Fraudulent / Malicious Email Alert

[Teddy]

Hello,

We've become aware of an email being received by some that appears to originate from Argonath RPG using third party mail services like Yahoo and Gmail. These emails ARE NOT Argonaths, all of our official emails originate from *.argonathrpg.com, argonathrpg.com, and argonathrpg.eu. We do NOT use any other third party service.

Do NOT click any links from these emails. Do NOT reply to them. Delete them immediately.

Kindly,
Web Team

[Khm]

who's it this time.. Thanks for the heads up.

[Teddy]

I've already managed to reverse the intent of the link. It appears to try and hijack your forum session if you are already logged in. Good news is Google Chrome and Firefox have built-in protection against this, as does our forum to a degree. IE users may be vulnerable but that's nothing new since it's an insecure piece of shit anyways.

Just to be safe, avoid clicking the link anyways.

who's it this time.. Thanks for the heads up.

I kinda hoped they were dumb enough to use their real name or Argonath name when signing up for either but doesn't appear so. Not entirely sure, best we can do now is make sure people are aware.

[Khm]

I kinda hoped they were dumb enough to use their real name or Argonath name when signing up for either but doesn't appear so. Not entirely sure, best we can do now is make sure people are aware.

Once someone falls for it, we will find out who's behind it anyways.
Desperately waiting for their e-mail tbh.

[SugarD]

Will be keeping an eye out.

[Rei]

Do those email appear only in our spam box in gmail, or they can be among these emails we get for example when someone send us a message in forum?

[[NP]Monte Montague]

Do those email appear only in our spam box in gmail, or they can be among these emails we get for example when someone send us a message in forum?

Spoof emails, phishing emails, emails that contain malware and so on and so forth can be made to look like actual emails so YOU NEED TO BE CAUTIOUS.


Do NOT use the same email you use for everything else with ArgonathRPG.
Don't use the same passwords or details if it can be helped.

Make sure you have appropriate anti virus, anti malware software. Don't rely on the free stuff.

Use a mainstream email client or one that you know is secure.

Don't use outlook / desktop email clients / applications or the like as THEY ARE vulnerable. Especially important for windows users who don't know what they are doing or who can not be bothered to protect their devices or those who just simply are ignorant.

Make sure you know what sort of addons you put on your chrome, firefox.


Since the forum or web database or w.e was hacked... People really should think twice, especially if they were around when that happened or were victims of that previous old attack that happened. 

[Teddy]

Do those email appear only in our spam box in gmail, or they can be among these emails we get for example when someone send us a message in forum?

Most appear in the normal inbox, depending on your choice of email service. Most who've received it reported it was in their inbox and not in spam.

[SugarD]

Do NOT use the same email you use for everything else with ArgonathRPG.

Make sure you have appropriate anti virus, anti malware software. Don't rely on the free stuff.

Both of these suggestions are actually highly-misleading. Your choice of email service has nothing to do with this situation, and having a separate one wouldn't make you any less vulnerable to phishing attempts from anyone online. Also, not all free anti-malware programs are bad. Some of them are even better than their paid competition.

[Ben.]

Yeah, doesnt make sense when you take it out of context but when combined with the password  comment below it, suddenly it does.
Your email address is one which great for hackers if they want your account...suddenly the use of a salt value originating from your ID becomes pointless.

[SugarD]

Yeah, doesnt make sense when you take it out of context but when combined with the password  comment below it, suddenly it does.
Your email address is one which great for hackers if they want your account...suddenly the use of a salt value originating from your ID becomes pointless.

Not using the same password everywhere is just a general rule. That has absolutely nothing to do with the email address you have chosen. Getting an ID from your forum account isn't going to enable them to get into your email address. The only way they could attack both would be by getting a hold of your forum password, and then, (assuming the password is the same in both places), logging into your email address with said password.

[Teddy]

The password is irrelevant in this case. In order to know who you are the forum stores a cookie with an ID on your computer, this is ID links to a session stored on the server which is all of your data in regards to the forum. This specific attack aims to try and steal that cookie's data and interpret the ID, then mimicking it to try and trick the forums into thinking they're you and to give access to your session thus impersonating you. Unfortunately for them this doesn't work so easily anymore due to security advancements.

[TiMoN]

The password is irrelevant in this case. In order to know who you are the forum stores a cookie with an ID on your computer, this is ID links to a session stored on the server which is all of your data in regards to the forum. This specific attack aims to try and steal that cookie's data and interpret the ID, then mimicking it to try and trick the forums into thinking they're you and to give access to your session thus impersonating you. Unfortunately for them this doesn't work so easily anymore due to security advancements.

Is this method also used to catch ban evaders or am I just over thinking?

[Julio.]

Is this method also used to catch ban evaders or am I just over thinking?

Hm, not really. This is specifically linked to the browser and your session (length determined by your "stay logged in for" time).

[Teddy]

Is this method also used to catch ban evaders or am I just over thinking?

No, if you are banned that is stored in the session, so if you were using the same session token then you'd be presented with the ban message and thus wouldn't be ban evading very well.