Results -9 to 0 of 6

Threaded View

  1. 03-17-2021 07:59 AM #1
    MevariNavalo
    Player
    MevariNavalo's Avatar
    Join Date
    Sep 2020
    Posts
    52
    Character
    Mevari Navalo
    World
    Zalera
    Main Class
    Bard Lv 90

    How to take down phishing scams the legit way

    You've probably already noticed the phishing scammers. They PM you a url to what looks like the FFXIV forum, but it's fake. If you haven't seen that... just be aware it's a thing.

    I've been doing this little side project of mine lately where I mess with the phishing scammers. One of my most effective means of messing with them involves using a python script that spams their webpage with fake logins. However, I'm going to teach you a more legit way to mess with them... reporting them directly to their DNS host.

    Step one: Do a quick Whois lookup (optional)

    What you're looking for who in particular is their registrar. I use this website to do this, usually: https://www.whois.com/whois/
    So far, they seem to use exclusively NameSilo as their registar, although they frequently use Web4Africa as their host.

    Once you've confirmed that their registar is NameSilo, which they almost certainly will keep using, move on to the next step.

    Step two: File a phishing report with NameSilo

    While NameSilo has an "abuse" email address, don't bother using it. For any phishing reports they will send you to the following website: https://new.namesilo.com/phishing_report

    Fill it out as follows. Feel free to use this email if you don't want to use your own. Note that you want to give them the direct link to whatever happens to be the fake login page. This is usually a subdirectory that ends with /reply.

    Your Email:
    ffxivantifishingteam@gmail.com

    Real Website:
    https://forum.square-enix.com/ffxiv/forum.php

    Phishing Website:
    [Copy/paste the phishing website here, remember to link them directly to the fake login page rather than the fake message board]

    Report:
    We have found a phishing website pretending to be the forum for the video game "Final Fantasy XIV", owned by Square Enix. They are using this website to steal game accounts.
    They frequently change URLs, so the above website will possibly 404 by the time you read this. Please use the attached image for photographic proof.

    Step three: Screenshot the fake login page

    Save a screenshot of the fake login page on the phishing website, making sure to include your browser's address bar. You can do this with the old printscreen button and microsoft paint, although I personally use the program Lightshot to make taking screenshots easier. Once you've got a good screenshot, attach it to the report and hit send.

    That's it! After doing that, the website will usually go down in an hour or two.

    Edit: Oh, and most importantly... don't actually try to log in to the damn site. Just visiting it won't hack your computer or anything crazy like that, just don't punch in your damn account information and you'll be fine.
    (10)
    Last edited by MevariNavalo; 03-17-2021 at 08:15 AM.
    ________________________________________

    "Mevari, the Blue Mage spell 'Eruption' is not an instrument."
    "Yes it is, and I'm going to use 21 of them."
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »