test content
Logo
What is the Arc Client?
Install Arc
Public Service Warning
macarthur1961
Member Posts: 107 Arc User
Hello,
I am providing this information as a public service warning.
Tonight when I checked my Email, there was one purporting to be from MSN Outlook. It said they had made changes and I needed to update my account information within 2 days or my Email acct would be closed.
When I tried going to the site, Google stopped me saying it was a known Phishing site. Google also gave me the true name of the site... which seemed strangely familiar from my recent past. The name was stoyanov-metal-service.com and was from Poland. I am pretty sure he [?] is a Zone chat spam seller whom I reported recently. I do know I had some contact with the name Yanov and that "metal" was somehow attached to it while in game in the last few days.
What concerns me is how this individual obtained my Email address. And if he is a Zone spam seller, how did he even know I reported him?
Regardless of that, I felt it to be my duty to my fellow STO family to put out this warning. And to remind you all it is a wise idea ro buy STO ships, ECs and other items from STO and not these Zone spam sellers. Unless you want to unintentionally give you personal information to such as these... um... [note to self:stay polite]... people.
Hope you all have a great day!!! Poru...!!!
I am providing this information as a public service warning.
Tonight when I checked my Email, there was one purporting to be from MSN Outlook. It said they had made changes and I needed to update my account information within 2 days or my Email acct would be closed.
When I tried going to the site, Google stopped me saying it was a known Phishing site. Google also gave me the true name of the site... which seemed strangely familiar from my recent past. The name was stoyanov-metal-service.com and was from Poland. I am pretty sure he [?] is a Zone chat spam seller whom I reported recently. I do know I had some contact with the name Yanov and that "metal" was somehow attached to it while in game in the last few days.
What concerns me is how this individual obtained my Email address. And if he is a Zone spam seller, how did he even know I reported him?
Regardless of that, I felt it to be my duty to my fellow STO family to put out this warning. And to remind you all it is a wise idea ro buy STO ships, ECs and other items from STO and not these Zone spam sellers. Unless you want to unintentionally give you personal information to such as these... um... [note to self:stay polite]... people.
Hope you all have a great day!!! Poru...!!!
Post edited by macarthur1961 on
0
Comments
Well, I never gave him mine. So how do you know he can't hack and get yours too?
Your response seems... interesting. Since the only way you could check would be if you actually know him. And if you were a low life hacker friend/accomplice of his. I am going to give you the benefit of the doubt though, and assume you were making an attempt at humor or trolling.
I am merely trying to help folks regarding a serious threat.
Have a great day.
My character Tsin'xing
WTH are you doing clicking on links in emails that are clearly phishing emails?
The link to STO is slim and in the overall story a backseat to the more important point that is: use some actual common sense when reading emails and don't click on links without at the least hovering over it to verify it's legit.
When stepping on a mine, it makes little difference if the mine is from Poland or Chicago. It's more important to not step on the mine.
Oh, and it's been common knowledge that those guys steal identities and it's no surprise that they would cross reference names they see in game with email lists to target for phishing. It's common across many MMOs.
There's a pollock joke just simmering in there somewhere.
ThIs related to STO because the ONLY way this person/group with an active STO acct was able to access my Email info would have been from TRIBBLE STO data. So it is a security warning that doing the right thing and reporting these rule [law?] breakers may have unexpected repercussions so that folks are forewarned.
While it is easy to criticize and insult those trying to do a community service, I have worked up to 7 Days a week and up to 22.5 hours a day for 38 years. I had no time to learn about the internet as it was not in any way important to the important work I was doing. Now I am retired and have time for learning about internet and recreational activities such as STO.
So please realize, we have not all had the time in our lives to sit at desks playing/working with computers. We are internet toddlers if you want... and should be given some slack. Please. Thanks.
As well, points are better taken without personal attacks. That is Psychology 101, lol.
Thanks, I think... lol. If I understood you correctly, I may be an exception to what you are saying as my user name and Email address are in no way related. And are only used for STO and the Heart and Stroke Foundation of Canada. So this person can only have gotten my info from one of these 2 sources, I believe. And I do know it is someone I experienced while in STO in the last few days. Thus my community warning. Just trying to help.
Thanks... I will look into this RL "junk bunker" solution.
Rule 2 - If your account handle is the same as an email address - ie ("macarthur1961@{email-provider}"), then anyone who is looking to phish information / steal login credentials will simply look in game, chat with unsuspecting subjects (try not to give your age, political views, monetary worth, # of store purchases, $$$ spent, etc over chat), and try and target those who seem most easy to hit by simply testing against common email providers, hoping the victim clicks a link, and evermore so enters any identifying or personal information.
Rule 3 - You clicked a suspicious link, and unless you had a really good adblocker, or a javascript blocker, I would suggest NOT changing vital passwords through your computer, unless you have already entered them since. You should start running a virus scan ASAP, as well as a spyware scan, and just to be safe purge the browser you used.
Rule 4 - "Report Spam" anytime you see a spammer. Don't engage with the spammer, don't look at the spammer, "This is not the spammer you're looking for", continue on with your day.
Rule 5, 6, 7, 8, 9 ... Infinity - Refer to rule 4
Not sure what you were trying to say there, but pollock is a fish. https://en.wikipedia.org/wiki/Pollock They're not very funny.
a wise precaution with any email reporting problems be it google, ebay, paypal, msn or most importantly your online banking and any others you might have accounts with.
NEVER click on the link in the email, always go directly to the site concerned or contact the customer services if there is one, in the case of online banking you can always contact your bank by phone or go to your nearest branch for advise.
When I think about everything we've been through together,
maybe it's not the destination that matters, maybe it's the journey,
and if that journey takes a little longer,
so we can do something we all believe in,
I can't think of any place I'd rather be or any people I'd rather be with.
Actually, my login name's different from my username.
oops. Typo >.<
Insult? Personal attacks? My question about why you would click on an a link in an email was the only thing directed at you and it was neither an insult nor a personal attack.
Let me ask you this...would you use a chainsaw without first learning how to use it?
Is learning to use a chainsaw a skill that takes decades? Is learning to use a chainsaw something only young people can learn? Are the elderly or VIPs exempt from learning to use a chainsaw because they didn't have time in their youth or in their career?
The internet is like a chainsaw. It is not safe by default. In fact, with no protection and little common sense, it can be very dangerous. I would recommend dropping the crutch of time and taking it serious if you want to avoid the many numerous pitfalls you will encounter...and stop wearing your feelings on your sleeve....that's just asking for trolling.
You appear to have registered with http://www.unitedfed.net/ in the past. It is possible they or their hosting company sold their email list for $$$. One of the admin's accounts could have been TRIBBLE as well, giving access to the email addresses of the users. There are plenty of ways to link people around. heck, I was once stalked by an ex-GF after she cross referenced some of my information online. People are willing to go to great lengths if their have reason to do so.
You get off on being a jerk, don't you?
My character Tsin'xing
p.s.
any email demanding you change/update account information is 95% likely bogus.
1) (because it can't be said often enough): Don't click on links in emails.
2) This also holds for mails from friends. A common theme is somebody breaking into one of your friends' email account and then sending mails to addresses gathered from there with (fake) sender addresses also from there. There is a good chance the people may know each other and thus be less aware. E. g. after holiday season you may get an email "Hello, here are some nice holiday pics" from an acquaintance.
2a) There are exceptions. If you talk with somebody and he tells you he'll send you an email with a link to a youtube video he discovered the same afternoon, and on said afternoon a mail comes with a youtube link and accompanying identifying text "This is the video I was talking about while we were chatting in front of our office today", there's a chance it's legit. If it includes quotes from your last mail, it may be legit. Everything short of that: beware.
3) To check whether something legit looking is actually legit (because there may be some cases where action on your part is needed):
3a) If the mail apparently comes from a friend/acquaintance/colleague: ask them whether they sent you this mail. Not via "reply" button, but either by phone or by a new mail.
3b) If the mail apparently comes from a company you have a business relationship with, log onto their homepage (not by clicking a link, but by actually typing their address into a browser window). You'll either get an instant notification or you will find info on your user settings page. A legit email by the way will tell you where on their homepage you'll find all relevant info.
