Recognizing & Reporting Password Phishing | First Page | Forum

Gaia Forums » GAIA Online » Gaia Blog

Report ad

starzXnight

(?)Community Member

Pokehmawn's Husband

Wheezing Gekko

24,850 Points

Offline

Post: 87541515_1 created on Tue, 20 Aug 2013 05:56:52 +0000
Posted: Tue, 20 Aug 2013 05:56:52 +0000

Hey, everyone :]

Today, I would like to take a moment to explain what password phishing is, how to recognize it, and why it is important to report it. It can be scary when a user by the name of A-D-M-I-N Steve shows up in your inbox claiming that your account will be banned in 10 minutes, so hopefully this post will shed some light on what phishing is and what you can do to report and prevent it.

This blog post will be broken down into three main sections:

What is password Phishing?

Password phishing involves directly asking another member of Gaia for his or her password or attempting to get another member's password by deceptive means such as pretending to be a staff member, linking to fake login pages or sites promising gold or items that seem suspicious (like offering free Angelic Halos), or claiming to have access to a "gold generator".
What are some common forms of password phishing?

Staff Impersonation:

users pretending to be an official member of Gaia staff

Gaia's servers updated, and your account may be deleted.
Various "account issues" that need "verification"
Your account has been reported.
There is some form of "virus"/bug being spread.
Your account is undergoing an investigation.
You have been chosen by the admin to win gold or items!
There are items missing from your account.
I am an admin/moderator/assistant.
I am an admin's daughter/son/sibling/brother... etc.
I am an admin, and I can generate x amount of gold/items for you!

nothing will happen to your account if you do not respond to the user within x amount of time.

Gaia staff members will never ask you for your password.

Admins have orange usernames and will have a title of Admin or Admin Lead under their usernames.
Developers, Artists, and Gaia Staff have brown usernames and will have a title of Developer, Artist, or Gaia Staff under their usernames.
Moderators have green usernames and will have a title of Site Moderator, Global Moderator, or Omni Moderator under their usernames.
Forum Assistants have magenta usernames and will have a title of Forum Assistant under their usernames.
[NPC]s are Non-Playable Characters and have red usernames with a title of NPC written under their usernames

not

ChiefReporter x

OPC x

Reporter x

A-D-M-I-N

AutomaticComputer

System Banner

-NPL- Carl

Join.me Phishing Method:

http://www.join.me

blog

Rare Item "Grants," Fake Login Screens, and Gold Generators:

Phishers often conceal these fake login pages using bbcode, putting a safe URL as the visible text of the URL.

please be sure to check that the URL of any link that you are clicking starts with the URL http://www.gaiaonline.com.

similar

http://www.gaiaonline.com

will not be exact

actual

hover your mouse over any suspicious URL that you may receive.

Please note that any and all links or websites that claim to be able to generate Gaia gold or items are fake; the ultimate admin gold generator is not real!

Phishing Pop-ups:

This is not legitimate.

"Censoring" Passwords in Flash Spaces:

If you type out your password in a flash space, it will not be censored out; your password will be displayed for everyone in the surrounding area to see.

Straight Up Asking for Passwords:

In certain situations, a user may straight up ask you for your account's password without hiding it behind any fake login pages, false warnings, or the like. In these situations, please refrain from responding to the user and report the PM, post, thread, or flash space conversation.

starzXnight

(?)Community Member

Pokehmawn's Husband

Wheezing Gekko

24,850 Points

Offline

Report Post
Post: 87541515_2 created on Tue, 20 Aug 2013 06:33:04 +0000
Posted: Tue, 20 Aug 2013 06:33:04 +0000

FAQ

How do I report the PM, post, thread, profile comment, etc?
xxxxxxx

There is a comprehensive guide on how to report on Gaia located here!

