Scam Prevention Article
Written and Compiled by Hellgawd + JD of the MMOwned News Team
Welcome to the MMOwned.com Scam Prevention article! This article has six key pages that are crucial to your online - and offline - safety regarding scamming. If you have something you would like to add to the article, feel free to post it below. Please remember that MMOwned does not condone scamming, only the prevention and negation of scamming. Thank you, and keep reading!
1. Online Phishing
2. Social Engineering
3. Offline Phishing
4. Keyloggers
5. In-Game Scamming
6. MMOwned and Scamming
[BREAK=Online Phishing]
1. Online Phishing
Online phishing is the most common form of phishing. Thankfully, it is also the easiest to prevent, as long as you know what to look for.
Most often, phishers are spread via falsified emails. Expert phishers have ways of making the emails virtually undetectable, but even if you click on a phishing link - you are still safe, as you will see.
Some quick tips to filter out phishing emails:
-Windows Live Mail picks up many phishing emails. Trust it.
-If you see unformatted or 'piecemeal' HTML code, it's fake.
-If you see a URL link that actually leads to a different URL (by hovering), it's fake.
These are just basic, common sense steps you can use to prevent yourself being phished.
Now, even if you were tricked into going to a phishing page, not all is lost! First off, take a look at the URL at the top of your screen.
If it says something suspicious, incorrect, utilizes a free-web hosting service, or is mis-spelled - you are looking at a phishing page! Sometimes, even the best of us miss these ques, and if this happens, you are still fine. Read on!
Blizzard uses SSL security on all of their account management pages. This includes Beta Opt-in pages.
If you are sent to a page that gets you to enter any personal information, keys, gametime codes, account information, ect - always check to see if the URL starts with 'https' and that the SSL certificate says 'Blizzard Entertainment' or 'WorldofWarcraft.com'. If it doesn't - you've met a phisher!
As well, look at the phisher content in general. Blizzard will never have a page on their website giving you 50000 free gold - so don't believe it! If it's too good to be true, it ISNT TRUE.
All of these basic, basic tips will make you practically immune to phishing.
[BREAK=Social Engineering]
2. Social Engineering
Alright, now we will be going into detail about social engineering, and how it is used to scam YOU out of your precious world of warcraft swag.
This should give quite a nice description of what social engineering is and you can probably imagine how people who are good at it are able to talk people in to doing or saying anything they want. This is also one of the more advanced techniques of scamming and for the most, more experienced, scammers it's prefered over phishers or keyloggers. Some famous social engineers are Kevin Mitnick and the Badir Brothers. Quoting Kevin Mitnick's famous words; "It's easier to get someone to tell you their password than to take hours to hack in to their system".Originally Posted by wikipedia
Social engineering is the act of manipulating people into performing actions or divulging confidential information.
Social Engineering in WoW Scams
You probably realize that Social Engineering is one of the best ways of scamming someone without using any tools. I'm not here to talk about how to scam someone tho, I'm here to tell you how to not get scammed. So here we go.
Not getting scammed
1. When selling you WoW account always make sure you're not the one giving your account info before your buyer pays.
2. When trading using in game gold always make sure you don't go under the price you chose when you're selling something and don't go over the price if you're buying something.
3. When someone is trying to get your account info saying he's a GM or if he's saying he needs your info for something just don't give it. He's not a GM and he won't need it.
4. Don't trust anyone you don't know.
[BREAK=Offline Phishing]
3. Offline Phishing (AKA Application Phishing)
Application Phishers are one of the most frustrating phishers to run into. Not only can they spread common computer viruses, such as keyloggers which can then compromise your security and other people that trust you's security, but they often look just as 'legit' as real programs - cause they are real programs, just with false functions.
The most common form of Application Phisher is seen as a 'Cataclysm Alpha/Beta Downloader' or a 'Gamecard Generator'. Both of these get you to submit personal information and/or gamecards that will eventually be used without your consent.
Most of these phishers can be thwarted out using some common sense. If it looks fake, it most likely is!
If its going to get you into the Cataclysm Beta, or give you 50000 billion months of gametime - think again! Things like these do NOT exist.
As well, always check the origin of these applications. Often, they will be missing specific information in the application properties, that official Blizzard applications won't. Always check the digital signatures portion of applications, as well as the details. If it says something like 'Default' or '1337 Hackers Group' - delete the application immediately.
More advanced applications might have already infiltrated common uses of your computer, such as browsing the internet. If this is the case, and you suspect something like this, you are at risk whenever you visit a proper-website, like worldofwarcraft.com. Always do frequent anti-virus scans and ensure you have the most up to date software updates installed.
[BREAK=Keyloggers]
4. Keyloggers
For this part of the article I'm going to tell you guys something about keyloggers and how not to get scammed by people using them.
You can probably imagine how keyloggers are used for scamming WoW accounts and other information. Someone sends you a program saying that it's a GM account creator and you don't have to fill in your account information! That's great if it were true but unfortunately the creator added a keylogger to the program. It tells you to login to your WoW account which you do. You fill in your account name and password and that information gets sent to the creator's email address. He can then log in to your account and do what ever he wants with it.Keystroke logging (often called keylogging) is the practice of noting (or logging) the keys struck on a keyboard
Not getting scammed
1. Install a good virus scanner
2. Never accept any software that looks to good to be true.
3. Run software using SandBoxie
More Information
[BREAK=In-Game Phishing]
5. In-Game Phishing
This part of the article is all about In Game Scams and how not to get scammed by people using them.
In game scams are mostly based on social engineering, telling people that their GM's faking a trade.In game scams are scams done inside the World of Warcraft
Example!
A conversation between Bob's character and a Scammer;
Bob in /2: Want to buy 20 eternal fire!
Scammer in /w: I have 20 but I have to go quickly, I'll COD them to you
Bob: Okay, sure how much?
Scammer: 200G
Bob: Fine, thanks
Scamer: No problem, later
The scammer logs off and, an hour later, Bob gets his eternal fires... The mail says "eternal fire (20)" so Bob opens it, pays the 200G but only recieves 1 eternal fire! He got scammed and is a sad, sad panda...
What happend? The scammer put one eternal fire in and changed the title from (1) to (20). Bob thought he got his 20 etenal fires but only got one!
How not to get scammed
1. Don't trust anyone you don't know.
2. Don't give out any private information
3. Make sure your trades are always exactly what you thought it was.
[BREAK=MMOwned and Scamming]
6. MMOwned and Scamming
MMOwned does not support illegal scamming methods. Things like in-game 'pranks' they might be called, where you get items for a few gold-digits cheaper (The Backspace Scam) or other such scams are still allowed. The Scamming Section of MMOwned has recently gotten a new ruleset put into place, giving it the purpose it was originally intended to have - how to PREVENT being scammed. MMOwned's Scamming Section is a perfect area to read up on other anti-scamming tips and information bulletins. You can also report suspected phishers in that section as well, so other people can give you the verdict if they are VALID or PHISHER.
Thank you for reading,
MMOwned News Team [Hellgawd + JD]