forum

Email phishing alert

posted
Total Posts
50
Topic Starter
peppy
This map has been deleted on the request of its creator. It is no longer available.
Soaprman
brb phishing myself an army of osu! accounts to star my beatmaps and tell me how cool i am
LunaStrike
this is very old trick to fool people, its really useless but thanks for posting this to keep us aware
Gens
Osu!
Enough to tell it's a fake. Not to mention the @live email adress.
0_o
I like how they are sending an email that asks people to provide their email.
Pokebis
Wow, I'm surprised someone is doing that here. Keep in mind many people use similar passwords around various places and the phisher's could break into other accounts these people may have and steal money or do other malicious things.
Yingwu
Oh lol, Ive gotten an email from peppy when i became supporting member and the way that email is typed is so NOT peppy so it wouldn't even trick me and also i know that peppy.osu@live.com is not the email address peppy uses to inform members.
pokefreak94

0_o wrote:

I like how they are sending an email that asks people to provide their email.
i didnt notice this until you pointed it out...at which point i wet myself with laughter :)

seriously..they wont get much out of hacking our accounts..except if it is a subscribers account, cuz then they're taking it too far
EEeee
wow, thx peppy for info, ^^
nintendoto
In order to continue using account you must validate your account by
replying to this message.
New users will probably fall for this. :o
Chaos Anime X
This map has been deleted on the request of its creator. It is no longer available.
Esupanitix
They got loginer... Poor loginer... DX They turned his account's personality into a psycho's!
Ph0X
Wasn't even pro enough to spoof the e-mail.
Also, you'd think people would have enough common sense to not fall for these, but sadly many fall for them.
We were grown in a world of spam and scam, and we're used to these, but not everyone is.

He might be reading this forum, but one funny thing you could of done is making an account and sending him the info. Then you could check the next day the ips that connected to it. Oh well, it's still pretty useless to scam osu!accounts
Spudman
I guess if it can happen here of all places, it could happen anywhere.

Though there is nothing of value one can gain from doing this, so it seems like a very large waste of time to do it in the first place.
Topic Starter
peppy

Ph0X wrote:

He might be reading this forum, but one funny thing you could of done is making an account and sending him the info. Then you could check the next day the ips that connected to it. Oh well, it's still pretty useless to scam osu!accounts
Of course I already did my research, but the he is a chinese connecting from his 65,536 already hacked and accessible IP addresses/proxies.
Esupanitix
Luckily he hasn't emailed me. He obviously knows I'm one of the biggest losers on here.
Pokebis

peppy wrote:

Of course I already did my research, but the he is a chinese connecting from his 65,536 already hacked and accessible IP addresses/proxies.
Wow.
PandaCath
Is this maybe somewhat related to the fact that my antivirus just detected an Infostealer.Bancos virus while I was browsing osu! o_o
Joe_Young
thanks for his address though. it might not help much, but I'm sure I can submit it to some known spamming sites...
awp

0_o wrote:

I like how they are sending an email that asks people to provide their email.
Due to the fact that some people have multiple email addresses, but only register their account with one of them.
jockeytiyan

peppy wrote:

Best regards,
"Osu Account Managing Team"
Actually, by this part of the message, it should've been obvious that this guy is a dumb scammer. Peppy's messages never has this to mark the end of his messages.
Randy96
Nor is osu! ever capitalized.
Lilac
^Dead giveaway^

And something peppy really sticks too.
YGOkid8
this scam had the potential to be so much worse, but thankfully, it isn't.
Aoitenshi
From: peppy.osu@live.com
To:
Subject: Hello There!
Date: Wed, 24 Feb 2010 14:04:24 +0000

Dear Osu! User

In order to continue using account you must validate your account by
replying to this message
You must include your account information in this format:

Username: (your osu username)
E-Mail: (the email you registered your account to)
Password: (the password you used to log in to your osu account)

Our database will be formatted soon, due to some damage caused by some users. We will need to record our active users and add them to our database once again.

You must validate your account within 30 days or else your account will get disabled. Thank you for your co-operation


Best regards, "Osu Account Managing Team"
The bolded letters/words is something that peppy will ALWAYS not do. Reason:
SPOILER
@live = Where is this server?
Hello There! = The name is not related to topic at all.
Date: Wed, 24 Feb 2010 14:04:24 +0000 = He's crazy to include this, peppy's not a guy that is perfectionist.
r = It is not formal. =3
Our = peppy's only one guy, not thousand of guy. =D
30 days = Exact? =D
get disabled = Why disabled? Shouldn't it got deleted?
Best regards, "Osu Account Managing Team" = peppy never used 'Best regards'