What do I do if I replied to the user with my information?
xxxxxxx

If you replied to the password phisher with your information, try to reset and recover your account's password by using the "Forgot Password" function. Please be sure to reset your password to one that has never been associated with another Gaia account. After you have regained control of your account, please also take the time to make sure that the email associated with your account is secure. At this time, we also ask that you file a hacking report so that the investigation can be officially investigated.
If you are unable to access your account, please file a hacking report from a secondary (mule) account. Please keep in mind that all sections of the hacking report need to be filled out or the report will not submit. After you have successfully filed a hacking report, you will receive a reference number. Please keep this number for your records.

Can I respond to the user with fake information or my mule's information?
xxxxxxx

While we understand that it may be fun to "troll" the phisher by providing fake login information, we ask that you not do so for the safety of your account. Similarly, please do not give the user the password to your mule account to "test it out."

Do I need to file a scam report?
xxxxxxx

If you have been hacked, please file a hacking report. Please keep in mind that scamming does NOT involve the loss of your account or the direct theft of your items or gold.
If you received a phishing PM, post, profile comment, etc, please report the specific PM or post by clicking the "report" button.

Do I need to file a abuse/harassment report?
xxxxxxx

If you have been hacked, please file a hacking report. Abuse/Harassment reports are for repeated instances of abuse that extend beyond a single incident or otherwise extreme situations.
If you received a phishing PM, post, profile comment, etc, please report the specific PM or post by clicking the "report" button.

Why should I report this phishing attempt when I know that it's fake?
xxxxxxx

While it may be obvious to you that the user is a password phisher, there may be other users that think that the messages that they are receiving are legitimate. We ask that you please take the time to report any phishing attempts that you may come across. You could end up greatly helping another user! :]

I'm tired of reporting these users. Why don't you IP ban the phishers?
xxxxxxx

Gaia does not IP ban users because it is extremely easy to change one's IP address. Additionally, if a phisher used a public network to phish (for example, a library) and was IP banned, any user trying to access Gaia from that specific library would be unable to do so. At this time, the cons outweigh the pros for this option.

What color usernames do actual staff members have?
xxxxxxx

Admins have orange usernames and will have a title of Admin or Admin Lead under their usernames.
Developers, Artists, and Gaia Staff have brown usernames and will have a title of Developer, Artist, or Gaia Staff under their usernames.
Moderators have green usernames and will have a title of Site Moderator, Global Moderator, or Omni Moderator under their usernames.
Forum Assistants have magenta usernames and will have a title of Forum Assistant under their usernames.
[NPC]s are Non-Playable Characters and have red usernames with a title of NPC written under their usernames

Is the admin gold generator real?
xxxxxxx

There is no such thing as an "admin gold generator" or anything similar that promises you free items and unlimited gold. If you see any user saying that they have access to one, please report him or her.

Would it be ok if I made a thread warning other users about this phisher?
xxxxxxx

While we appreciate that you are trying to warn other users about a phishing attempt, we ask that you do not go in the forums and try to warn other users by either posting the name of the phisher that tried to phish you or post the message that you received.

The reason that we ask that you do not do so is because the account that you see phishing may belong to another user that happened to fall for the same phishing attempt earlier. The user in question should not be publicly shamed or harassed for something that they have not done. Additionally, most of the people trying to warn others actually end up posting the actual phishing link itself in the thread when they create it, thus helping the phishing link spread around more. If you receive a phishing, please report it and allow us to handle it.

Can I get rewarded for reporting?
xxxxxxx

Unfortunately, there are not any plans to reward reporters at this point. Just know that you may be helping another user by doing so :]

I have received five of these phishing PMs in the last few days! Am I being targeted?
xxxxxxx

Password phishers have a tendency to go to highly populated areas (like Rally, Towns, the forums, etc.) and send phishing attempts to everyone in the general vicinity. If you have been receiving a lot of phishing attempts, it probably means that you visited one of those areas. As always, please report all of these attempts and they will be handled as soon as possible.

