Player tried to scam me with false link.

[CornishDinosaur]

Hello all! I realised I was being scammed and have changed my password, so just wanted to put out a warning to everyone. I've already reported the user and the page, but wanted to warn everyone who might have recieved a /tell as well.

I was in Ishgard and got a /tell from (another player), announcing they were quitting and were doing a 300 million gil raffle on the forums. The link, of course, went to fake copy of the forums and the thread, "300M Gil Raffle", by the fake user "Ahnthistik" who was showing the fake character "Problematic Fav" from "Omega", is naturally designed to make you want to click that log in button at the top right.

multiple fake profiles in the comments, as proven by them 404ing if you try to view said profiles, are abound, however the Moderater account "Enkrateia", which has also commented, is legitimate and has had false comments inserted to make the fake page look more legitimate.

Apologies for the full-size screenshot, I wanted to leave no doubt I'm being honest and this seemed the simplest way.

[Caitlinzulu]

god, this one is years old and should be well known by now. And still people fall for it.

[DiaDeem]

Nothing wrong with a reminder.

Wasn't there also one that said something like... "We can't let Square Enix do this. Vote in SUSPICIOUS LINK forum thread and help us voice our concern" or something like that?

Always be mindful of what you click on.

[Fawkes]

It might seem counterintuitive, but I think you can actually get in trouble for showing/saying the scammer's name. You might want to edit it out of your post.

[CornishDinosaur]

god, this one is years old and should be well known by now. And still people fall for it.

In retrospect I feel very silly! I'm just glad I realised in time to change my password, and I wanted to let others who might fall for it know.

[CornishDinosaur]

It might seem counterintuitive, but I think you can actually get in trouble for showing/saying the scammer's name. You might want to edit it out of your post.

Thank you for letting me know, I'll do so now.

[Caitlinzulu]

Yes there was. And reminding people is good.
What hit me in the OP was that they changed their password. If you didnt go to the site then there is zero need to change it.
Also not wanting to speak bad of OP, but do we even need to check how legitimate the scammrs website looks? the adress itself is fishy and that should be enought to steer wide around it.
The proliferation of qr codes and how mindless peop,e read them and follow them blindly open them, unable to often even verify the adress, scares the hell out of me.

[SaberMaxwell]

god, this one is years old and should be well known by now. And still people fall for it.

People fall for every trick in the book. If social engineering weren't so effective, it wouldn't be the first and often best trick to obtaining target credentials.

[CornishDinosaur]

Yes there was. And reminding people is good.
What hit me in the OP was that they changed their password. If you didnt go to the site then there is zero need to change it.
Also not wanting to speak bad of OP, but do we even need to check how legitimate the scammrs website looks? the adress itself is fishy and that should be enought to steer wide around it.
The proliferation of qr codes and how mindless peop,e read them and follow them blindly open them, unable to often even verify the adress, scares the hell out of me.

No no, it's okay to speak bad of me in this instance, I should have known better! I should have known the fake part of the link was, well, fake, yet I still fell for it lol

[VelKallor]

No no, it's okay to speak bad of me in this instance, I should have known better! I should have known the fake part of the link was, well, fake, yet I still fell for it lol

Get the OTP software. Password alone wont do it as they can be brute forced, the OTP is unbreakable as it changes every few seconds.

As for falling for scammers, I had one scammer call me the other day calling me about "Telstra issues with my broadband"...Australia uses a national broadband network, and aside from a few isolated places, Telstra hasnt been an ISP for almost six years. People still get scammed.

The old adage applies:

If it seems too good to be true, it usually is.