3c) If the mail apparently comes from a company or person you don't have any business with: just delete it. There is no way in heaven it is in your interest, no matter what it says.
4) Keep in mind telltale signs of phishing mails (absence of which does usually NOT prove they're not phishing):
a) Unsolicited mail - no context, you had no discussion going, just a short mail with a link
b) Uncommon salutation: people using your screenname instead of your real name, your real name instead of a shorthand/nickname they would use (e. g. somebody who'd usually call you "Dave" suddenly writing "David")
c) (If from a company) spelling mistakes
d) A mail which is basically a linked picture instead of plain text (you will notice this since your mouse arrow changes when going over seemingly plain text as if there was a link)
e) A company providing no individual detail (apart from maybe the name) about the issue, using only generic terms/phrases like "There is a problem with a checque you wrote" or similar
5) A quick test is (as suggested above) hovering over links provided. On the status bar (usually the bottom line of your browser) you will then see the URL of the page it links to. This should be both the same page they name in the mail and have the usual domain of the company. It should also not be too long with too many "codes" like "lfg1768790ikcAY08" or similar. If not, it's a scam. Even if it works out, still use 3b, but you can be more certain that it may be worth looking around for info.
6) While there are some "legit" businesses using spam (legit meaning here: they actually do sell and deliver the promised goods and won't just take your money and run) they're few and far between - and usually you can get the same stuff cheaper or better or often more legal elsewhere. So if something offered piques your interest, google where else you can find a cheap credit card, pictures of nekkid people (hint: those are pretty much everywhere) or whathaveyou.
7) Always keep in mind that many scams aren't directly after your money, but after access to your computer, so the link may seem to not work and you think "no harm done", but they then can either read what you're typing in your computer (hint: passwords) or can use your computer for other illicit issues. So whenever you clicked something, even if nothing seems to have come from it, you have endangered your computer, thus it is always needed to
8) Use protection whenever you engage with the net so you will not catch any virus while enjoying yourself. So you can, if you made a mistake, and possibly most of us did once, you can notice it immediately and keep the effects in check.
If someone sends you an email with a subject like: "hey check out this cool news story", a url going to cnn.com is not suspicious, but a url going to cnn.gwmn.com IS suspicious.
My character Tsin'xing
If you're ever in doubt, instead of clicking the link, go to the page you normally use to log into that service and see if you have any alerts on your account. Never follow the link in the email because 100% of the time it will be fake.
If you're still not sure, google it.
On another note, the email has nothing to do with STO. There is no way a gold spammer could get your email or know you reported them. More then likely, the name on the email sounds similar to an account name you recently reported and you made a connection that does not exist. These emails go around like wild fire, they send millions of them a day to random accounts everywhere, it has nothing to do with STO.
Thanks for advice... but I never said I engaged spammer. I reported spammer to STO and somehow spammer found out and pursued interaction with me. And my Email is nothing like my user name. But I do have good blockers, AV and malware removal software.
Definitely food for thought. Especially the reference to www.unitedfed.net The fact that you were somehow able to research THAT info on me is both surprising and disturbing, although I realize you are just trying to make a point. Point taken.
BTW... I only use the internet for STO and my Email. Exclusively. In fact, the only reason I hooked up the internet is to play STO as I can access my Email anywhere.
Again, thanks for the enlightenment.
If you have a bit of google-fu you can find out a lot about people who tend to use their screen name in multiple places. Especially if it ain't that generic. In this case it is sufficient to look for "macarthur1961 star trek" - not that much of a stretch - to get this info on the first page. (Well, you'd have to assume that the same user name means the same person). So it always is a good idea to keep this in mind. You won't be able to completely prevent it, and usually people won't really bother - kjfett most probably really wasn't interested in you but as you think in making a point - but you should keep more sensitive things apart from your day-to-day stuff. I'd recomment two email adresses (one for the "private" you, one for the "business" you) but that's not as important as using different login names passwords on, say, steam and your online banking.
(As for me, even though this isn't my usual screen name online you can find out about my real name, address, work places, phone number, age, marital status, ... with a couple of progressive google searches if you just know what to look for. No nude pics though, so it probably isn't worth the bother)