Second Life Forums Archive - Anyone else get an email like this?

Zaphod Kotobide

zOMGWTFPME!

Join date: 19 Oct 2006

Posts: 2,087

06-28-2007 09:23

Sure, it's possible, technically. The likelihood is isn't very high. The other side of this is how many people actually check for a valid SSL certificate before submitting information. Anyway, toodles!

From: Anya Ristow

Again, don't count on it not happening again. There may be an unpatched exploit right now.

_____________________

From: Albert Einstein

Problems cannot be solved at the same level of awareness that created them.

Matthew Dowd

Registered User

Join date: 30 Jan 2007

Posts: 1,046

06-28-2007 10:29

Well, if you're willing to bet your credit card details on this or a similar exploit not occurring in IE or even firefox, that is your choice. However, the responsible advice is to treat any e-mails about account or billing information which have suspicious URLs or e-mail addresses with extreme caution and not to respond to them without confirming directly with whom they report to be.

Any other advice is irresponsible and only encourages the professional phisher.

Matthew

Oryx Tempel

Registered User

Join date: 8 Nov 2006

Posts: 7,663

06-28-2007 11:04

OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it.

_____________________

Matthew Dowd

Registered User

Join date: 30 Jan 2007

Posts: 1,046

06-28-2007 11:31

From: Oryx Tempel

OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it.

The big deal is:

a) LL's current policy of using a third party for e-mailing out billing/account change requests results in an e-mail will all the classic hallmarks of a phishing attempt which will consistently result in unnecessary forum noise and support calls whilst they continue to do it

b) LL's previous attempt to deal with this overhead by blogging that they were using a third party for account/billing related e-mails and that people should respond to such third party requests, is an open call for phishers to target Secondlife and flies in the face of all internet security advisories

Any responsible internet company ensures that any account/billing related e-mails originate from their own IP domains and addresses and do not contain any URLs. LL needs to take online consumer safety seriously and should do likewise.

Matthew

Ava Glasgow

Hippie surfer chick

Join date: 27 Jan 2007

Posts: 2,172

06-28-2007 11:41

From: Oryx Tempel

OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it.

I'm with Oryx on this one. There was no need for mass panic due to this email.

From: AWM Mars

I got the same email... it looked quite good, until I read this line
'After 30 days your account will go defunct and you will lose any inventory, land and
L$ associated with the account.'

'DEFUNCT'???? not a word I have seen used by any information supplied by LL and is potentialy a 'regional' word not associated to their neck of the woods lol...

Screwed.. Borked... f**ked and more yes.. but not Defunct lol.. gimme a break.

It is not slang, or "de-funked", it is a real word meaning dead or no longer working. The definition from the Oxford English Dictionary:
A. adj. Having ceased to live; deceased, dead.
b. fig. No longer in existence; having ceased its functions; dead, extinct.

I live in the San Francisco area near LL, and can assure you this is a commonly used word here.

Brenda Connolly

Un United Avatar

Join date: 10 Jan 2007

Posts: 25,000

06-28-2007 11:50

From: Ava Glasgow

I'm with Oryx on this one. There was no need for mass panic due to this email.

It is not slang, or "de-funked", it is a real word meaning dead or no longer working. The definition from the Oxford English Dictionary:
A. adj. Having ceased to live; deceased, dead.
b. fig. No longer in existence; having ceased its functions; dead, extinct.

I live in the San Francisco area near LL, and can assure you this is a commonly used word here.

It shouldn't have caused panic but it did. Again, another business practice that may have been better thought out before implementing. And defunct is a word still in fairly common use, but it seemed awkward in this context. They must have let Danny write that message.

_____________________

Don't you ever try to look behind my eyes. You don't want to know what they have seen.

http://brenda-connolly.blogspot.com

Ava Glasgow

Hippie surfer chick

Join date: 27 Jan 2007

Posts: 2,172

06-28-2007 12:11

From: Brenda Connolly

It shouldn't have caused panic but it did. Again, another business practice that may have been better thought out before implementing.

Yeah, you're right. (I'm such a pushover!)

Much like the "change your password" email, their strange approach dealing with issues like this results in panic that could easily be avoided by notifying us with a blog post.

From: someone

And defunct is a word still in fairly common use, but it seemed awkward in this context. They must have let Danny write that message.

Perhaps they should have said an unpaid account will be "pining for the fjords".

Sensual Casanova

Spoiled Brat

Join date: 28 Feb 2004

Posts: 4,807

06-28-2007 12:14

It's not a scam, Linden Lab posted about it, I don't remember if it was in the blog or one of those Messages of the Day, but it said something like, please make sure you billing info is up to date, if not you will receive an email asking you to update it

_____________________

Sensual Designs & Animations
Sensual Productions

Teleport to Sensual Designs & Animations

Matthew Dowd

Registered User

Join date: 30 Jan 2007

Posts: 1,046

06-28-2007 12:35

From: Sensual Casanova

It's not a scam, Linden Lab posted about it, I don't remember if it was in the blog or one of those Messages of the Day, but it said something like, please make sure you billing info is up to date, if not you will receive an email asking you to update it

Excellent - a blog post saying "expect an e-mail from a third party asking you to update your account" on the blog posts would be a gift to potential phishers!

