Quote Originally Posted by Packetdancer View Post
The 2FA token is great, but it isn't enough. Plus the Square-Enix 2FA token also has a very long timer on it; if you provide that 2FA code on a phishing site (as you are baited into doing on this one), there is more than enough time for someone to log in as you.
The rest of your post is excellent and I agree with it I just wanna touch on this bit.
It's very likely automated. There isn't someone sitting around waiting for an alert to pop up telling him someone fell for the phishing site. It's much more likely that once someone enters that information it's nearly instantly populated into a game client and logged in without human intervention.
It's only at that point a human operator would probably make more sense to take over, but even then I wouldn't put it past them to bot the gil removal, FC gil check, and future tell spam.