I'm tired of receiving these types of messages. Is there anything that I can do to stop it?
xxxxxxx

Yes, there is. If you go to your account preferences, you can set your Private Message settings to either "Friends Only" (to receive PMs only from Gaians on your friends list) or "No" (if you do not want to receive any private messages).

Where does it say that Gaia staff will never ask you for your password?
xxxxxxx

In the Rules & Guidelines, it states the following:

Quote:
1. Never Ask for Passwords, or Give Anyone Else Yours: Gaia staff members will never ask you for your password. Any attempt in asking for other people's password is strictly prohibited.

Can we see some examples of password phishing?
xxxxxxx

Sure thing! We have many examples of different password phishing attempts that users have tried to use in the past. You can see all of them by clicking here.

For additional information on general account and e-mail security, please refer to the following blog.

starzXnight

(?)Community Member

Pokehmawn's Husband

Wheezing Gekko

24,850 Points

Offline

Report Post
Post: 87541515_3 created on Tue, 20 Aug 2013 06:39:16 +0000
Posted: Tue, 20 Aug 2013 06:39:16 +0000

Common Examples of Password Phishing

Staff Impersonation

Staff impersonation refers to instances where a user claims to be a staff member, such as a moderator, admin, or developer. In the case of password phishing, a user will impersonate a staff member in order to obtain a user's personal information. Staff impersonation also extends to situations where users claim to be the mule account, daughter, son, etc of a staff member. Please keep in mind that staff members will never ask you for your password, and that these users trying to get your password are not real members of the Gaia staff.

Fake Admin/Moderator

Attention Gaian,

Our server has been updated, this type of situation usually leads to deleting many files, more specifically deleting Gaiaonline accounts.
Updates happen once a month and we are currently trying to fix this problem, meanwhile we need you to fill this form in to avoid having your account being deleted.

Please fill this form!

Username:

Password(s):

Email:

D.O.B (date of birth): e.g. 13/08/95

Advertisement:
PLEASE REPLY WITHIN 2 HOURS!

OPC lara

Gaia Online Site Moderator

Excessively Large Image and Wall of Text

Attention User,

We are sorry to inform you that your account 'username' has been brought to our attention . Your account has been REPORTED multiple times and needs to be investigated . You will be asked a few questions to verify that this is your account once you send your reference number to the email provided... If you were offline when you received this message, you have been given 10 minutes to reply to this message as of the time you logged in or this report will not be able to pass the maintenance . If you ignore this message your account will be automatically banned.

*Remember* to send an e-mail to the attached email below for further instructions .

gaiareportmod@live.com

Please do not submit PM reports for swearing, attitude, or issues not covered in the Gaia Online ToS . Additionally, please DO NOT submit this form multiple times , abuse this reporting tool , or spam this form with meaningless information. Thank you for your cooperation . Sorry for this disturbance . When you complete the form you will receive additional gold for your effort in making our lives a lot easier and cooperating.

Your reference number is 1029621 Please keep track of this number.

Yours sincerely,

-Gaia Administrator & Help & Support Team-

©REPORT 423.738.435.889.349

Frequently asked questions :

*Why do you need account information in some cases?

- Some cases we are to be provided with account information from users that we feel are not the real owners of the account. Being provided this information, this will grant us permission to investigate and clear any reports against your account.

*What if I don't want to send my information?

- We understand you are concerned for your account privacy. Not providing us with the information would raise another red flag, and our suspicion will grow.

Account will be terminated if you do not want to send in the needed information the administer will eventually need.

*What can Administers use account information for?

-With account information, we are only to view your accounts history.

*How long do investigations last up to?

-Every account is different, but we will never take no longer than 2 hours with each investigation.

Any more questions &/or concerns you may have feel free to email us.

©Copyright serving Gaia since 2003 "Report Scanner". 2013 Gaia Interactive Device, Inc. All Rights Reserved

1828 Bering Drive

San Jose, CA 95112

United States

Founded in 2003

Phone:

888-549-9715

www.gaiainteractive.com

Fake Admin2
Hello Gaian, you have been chosen by the admins to win a May 2012 Advanced chance.

