Today Carmencita was approached on MSN Messenger by a person claiming to be a sales rep for a company called "IPS Company". This person offered to rent her level 70 characters for $20 a week, in exchange they would use them to farm gold.
The person then sent her a link to their website, which I will NOT post here, that was very poorly done and incomplete. I'll note that it utilized some flash, but I did not see the recently discovered flash exploit.
The languaged used by the "sales rep" and the very poorly done website indicated to me that it was a scam designed to acquire her account information/password. The person used language such as "hehe :P", "plz","acc", and was otherwise very unprofessional.
I'm posting this as a warning to everyone that this is happening.
Unfortunately, it would seem they may be doing this now while the worldofwarcraft.com site is intermittent pending updates so people cannot change their passwords easily.
No worries, Carmen's account was not compromised.
Did Carmen ever buy gold or sign up for an account on the non-Tier1 WoW web sites?
Not that I know, she said she's never put that email address anywhere but here. I also did a quick check and it doesn't come up on any searches, especially not associated with any wow things.
Are there any references to wow on her msn profile page? They could also collect lists of player names from the armory and/or forums and spam various messengers since a lot of people try to use the same name everywhere online. Data miners have gotten very clever at connecting the dots with search engine info so it doesn't necessarily mean they've somehow accessed secure/private/hidden data. But most people are clueless (or just lazy) about covering their tracks online, and resisting the temptation to CLICK HERE even when they suspect it's a scam.
I would be far more worried about the web page. It could be an old flash exploit or a much newer one. Either way if you looked at it you'd better make damn sure it didn't install a keylogger or a bot.
Yea i know all that. Like I said, I checked her email address and it doesn't come up on any searches at all. I checked the website and it doesn't install anything or appear to utilize any exploits. I believe it was a simple scam designed to get her to give up her account information. As far as how they contacted her, I think it was a random sweep. Regardless, they didn't get her. This warning is for the rest of us, just in case.
Hmmm... I wonder if this is linked to today's bad news re: the account ban.
no it's not. i cleared her pc at the time. I am VERY thorough. And again, why just mine and not her's too?
Typically they wait and exploit later in batches. Carmencita may be next - change that password often.
That also happened after the last time she used my account. And obviously she didn't save the password. I also, at the time, checked the site and it wasn't exploiting any known exploits or even trying to access or download anything.
I'm not being clear.
In three years + of playing this game, I have never been approached with this sort of scam. I wonder if she was hacked before the offer came across.
Oh I see. I don't think so because remember I had cleaned some spyware from her PC before, and I didn't see anything in there. That was before she had used it.