Sure this is a low level scam, not looking at grammar.
YGOkid8
also, peppy would never spell osu! "Osu!", not to mention there isn't a Osu Account Managing Team. <-- There's no team for managing accounts, it's just peppy
flan
lets reply to waste the F£%@?S time
Loginer

Aoitenshi wrote:

@live = Where is this server?
That'd be a Windows Live address.
YGOkid8

Loginer wrote:

Aoitenshi wrote:

@live = Where is this server?
That'd be a Windows Live address.
I think that was meant to be a rhetorical question... otz
bagnz0r
Polish version here: viewtopic.php?f=26&t=25261
nardii
As expected from peppy, the name of the game is even designed for security. Heh.
Yingwu

nardi11011 wrote:

As expected from peppy, the name of the game is even designed for security. Heh.
Exactly and he is smart to do so, only people that know peppy and have been talking to him knows what he does so that's a nice security that he doesn't even have to pay for or update daily :3

peppy is a smart guy.
penaxo
thx peppy ^^; :)
Esupanitix
▬_▬ that Phisher is such an ASSHOLE. He tried to get me. What were my chances of that?
An64fan
This is why you should always follow the one almighty rule of being on the internet:
NEVER give your account login details to ANYONE. Administrators really don't need it and anyone who does shouldn't have those details anyways, because it's meant to keep them out.

I don't even know if I've gotten this email yet, as I haven't checked my email for at least a few days. Hehe~ :P
Pokebis

WeegeevsWeegee wrote:

▬_▬ that Phisher is such an ASSHOLE. He tried to get me. What were my chances of that?
Pretty damn high.
Esupanitix
Why, because he accidentally aimed for me when he was aiming for epic troll?
Sonnyc
Sir Minelli
damnit, they found out about it!

/runs


Also, lame.. and, why? Its not a world of warcraft account in which you could steal the gold or something.

*whistles*
orioncomet
commandhat
Guys, you shouldn't talk about the errors here. He'll correct those errors, then what do you have?

Also:
http://www.419eater.com

If you want to waste the moron's time, at least give that site's tips a read. They've been made though years and years (I'm not kidding) of experience. :twisted:
YGOkid8
@commandhat

what you just said has nothing to do with the topic. Were we even talking about errors?
arien666
So...

We have to be careful about our own accounts orz
Anyway,

Just say 'Fxxx Yxx and Eat #######' on that adress who made fake address :3
whymeman
Even with all of the account protection, we're still responsible for our own accounts. It's bad enough to share an account with your friends or with those that needs to pass a song from some other person's skills. It's usually a case of common sense to avoid being hacked just like how it's common sense to NOT send chainletters to your whole friendlist.
mekadon_old
Basically just use common sense. Would you EVEN think that peppy or admins will send you via e-mail and ask your password?
That is plain stupid. osu! must have a database of their users;so that they can update them everytime if there is a change.
Yeah, I'm not good at Internet, but at least I know what not to do.
btw, I even saw a phishing site nearly few months ago with wierd URLs.
I can't remember though, since I deleted my hitory
Arusha Shuna
Osu Account Managing Team
Who? I thought just Peppy who manages the accounts.
Hello There!
shut up beech
Date: Wed, 24 Feb 2010 14:04:24 +0000
what's +0000 mean?

i thought this will never happen because what's the benefit of stealing other people's account anyways?
there are no gold or money or rare stuff to be found in osu! :|

osu! direct? oh come on :? that's all? if you want that shiny osu! direct just be an osu! supporter
's not like becoming osu! supporter needs hundreds of dollars you know _ _;

giving free star to your own beatmap? bah waste of time, just ask some people to mod they'll most likely to give you star
0_o

Everyone wrote:

What's the point?

Pokebis wrote:

Wow, I'm surprised someone is doing that here. Keep in mind many people use similar passwords around various places and the phisher's could break into other accounts these people may have and steal money or do other malicious things.
As would be the case with me :S
Arusha Shuna

0_o wrote:

Everyone wrote:

What's the point?

Pokebis wrote:

Wow, I'm surprised someone is doing that here. Keep in mind many people use similar passwords around various places and the phisher's could break into other accounts these people may have and steal money or do other malicious things.
As would be the case with me :S
oh wow >_>
i never thought that far
RemmyX25
Sometimes hackers just want to cause general grief among players.
awp
Phishing is one of the easiest "hacking attempts" to not be subject to, since you can expose yourself to it and walk away unharmed if you exercise just a shred of common sense and think for a few seconds. In this example, "peppy" wanted to know who was still active. Assuming he wanted several thousand people to email him telling him they were still active, all he would need was an account name. Registered email and password are not required to know who is active and who isn't. If you just take five seconds to think about it, I'm sure you'll come up with more reasons.
Please sign in to reply.

New reply