test content
Logo
What is the Arc Client?
Install Arc
Possible Phish Email?
hypl
Member Posts: 3,719 Arc User
I just got a strange email, supposedly from Perfect World Entertainment, Inc. stating that I requested a password reset. I made no such request. It contained a link that leads to "http://click.email.perfectworld.com/?qs=[string of random numbers and letters]"
To be safe, I changed my password through the ARC website, and of course it sent a radically different email for verification (from PWE rather than Perfect World Entertainment, Inc.).
Has anyone else gotten suspicious emails recently?
To be safe, I changed my password through the ARC website, and of course it sent a radically different email for verification (from PWE rather than Perfect World Entertainment, Inc.).
Has anyone else gotten suspicious emails recently?
Post edited by Unknown User on
0
Comments
Real join date September 2012
But that being said... I also got one for no reason. I didn't see anything that didn't look genuine, but I had no desire to change my password so I ignored it.
My character Tsin'xing
Most of the time you are correct, but just because it links to perfectworld.com does not mean it's guaranteed to be safe. It is possible the site could have a open redirect vulnerability, which would mean when you click the link, you do actually go to perfectworld.com, but them get immediately forwarded to the actual malicious domain (perhaps perfectw0rld.com or something that looks quite similar). A good rule to follow is that if you didn't expect an email, don't click on any links or open any attachments.
Which is why I said, "unless they are hiding the true link somehow." An open redirect vulnerability would apply for hiding the true link.
Sounds good, I was just more concerned about the rest of what you said:
Part of my job is to monitor phishing campaigns targeted at the company I work for, so just wanted to clarify some of the ambiguity in that statement - more often than not, yeah, hovering over the links in the phishing email reveals URLs to really random domains, but every so often, you get some actual well thought out phishing email campaigns, that are very hard for the average person to tell from the real thing.
Which is why I tell the average person just not to click on anything that they didn't expect
I have had 2 similar emails someone has found away to cause a password reset by using the accounts email address and putting the wrong password in a number of times, Facebook has this set up as well, I would add email@email.perfectworld.com on your block list.
Is there anything PWE can do about this on their end?
Good question. I wonder what any company really can do about it?
Goes like this ....
supply players with a special CODED account name and password that can be given to hackers to track them. You get a phish email, you provide them with one of these phony username/password combos that lets them log into a dummy account created by cryptic to look like a real player account. Trace their activity and observe them, as well as tracking their IP address etc. Use the info to catch them at whatever... spamming gold seller sites, trying to mess with the game, passing illegal money/items to buyers (catches the buyers), etc. Figure out what the hackers are doing, in other words, and learn to watch for that behavior and put a stop to it.
Its a lot of trouble, of course. But you asked if they COULD do something.
as a rule of thumb if you get an email of this nature it is always best to go through your normal route to the web site rather then going through the email itself and if its just a case of then resetting your password to be on the safe side then it cant hurt.
When I think about everything we've been through together,
maybe it's not the destination that matters, maybe it's the journey,
and if that journey takes a little longer,
so we can do something we all believe in,
I can't think of any place I'd rather be or any people I'd rather be with.
I clicked it. Then I realized what I had done, and I immediately changed my password via the official website.
(Hope this isn't replying too late to a thread and breaking forum rules.)
Something like that happens, when you spread your email on a lot of places. I got a spam address for unimportant things. For accounts that spell "money" I make up singular emails and passwords. That's what I did with STO. So if there is a mail to that one, it is only PWE to send it or they have a problem. All other mails to other emails will be ignored and deleted.
So in fact it is YOU who can improve safety!