Matthew

Ava Glasgow

Hippie surfer chick

Join date: 27 Jan 2007

Posts: 2,172

06-28-2007 12:52

From: Matthew Dowd

Excellent - a blog post saying "expect an e-mail from a third party asking you to update your account" on the blog posts would be a gift to potential phishers!

Not if they specified WHICH third party we should expect to receive the message from.

Brenda Connolly

Un United Avatar

Join date: 10 Jan 2007

Posts: 25,000

06-28-2007 13:02

From: Ava Glasgow

Yeah, you're right. (I'm such a pushover!)

Much like the "change your password" email, their strange approach dealing with issues like this results in panic that could easily be avoided by notifying us with a blog post.

Perhaps they should have said an unpaid account will be "pining for the fjords".

Here we usually say "Sleeps with the fishes".

_____________________

Don't you ever try to look behind my eyes. You don't want to know what they have seen.

http://brenda-connolly.blogspot.com

Ava Glasgow

Hippie surfer chick

Join date: 27 Jan 2007

Posts: 2,172

06-28-2007 13:15

From: Brenda Connolly

Here we usually say "Sleeps with the fishes".

Now THAT is a weird fetish!

Matthew Dowd

Registered User

Join date: 30 Jan 2007

Posts: 1,046

06-28-2007 17:21

From: Ava Glasgow

Not if they specified WHICH third party we should expect to receive the message from.

No - because the phishing pros work on social engineering.

After such a blog post, even if it states which third party, you end up with the entire SL community expecting an e-mail related to their account which isn't from LL.

Of those, a few on receiving an e-mail from anywhere will just assume it is the real one, without checking whether it is the third party mentioned in the blog.

A few will notice it is a different third party but if the e-mail looks convincing enough will assume that LL is using a different third party as well as the one in the blog but haven't got around to blogging about it.

Even if the above only catches a few people out, it is worth it to the phishers.

That is why, ALL the recommended practice is to IGNORE any e-mail relating to account or billings which come from a different e-mail domain or include URLs with different domains to that of the company the e-mail purports to come.

Any instructions to ignore that recommendation is highly irresponsible.