Click here for your Advanced Chance! :

http ://omggogaia.my3gb.com/sof/Chance.html

Fake Admin3
Gaia Report Alert!

© Copyright 2003 - 2010 Gaia Interactive, Inc. All Rights Reserved

Attention user,

We are sorry to inform you that your account has been brought to our attention.Your account has been REPORTED and needs to be investigated for further information. Like any other Gaian Administrator, we don't normally ask for this information but to clear your report we must.You will be asked a few questions to verify that this is your account.Please fill out the information requested .If you were offline when you received this message ,you have been given 10 minutes to reply to this message as of the time you logged in or this report will not be able to pass the maintenance.

IF YOU IGNORE THIS MESSAGE YOU WILL BE BANNED

User:

Pword:

Verify Pword:

Birth Date:

*REMEMBER*TYPE THE INFORMATION ABOVE WITH A SPACE BETWEEN EACH LETTER ex:g n a r u t o<<spaces !

Please do not submit PM reports for swearing, attitude or issues not covered in the Gaia Online ToS. Additionally please DO NOT submit this form multiple times ,abuse this reporting tool, or spam this form with meaningless information. Thank you for your cooperation.Sorry for the disturbance.

-Gaia report:456.764.239.6231

You've Been Reported
Hello User username,

We have received a few notices from other Gaia Online members that you have been either scamming, trolling, or hacking. To ensure that you are not convicted of this, we must briefly check this account to see if you have any of the listed missing item(s) from one or more of the users. Please fill a form down below to help us. Thank you for your cooperation.

_________________________________________________________________

**SEPARATE EACH LETTER WITH A SPACE**

USERNAME:

PA.SSWORD:

EMAIL ADDRESS:

We have given you an hour to return the form below and if you have not replied back with the information needed, this account will be temporarily banned. Thank you for your cooperation username.

Copyright 2003 - 2013 Gaia Interactive, Inc. All Rights Reserved.

Fake Admin Assistant
Hello As You Know I'm The Adim Assistant We Need Your Pass-Word And Username So We Can Locate Something Please Do This Assignment Quickly And Message It Back To Me

Pass-Word :

Username :

Fake Admin Headmaster

Hello

This is admin Head master of Gaia Online. I see you’ve Spoke to my daughter on the items you need and want. Well its your lucky day cause we have them waiting for you right here. We have a computer generator and we need one simple task from you, please fill out this form

Username:

Passwordl:

Signature:

This is for everyone’s safety here on Gaia online in case anything goes wrong we have solid record. Once you have completed this form your items will take 30 seconds to be onto your account. You will see a floating box saying click here Pink Gift box and your items will be sent to you right in your inventory. Thank you for using Gaia 5.6 program. If you have any questions or concerns please let us know now! Thank you for your time

Admin

Supposed Undercover Admin
Hi! the reason i added you is because im a undercover admin and my boss/brother told me to pick ten people to give 500,000 gold to and we did a raffle with usernames and your username came out all you have to do is give me your password age and date of birth and ill download the software into your account and every 3 weeks youll get 500,000 more gold i hope you participate have a nice time in gaia!

Fake -Site Lead Alex

Hello Gaian,

This message was sent to you because their has recently been someone attempting to hack your current account,
(we don't have the authority to say who) but we also don't have enough evidence to completely ban the hackers
account,

To prove your innocence we will give you a step by step guide to reassuring your accounts safety even better:

Step 1: Change your current pass to 'defaultuser123', and tell us once you have changed it immediately.

Step 2: Log into your email and change the pass for that as well, but this time you don't have to tell us what you have
changed it to.

Step 3: Exit your browser then start it again and your account will be logged into our database so that the next time
you get hacked we will be able to return it to you with all your items and gold!

Thank you for your time and carry on enjoying GaiaOnline.

