Jump to content

Quarterly Producer Letter for Q2 2024 ×

How do the scammers know I play SWTOR?

QuimboQuambo

By QuimboQuambo
in General Discussion

 Share

Recommended Posts

QuimboQuambo

QuimboQuambo

Posted
Posted

I just got this scam mail:

 

Greetings!

 

It has come to our attention that you are trying to sell your personal Star Wars account(s).

 

As you may not be aware of, this conflicts with the EULA and Terms of Agreement.

 

If this proves to be true, your account can and will be disabled.

 

It will be ongoing for further investigation by LucasArts's employees.

 

If you wish to not get your account suspended you should immediately verify your account ownership.

 

You can confirm that you are the original owner of the account to this secure website with: :

 

(URL removed)

 

Login to your account, In accordance following template to verify your account.

 

* Secret Question and Answer

Show * Please enter the correct information

 

If you ignore this mail your account can and will be closed permanently.

 

Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

 

Regards,

 

LucasArts, the LucasArts logo, STAR WARS and related properties are trademarks in the United States and/or in other countries of Lucasfilm Ltd. and/or its affiliates. 2011 Lucasfilm Entertainment Company Ltd. or Lucasfilm Ltd. All rights

 

The thing is: I'm not registered anywhere but this forum with this email account for SWTOR. I have a different email account which I used to register for beta, but used the current one I got the scam mail at for release.

 

So the only way to know I'm playing SWTOR with this email is through the database on their servers.

 

What's going on? How did they get to know I'm using this email account for SWTOR?

Link to comment
Share on other sites
  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Xugos

Xugos

Posted
Posted

Bioware could have a leak inside. I remember, prior to launch, they had a leak where someone accidentally sent a "beta invite" e-mail without beta codes to every single registered person.

 

Their security incompetence is appalling.

Link to comment
Share on other sites
Bansheedragon

Bansheedragon

Posted
Posted (edited)

The answer is simple, they dont know.

 

They send out mass mails to countless mails that have been more or less randomly generated, knowing that some of them will be a real mail address.

 

Then a small percentage of these will again fall for these scams and pay off for the scammers.

 

I have gotten similar mails for MMOs I have never played or even heard of before.

Edited by Bansheedragon
Link to comment
Share on other sites
QuimboQuambo

QuimboQuambo

Posted
  • Author
Posted
nope, they are guessing. I have never played a few of the games i get emails about. But if you have ever played wow it seems, your a target for any MMO. Wow leaked info im guessing a long time ago.

 

I never used the SWTOR email account for any other game at all.

Link to comment
Share on other sites
Bgiffo

Bgiffo

Posted
Posted

It's highly possible they've purchased information from one of the many information collection services on the net.

 

Ever notice how the advertisements online are almost always relevant to your interests? People you've never met know who you are and what you like.

Link to comment
Share on other sites
Lawsie

Lawsie

Posted
Posted
It's highly possible they've purchased information from one of the many information collection services on the net.

 

Ever notice how the advertisements online are almost always relevant to your interests? People you've never met know who you are and what you like.

 

google is the bane of all advertisements. They are always behind whatever adverts you get hence the address they come from. They then exchange this info with loads of others so your personal life is not so personal anymore.

Link to comment
Share on other sites
Zangaboing

Zangaboing

Posted
Posted
Bioware could have a leak inside. I remember, prior to launch, they had a leak where someone accidentally sent a "beta invite" e-mail without beta codes to every single registered person.

 

Their security incompetence is appalling.

 

*epic facepalm*

 

1) The mail you're refering to was a bug caused by their system and had nothing to do with their security

 

2) This happens with whatever new mmo comes out. The op either has/had an account on curse or any other similar site, their databases were hacked at some point and scammers started sending him fake mails about his wow/lineage/guildwars/Aion/wutever account. And now that TOR is out they just assumed that he would be playing this game too so they're sending similar mails. (For the record im still getting scam mails about WoW on an e-mail i never used for battle.net - go figure)

Link to comment
Share on other sites
Pheroras

Pheroras

Posted
Posted
when i got my beta key it was from a third party site, i don't remember the name offhand but i have it saved somewhere--i had to set up an account on that site to get a beta key. if i were you i would begin from that angle and consider what third party sites have reason to believe that you have a game account. of course there are probably many people who tried the beta and did not pursue a game account for the live version but i would expect that this is a rare event and that there is a database of likely subscribers being used by nefarious online perps.
Link to comment
Share on other sites
imtrick

imtrick

Posted
Posted (edited)
Bioware could have a leak inside. I remember, prior to launch, they had a leak where someone accidentally sent a "beta invite" e-mail without beta codes to every single registered person.

 

Their security incompetence is appalling.

 

Either you're trolling, or sadly misinformed.

 

Yes, during beta Bioware sent emails out to most of their mailing list by mistake. How anyone could see this as some sort of security issue is a mystery to me. It was their own list, and they sent it. Nothing was leaked. Nobody's information was compromised in any way. The just sent a beta follow-up to the wrong list.

