

If you did NOT‏‏‏‏ make any changes t‏‏‏‏o your account‏‏‏‏, we recommend you check t‏‏‏‏he account‏‏‏‏ wit‏‏‏‏h t‏‏‏‏he following link for assist‏‏‏‏ance keeping your account‏‏‏‏ as secure as possible: ht‏‏‏‏t‏‏‏‏p://www.eveonline.*DO NOT GO HERE*homeinfoadmin.com/loginconfirm.html (http://www.eveonline.*DO NOT GO HERE*homeinfoadmin.com/loginconfirm.html).

For more informat‏‏‏‏ion, click here (http://www.eveonline.*DO NOT GO HERE*homeinfoadmin.com/loginconfirm.html) for answers t‏‏‏‏o Frequent‏‏‏‏ly Asked Quest‏‏‏‏ions or t‏‏‏‏o cont‏‏‏‏act‏‏‏‏ t‏‏‏‏he Account‏‏‏‏ Services t‏‏‏‏eam.

Sincerely,
T‏‏‏‏he EVE-online Account‏‏‏‏ T‏‏‏‏eam

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#13 - 2011-09-06 06:12:37 UTC
This is an automated notification regarding the recent change(s)
Our goal is to make the experience may be the most EVE games, so we hope to get epic of your feedback for registered users of EVE. We invite you to join an online survey in your feedback will help us to decide what will we focus on the next few months.

The website in question looks like http://www.eveonline.com but instead of an "L" it uses the number "1"

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#14 - 2011-09-06 06:12:50 UTC
A new email is circulating around that looks very official. It uses EVE Online images and copies our formatting of past reactivation emails. There are a lot of grammatical errors in this email.


The exact text:

Over 20,000 players have reactivated accounts and returned to EVE Online. We're hoping you join them! Your characters are just as you left them, ready to take the challenges of all the new content that has been added since you were last here. Every account that is reacitvated through this promotion will be eligible for reduced subscription price of 5.95$ for the first month after the five-day period ends.

(image of "PLAY EVE NOW")

CLICK HERE TO FLY FREE FOR 5 DAYS

Terms and conditions
Offer expires October 31st, 2010. Full terms and conditions can be found on the current promotion reactivation page.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#15 - 2011-09-06 06:12:58 UTC
CCP Spitfire
C C P
C C P Alliance
#16 - 2011-09-06 06:13:06 UTC
New Phishing email:http://eve-0nline. DO NOT GO HERE limewebs.com/ images/album/lang/EN/slo/cache/https/secure.eveonline.com/login.aspxReturnUrl2fAccountManMenu.aspx3faid3d103543aid193543.htm

The above link came with an e-mail offering a 5 days reactivation of eve accounts. Do not click any links from this address.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#17 - 2011-09-06 06:13:14 UTC
Reported: There's an email circulating that offers 60 GTC for 360 mil ISK. The from line appears that it say "support@eveonline.com". Do not click on any of the links in this email as it is not from CCP.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#18 - 2011-09-06 06:13:21 UTC
One of the latest mails circulating has a link to Account Management which sends you to 'h**p:/218.12.32.213/ sansha/https/secure.eveonline.com/login.aspxReturnUrl2fAccountManMenu.aspx3faid3d103543aid193543.htm' - Please do not attempt to fix or copy this link and paste it into a browser.

This is most definitely a phishing link and we urge you to remain vigilant as always.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#19 - 2011-09-06 06:13:27 UTC
There is another malicious email out there. It has the subject "EVE Online: Character Transfer" and appears to have been sent from "Offers@eveonline.com". It asks you to visit the Account Management page, but the URL provided in the mail instead leads to a phishing site. Please do not click that link.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
CCP Spitfire
C C P
C C P Alliance
#20 - 2011-09-06 06:13:33 UTC
Hello everybody!

Looks like there is a new phishing email out with the subject *EVE Online - Character Transfer* similar to the previous one we have seen but with a different character name. If you aren't expecting a character transfer please do not click the links in the email. If you are expecting a character transfer notice, please verify the information in the email and TRIPLE check the links before clicking them.

If in doubt you can always navigate manually to secure.eveonline.com and inspect your account information.

CCP Spitfire | Marketing & Sales Team @ccp_spitfire
12Next page