Site Moderator
-Site Lead Alex

Join.me

For this method of phishing, the phisher utilizes a sharing software or screen sharing website, the most common of which is http://www.join.me. The phisher then sends you a PM asking you to check out the link, typically by offering you some form of incentive. When you click on the link, you are directed to a screen-sharing website that has Gaia's login page featured. From there, you are instructed to login. When you log in to your account, you actually end up logging into Gaia using the phisher's computer. At that point, the phisher can save your password and get into your Gaia Online account.

However, that is not to say that every join.me link is a phishing link. Please exercise caution when clicking on such links, and, as always, refrain from logging into any site that does not have the URL http://www.gaiaonline.com.

Join.me Phisher
yo come in my chat

https://join.me/541-403-1623

Another Join.me Phisher
hey, want to learn how to make a ton of gold? i'll show you how if you click this: https://join.me/6411-423-3623

it's just a screen sharing site that allows me to show you how to do it

Yet Another Join.me Phisher
Hey, this is Victoria come chat with us, its similar to the chat membo we had on gaia before and when you get on it click on that green chat icon to talk on heres the invite link > https://join.me/306-798-4162

Rare Item "Grants"

This type of phishing is often used in conjunction with a fake login page, a page where you receive an "item grant" but have been mysteriously logged out of Gaia. Phishers often conceal these fake login pages using bbcode, putting a safe URL as the visible text of the URL. For example, the phisher may send a PM with a link that seems to lead to a legitimate item grant. The link will appear to be the URL of a legitimate item grant link, but instead, sends the member to a fake login screen.

When you go to "log in" on that fake page, the information that you enter is obtained by the phisher, and she or he can use it to log into your Gaia account. To prevent this from happening, please be sure to check that the URL of any link that you are clicking starts with the URL http://www.gaiaonline.com. Fake login pages may have URLs similar to http://www.gaiaonline.com, but will not be exact.

Fake Ambiguous Giveaway
http ://www.gaiagift.x10.mxx/grant.php

Gaia is giving out free items see which 1 you get!

Fake Halo Giveaway
http ://gaiaonlinehalo.xx10.mx/grant.php get your free angelic halo while there still in stock

Misleading URL
gaiaonline.com/lustygrant

Misleading Arena URL
I found something cool in the Gaia Arenas!

Check it out!

http://www.gaiaonline.com/arena/gaia/original-avatar/vote/?entry_id=102774215

FAKE RANDOM DRAWING
U HAVE BEEN PICKED TO GET 50,000 GOLD FREE FROM GETGAIAGOLD.WEBS.COM!!! JUST GO TO THAT WEBSITE AND TYPE IN UR USERNAME AND PASSWORD AND THE AMOUNT U HAVE WON!!!

SEE U SOON

- MARIE,APRIL AND JAMES

Profile Comment Phisher
Hey, don't tell anybody about this is just for you (; >

http ://gaiaonline2013contest.webs.com/

Fake Login Page
http ://gaiaonlinegiveaway.comuv.com/itemrecieve.html

False "Compensation"
user
False "Compensation"
www.gaiaonline.com/53450349

wats that?

the compensation for the gaia mobile app being down.

Flash Space Phisher
Phisher: it not download
Phisher: http ://freegaiagoldandgaiacash.weebly.com/
Phisher: http ://freegaiagoldandgaiacash.weebly.com/
Phisher: im haveing 1,000,000 come in

"Gold Generators"

For most item and gold generators, the page that you are led to gives you an option to choose from various Gaia items or an amount of Gaia Gold. Once you select what items or gold amount you want to receive, you are prompted to enter your Gaia username and password "in order for you to receive the items and gold". Please note that any and all links or websites that claim to be able to generate Gaia gold or items are fake; the ultimate admin gold generator is not real! Any users that claim to be able to do so should be reported.

