PSA: Looks like more rounds of phishing whispers are going around

[Doki]

DO NOT FALL FOR IT AND DO NOT ENTER YOUR ACCOUNT CREDENTIALS!!!

As before, report ingame as RMT activity.

Whois search once again links the fake domain to namesilo. You can report them to the registrar for illegal activity at this link: https://new.namesilo.com/phishing_report.php

It's easy for the scammers to just create .com-f.ws or any other variant right after they get banned, so it will probably continue, but no reason to make it not cost them $$$ to keep registering new domains!

[MevariNavalo]

Ah, good to see other people taking action on this.

I've been writing quick little scripts in python that spam their page with thousands of fake usernames and passwords. Is it effective? Well, they try VERY hard to block me when I do it, and the site frequently 404s shortly after I start, often to switch to a different URL, so it appears to be at least some inconvenience to them.

[KayRadley]

Oh, bullocks. Here we go again.

[purrfessor]

ive had 2 of these myself ended up whispering the person telling them i was reporting them.. that im not stupid enough to fall for a clearly fake link when i enjoy reading forum posts while in DF queue and i even looked up the person to find their FC and eventually found someone from their FC to let the real owner know both times the FC peeps were really appreciative of me letting them know and were gonna let their member know via discord or some such
one even tried to offer me a reward no matter how much i told them i just wanted to help as ive had my account hacked before ( back when i played WoW and i lost everything and had to completly restart my character from scratch... it was seriously rough) and i understand the feeling of losing ur progress so no reward is needed and i just hope the real owner gets the account back asap

i just hope theres others out there at least trying to let the FC members know to tell the real owner that theres issues with their account and to take action asap

[KageTokage]

The thing about this scam that confuses me is that it's primarily aiming to steal people's gil (Judging from stories of victims having their FC chests cleaned out of gil, but nothing else)...but where the heck is the gil going?

If they're trying to sell it, the GMs presumably could easily track it and ban the "bank" accounts that are holding onto all of the stolen gil.

[Chasingstars]

Gotten two of those tells so far. Reported both as RMT. First time was searching for an A-Rank hunt in the Sea of Clouds. Second time was waiting for a ARR sightseeing vista to become available in East Shroud. Haven't gotten any of these tells however in cities.

[Payadopa]

Who falls for this? lol
But, yeah, SE should do something.

[Kirika-]

Ah, good to see other people taking action on this.

I've been writing quick little scripts in python that spam their page with thousands of fake usernames and passwords. Is it effective? Well, they try VERY hard to block me when I do it, and the site frequently 404s shortly after I start, often to switch to a different URL, so it appears to be at least some inconvenience to them.

While I do not recommend doing this on your own, a bit of digging shows that once you "log in" to the fake forum site, your IP is quickly hit with a variety of exploit attacks, which are mostly an attempt to knock your connection offline, which in turn disconnects you from the game and makes it much harder for you to attempt to prevent the account compromise. These attacks don't always work, as they are dependent on specific hardware and software, but they do work enough times for the whole phishing attempt to be effective.
And yes, if you do attempt to log into the fake site more than once or twice or so, they then block your IP.

Who falls for this? lol
But, yeah, SE should do something.

Unfortunately, enough so this phishing attack is still going on.
Once a phishing victim's account is taken over, it is quickly stripped of Gil and valuables, then used to send out more messages.

[Dustytome]

The thing about this scam that confuses me is that it's primarily aiming to steal people's gil (Judging from stories of victims having their FC chests cleaned out of gil, but nothing else)...but where the heck is the gil going?

If they're trying to sell it, the GMs presumably could easily track it and ban the "bank" accounts that are holding onto all of the stolen gil.

They're probably offloading it as quickly as possible and either getting paid via means that don't offer buyer protection or via credentials they can abuse/sell off to a 3rd party.

[SnowVix]

Who falls for this? lol
But, yeah, SE should do something.

Ask anyone who works in network security what the failure rate is on the fake phishing emails they send to see who paid attention to their repeated meetings and handbooks. A friend of mine got over a 10% attempted login rate from her company (over 15% clicking the link)