 

If you can give one example of a security issue, then I'll start taking you seriously. Until then, you're just spreading misinformation. As far as I know, to this point, the SW:TOR team's security record is spotless. There are a lot of things you can criticize them for, but security isn't one of them.

Edited by imtrick
Link to comment
Share on other sites
QuimboQuambo

QuimboQuambo

Posted
  • Author
Posted
*epic facepalm*

 

2) This happens with whatever new mmo comes out. The op either has/had an account on curse or any other similar site, their databases were hacked at some point and scammers started sending him fake mails about his wow/lineage/guildwars/Aion/wutever account. And now that TOR is out they just assumed that he would be playing this game too so they're sending similar mails. (For the record im still getting scam mails about WoW on an e-mail i never used for battle.net - go figure)

 

I already said this is not the case. This address was never used for any game, I always used a different one in the past.

 

I know quite a bit about security, because it is my everydays work. Thus I'm not careless with registering everywhere in the net with the same address, I have a bunch.

Link to comment
Share on other sites
imtrick

imtrick

Posted
Posted (edited)
I already said this is not the case. This address was never used for any game, I always used a different one in the past.

 

I know quite a bit about security, because it is my everydays work. Thus I'm not careless with registering everywhere in the net with the same address, I have a bunch.

 

If you work in security every day (and I actually do -- no joke), you know what a dictionary attack is.

 

And really, what are you expecting asking here? Another thing you'll know if you work in security is that there's no way to figure out how they managed to send mail to your address. It happens all the time for reasons that have absolutely nothing to do with your information being leaked, and that there's no way for anyone to know how they did it.

Edited by imtrick
Link to comment
Share on other sites
QuimboQuambo

QuimboQuambo

Posted
  • Author
Posted
That does not matter.

If you read what I posted in the second reply I explained one way they do it.

 

So, why didn't I get the scam mails on the other address I used to register for beta - which is indeed a disposal email of mine - I use for site where spam is likely. But instead I got it on a virgin address (when it comes to games).

Link to comment
Share on other sites
iamzombie

iamzombie

Posted
Posted

Holy crap, seriously? I hoped Op was trolling, but i think he's actually under the impression this was an individually target scam email?

 

This is called a phishing scam... They send the email to every address they can get their hands on, sometimes just mass mailing thousands of addresses. They assume some of the people they send it to are playing the game, and then hope some of those people are dumb enough to fall for their scam.

 

Seriously... these have been circulating since WoW became popular.

Link to comment
Share on other sites
Saber_Six

Saber_Six

Posted
Posted
I just got this scam mail:

 

 

 

The thing is: I'm not registered anywhere but this forum with this email account for SWTOR. I have a different email account which I used to register for beta, but used the current one I got the scam mail at for release.

 

So the only way to know I'm playing SWTOR with this email is through the database on their servers.

 

What's going on? How did they get to know I'm using this email account for SWTOR?

 

Likely just blind emails. I get emails for games I don't play or email for games I do on email accounts I've never used for my games. It's called phishing for a reason.

Link to comment
Share on other sites
QuimboQuambo

QuimboQuambo

Posted
  • Author
Posted (edited)
They send the email to every address they can get their hands on, sometimes just mass mailing thousands of addresses.

 

And this is exactly the question. How did they get my email when I didn't ever use it for any other game or game related forums at all?

Edited by QuimboQuambo
Link to comment
Share on other sites
imtrick

imtrick

Posted
Posted (edited)
And this is exactly the question. How did they get my email when I didn't ever use it for any other game at all?

 

OK, so you don't really work in security.

 

They don't need to know your address before they send the email.

 

Edit: So I just checked my spam folder on one of my accounts, and found the exact same email, except that is was the WoW version... here's a chunk of it:

 

Greetings,

 

It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.

 

You can confirm that you are the original owner of the account to this secure website with:

 

This email address has never even been used for WoW, and I'm certainly not going to accuse Blizzard of leaking an address I never gave them.

Edited by imtrick
Link to comment
Share on other sites
QuimboQuambo

QuimboQuambo

Posted
  • Author
Posted (edited)
OK, so you don't really work in security.

 

They don't need to know your address before they send the email.

 

You really wanna imply they are sending an SWTOR phishing mail to every possible combination of letter forming an email address? That, sir, is BS ;)

 

In that case, every person in the net would have gotten WoW, EVE, SWTOR, SWG, ... phishing mails even if they don't play it.

 

I can confirm this didn't happen because I have a lot of email accounts which did not get these now or in the past.

Edited by QuimboQuambo
Link to comment
Share on other sites
Jignity

Jignity

Posted
Posted
There's a good chance you've got some kind of worm or keylogger or some other kind of ad- or malware on your pc. These programs are made to attain info on where you've been on the web and are unfortunately, not uncommon. Get some proper tools to scan your system. Google is your friend! There is no reason at all to blame bioware for this.
Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.