Fake Gold Generator
user
Fake Gold Generator
Need help getting the items on your wishlist?

sure. that's a nice thing to do

Do you believe in gaia gold generator?

Fake Item Generator via Friend Request
You just received a pipin' hot request for friendship from GAlA Hatin.

Says GAlA Hatin: "Free item generator!

download link: http ://www.mediafire.com/?nhproikip2mz9fk"

To respond to GAlA Hatin's heartfelt request for friendship, click here.

Password phishing/gold generator combo
Did you know that you could make ONE BILLION gold right now?
I have this gold generator that can win you 1 billion gold and I would like to be nice enough to give you the chance to enter your username in this generator and you would instantly win 1 Billion gaia gold.

Just fill out this form and I will put it into the generator and you will win your gold:

Username:
Pass:
E-Mail (Optional):

Thank you! And let's hope you do it soon before the offer ends.

P.S.: If you get something that says "pass phishing", it is because gaia doesn't want you know about this trick (it doesn't get you banned don't worry)

Pop-ups

Password phishing pop ups often appear in the form of a dialogue box, or pop-up, that appears in your browser. In most pop-up phishing attempts, you are requested to retype your username and and password because "your recent session has expired" or "a session error has occurred." This is not legitimate.

Should you encounter one of these, simply click the "x" in the upper right hand corner of the dialogue box or click "cancel" to close it. Afterward, please report the post or thread where it appeared.

Censoring Passwords in Flash Spaces

Sometimes when a phisher is in a flash space, he or she will claim that your password will show up as a series of asterisks when typed out (i.e. *********). This is not true. If you type out your password in a flash space, it will not be censored out; your password will be displayed for everyone in the surrounding area to see. If you see a user claiming otherwise, please report him or her.

Quote:
Towns Phisher: hello?
Towns Phisher: Hey Did You Know If You Say Your Password It Wont Show Because Gaia Blocked It Try It.

Quote:
Towns Phisher: if you say your pa**word it wont show ****** see try it
Towns Phisher: say it

Quote:
Towns Phisher #2: hey duh rylazn
Towns Phisher #2: Say Your Pa**word Gaia Covers It Now So No 1 Can Scam You Its A New Install Try it?
Towns Phisher #2: ok see ya
Towns Phisher #2: >>
Towns Phisher #2: Say Your Pa**word Gaia Covers It Now So No 1 Can Scam You Its A New Install ******* See Try it?
Towns Phisher #2: try it >>?

Quote:
zOMG! Phisher: did you know if you say your pa**word it doesnt show ******* cool huh try it?

Straight up asking for passwords

In certain situations, a user may straight up ask you for your account's password without hiding it behind any fake login pages, false warnings, or the like. In these situations, please refrain from responding to the user, but report the PM, post, thread, etc.

Quote:
Towns Phisher #3: send me yor pw

Quote:
Towns Phisher #4: >>
Towns Phisher #4: u wanna be rich?
Towns Phisher #4: gimme yur pass
Towns Phisher #4: gimme yur pass and i make u rich

Quote:
Towns Phisher #5: pm
Towns Phisher #5: me
Towns Phisher #5: ur
Towns Phisher #5: pw
Towns Phisher #5: Ye
Towns Phisher #5: ill
Towns Phisher #5: don8
Towns Phisher #5: 253255353252365m'
Towns Phisher #5: PM
Towns Phisher #5: ME
Towns Phisher #5: UR
Towns Phisher #5: PW
Towns Phisher #5: biggrin
Towns Phisher #5: then
Towns Phisher #5: bam
Towns Phisher #5: ur
Towns Phisher #5: rich
Towns Phisher #5: ill
Towns Phisher #5: buy
Towns Phisher #5: it
Towns Phisher #5: for
Towns Phisher #5: u

**All of these examples were taken from legitimate phishing reports!

Report This Topic | unblock images

Gaia Forums » GAIA Online » Gaia Blog

Welcome to Gaia! ::

Quick Reply

More Information