Matthew

Anyone else get an email like this?
Zaphod Kotobide zOMGWTFPME! Join date: 19 Oct 2006 Posts: 2,087	06-28-2007 09:23 Sure, it's possible, technically. The likelihood is isn't very high. The other side of this is how many people actually check for a valid SSL certificate before submitting information. Anyway, toodles! From: Anya Ristow Again, don't count on it not happening again. There may be an unpatched exploit right now. _____________________ From: Albert Einstein Problems cannot be solved at the same level of awareness that created them.
Matthew Dowd Registered User Join date: 30 Jan 2007 Posts: 1,046	06-28-2007 10:29 Well, if you're willing to bet your credit card details on this or a similar exploit not occurring in IE or even firefox, that is your choice. However, the responsible advice is to treat any e-mails about account or billing information which have suspicious URLs or e-mail addresses with extreme caution and not to respond to them without confirming directly with whom they report to be. Any other advice is irresponsible and only encourages the professional phisher. Matthew
Oryx Tempel Registered User Join date: 8 Nov 2006 Posts: 7,663	06-28-2007 11:04 OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it. _____________________
Matthew Dowd Registered User Join date: 30 Jan 2007 Posts: 1,046	06-28-2007 11:31 From: Oryx Tempel OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it. The big deal is: a) LL's current policy of using a third party for e-mailing out billing/account change requests results in an e-mail will all the classic hallmarks of a phishing attempt which will consistently result in unnecessary forum noise and support calls whilst they continue to do it b) LL's previous attempt to deal with this overhead by blogging that they were using a third party for account/billing related e-mails and that people should respond to such third party requests, is an open call for phishers to target Secondlife and flies in the face of all internet security advisories Any responsible internet company ensures that any account/billing related e-mails originate from their own IP domains and addresses and do not contain any URLs. LL needs to take online consumer safety seriously and should do likewise. Matthew
Ava Glasgow Hippie surfer chick Join date: 27 Jan 2007 Posts: 2,172	06-28-2007 11:41 From: Oryx Tempel OMG what's the big deal? Just go to the OFFICIAL SL website, confirm your info, and be done with it. I'm with Oryx on this one. There was no need for mass panic due to this email. From: AWM Mars I got the same email... it looked quite good, until I read this line 'After 30 days your account will go defunct and you will lose any inventory, land and L$ associated with the account.' 'DEFUNCT'???? not a word I have seen used by any information supplied by LL and is potentialy a 'regional' word not associated to their neck of the woods lol... Screwed.. Borked... f**ked and more yes.. but not Defunct lol.. gimme a break. It is not slang, or "de-funked", it is a real word meaning dead or no longer working. The definition from the Oxford English Dictionary: A. adj. Having ceased to live; deceased, dead. b. fig. No longer in existence; having ceased its functions; dead, extinct. I live in the San Francisco area near LL, and can assure you this is a commonly used word here.
Brenda Connolly Un United Avatar Join date: 10 Jan 2007 Posts: 25,000	06-28-2007 11:50 From: Ava Glasgow I'm with Oryx on this one. There was no need for mass panic due to this email. It is not slang, or "de-funked", it is a real word meaning dead or no longer working. The definition from the Oxford English Dictionary: A. adj. Having ceased to live; deceased, dead. b. fig. No longer in existence; having ceased its functions; dead, extinct. I live in the San Francisco area near LL, and can assure you this is a commonly used word here. It shouldn't have caused panic but it did. Again, another business practice that may have been better thought out before implementing. And defunct is a word still in fairly common use, but it seemed awkward in this context. They must have let Danny write that message. _____________________ Don't you ever try to look behind my eyes. You don't want to know what they have seen. http://brenda-connolly.blogspot.com
Ava Glasgow Hippie surfer chick Join date: 27 Jan 2007 Posts: 2,172	06-28-2007 12:11 From: Brenda Connolly It shouldn't have caused panic but it did. Again, another business practice that may have been better thought out before implementing. Yeah, you're right. (I'm such a pushover!) Much like the "change your password" email, their strange approach dealing with issues like this results in panic that could easily be avoided by notifying us with a blog post. From: someone And defunct is a word still in fairly common use, but it seemed awkward in this context. They must have let Danny write that message. Perhaps they should have said an unpaid account will be "pining for the fjords".
Sensual Casanova Spoiled Brat Join date: 28 Feb 2004 Posts: 4,807	06-28-2007 12:14 It's not a scam, Linden Lab posted about it, I don't remember if it was in the blog or one of those Messages of the Day, but it said something like, please make sure you billing info is up to date, if not you will receive an email asking you to update it _____________________ Sensual Designs & Animations Sensual Productions Teleport to Sensual Designs & Animations
Matthew Dowd Registered User Join date: 30 Jan 2007 Posts: 1,046	06-28-2007 12:35 From: Sensual Casanova It's not a scam, Linden Lab posted about it, I don't remember if it was in the blog or one of those Messages of the Day, but it said something like, please make sure you billing info is up to date, if not you will receive an email asking you to update it Excellent - a blog post saying "expect an e-mail from a third party asking you to update your account" on the blog posts would be a gift to potential phishers! Matthew
Ava Glasgow Hippie surfer chick Join date: 27 Jan 2007 Posts: 2,172	06-28-2007 12:52 From: Matthew Dowd Excellent - a blog post saying "expect an e-mail from a third party asking you to update your account" on the blog posts would be a gift to potential phishers! Not if they specified WHICH third party we should expect to receive the message from.
Brenda Connolly Un United Avatar Join date: 10 Jan 2007 Posts: 25,000	06-28-2007 13:02 From: Ava Glasgow Yeah, you're right. (I'm such a pushover!) Much like the "change your password" email, their strange approach dealing with issues like this results in panic that could easily be avoided by notifying us with a blog post. Perhaps they should have said an unpaid account will be "pining for the fjords". Here we usually say "Sleeps with the fishes". _____________________ Don't you ever try to look behind my eyes. You don't want to know what they have seen. http://brenda-connolly.blogspot.com
Ava Glasgow Hippie surfer chick Join date: 27 Jan 2007 Posts: 2,172	06-28-2007 13:15 From: Brenda Connolly Here we usually say "Sleeps with the fishes". Now THAT is a weird fetish!
Matthew Dowd Registered User Join date: 30 Jan 2007 Posts: 1,046	06-28-2007 17:21 From: Ava Glasgow Not if they specified WHICH third party we should expect to receive the message from. No - because the phishing pros work on social engineering. After such a blog post, even if it states which third party, you end up with the entire SL community expecting an e-mail related to their account which isn't from LL. Of those, a few on receiving an e-mail from anywhere will just assume it is the real one, without checking whether it is the third party mentioned in the blog. A few will notice it is a different third party but if the e-mail looks convincing enough will assume that LL is using a different third party as well as the one in the blog but haven't got around to blogging about it. Even if the above only catches a few people out, it is worth it to the phishers. That is why, ALL the recommended practice is to IGNORE any e-mail relating to account or billings which come from a different e-mail domain or include URLs with different domains to that of the company the e-mail purports to come. Any instructions to ignore that recommendation is highly irresponsible. Matthew

Welcome to the Second Life Forums Archive

Anyone else get an email like this?