Ditto the Monster looks at the world of family friendly online games from a Fabricated American perspective

Play Safe – Check those links!!

I got a very official email yesterday from another gaming company (NOT Wizard 101 or KingsIsle), warning me that my account might have been compromised and giving me a handy link to a very official looking website so I could go and change my password.  The problem was – I don’t play that game, and I’ve never had an account with their system.  It was a scam.

An example of a Phishing Site

An example of a Phishing Site - Always check the URL

These scams, called ‘phishing‘, are a two part process.  They send people an email that looks like it’s from some ‘official’ source – their bank, or Facebook, or their favorite video game.  This email will contain a ‘call to action’ – it will tell them that they need to log into their account to fix or verify something, and there is usually a serious consequence for not doing it, like your account getting canceled.

I’ve also seen this starting to pop up on social networking sites like Twitter as well, where URL Shorteners like bit.ly can mask a URLs true destination.  If you see some ReTweet about getting prizes or rewards from your favorite game, double check the link and be really careful!

The second part of the scam is a website, usually crafted to look exactly like the ‘real’ website, that will collect the username and password of everyone who tries to log into it.

It’s a fiendish plan, to be sure – send an email telling someone they have to log into their account to fix something, and then give them a link that looks like it’s a real website that will instead steal their password and let the bad guys into their account to steal their stuff.

To combat this and stay safe is easy, as long as you know it’s there.

  • First, always remember that no website or game is going to send you an email asking for your password.
  • Second, if you get an email telling you to log into a website to correct or change something, look very closely at the sender’s email address and the address it’s trying to send you to.  Instead of wizard101.com it might be wizardlOl.com – it doesn’t look too different, so you have to be careful.
  • Finally – instead of clicking a link in an email, go to the main website yourself and log in there, so you know you’re putting your credentials in the right place.

Phishing scams aren’t hard to avoid, you just have to know what you’re looking for and remember, never trust an email that’s asking for your account information or telling you to log in right away – no reputable company would do that.  Always check the URLs and if something looks suspicious, don’t put in your user information, that’s the safest play.

Play Safe!

3 responses

  1. Ditto,
    I hope more and more read this it will help many people.
    Awesome tips Always be safe!
    Your friend,

    June 14, 2011 at 11:58 am

  2. Blaze Firesword

    Ha, they should know better than to try and pull something like that on you Ditto.
    No one can pull a fast one on you, the master of safety.
    Anyways that was funny, NOTwizard101.com. Did you do that or was it real?

    June 14, 2011 at 3:48 pm

  3. Blazelightblade

    Hey Awesome tips thx hope they hope out people in the spiral
    😛 See you in the spiral maybe some times but never notice but
    So Thx for the tips ~Blaze lightblade

    June 16, 2011 at 1:19 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s