NCSoft Emails, real or fake?

[JinGhoul]

Is this real? It's in my Junk messages though. 

 

http://imgur.com/a/6hhCq
 

[DeadlyCode]

Fake

[Leyren]

The real address would be no-reply@ncsoft.com

The link to the login page seems correct though, but clicking on it would probably lead to another page (you could check this by right-clicking and then "Copy Link-Adress" and pasting it somewhere.

That's some good phishing over there.

[JinGhoul]

[moderator edit]

** WARNING : DONT CLICK **

 

GG phising site?

I clicked it, asked to log in and so i did and it asked to enter pin. I put the wrong pin in and it logged me in.

[Leyren]

6 hours ago, JinGhoul said:

 

[moderator edit]

** WARNING : DONT CLICK **

GG phising site?

I clicked it, asked to log in and so i did and it asked to enter pin. I put the wrong pin in and it logged me in.

You see that this was the wrong login page, why did you even login? I suggest to immediately change your password.

[JinGhoul]

4 minutes ago, Leyren said:

You see that this was the wrong login page, why did you even login? I suggest to immediately change your password.

IDK D: 

LOL i stopped playing bns moonths ago anyways but the email caught my attention. I provided the wrong pin anyways. Did a pass change and thorough scan just in case though!

[Aurinya]

Greetings,

This is indeed a phishing scam. Please do NOT click any links in this mail and do NOT provide your login information. We recommend that you also read our sticky thread Beware of Phishing Scams for more information on the matter.

Please do not spread any phishing scam links, which means not to share them on these forums. I have removed the link above in order to avoid other users from accidentally falling for the scam and having their accounts compromised.  The best way to help us fight these phishing attempts is by reporting them directly to our Customer Support by submitting a ticket. Thank you!

 

 

[Twinmage]

18 hours ago, JinGhoul said:

Is this real? It's in my Junk messages though. 

 

http://imgur.com/a/6hhCq
 

ppl still try

 

[studioMagicalFox]

@JinGhoul Even if you gave that site the wrong information, browsing to it was a dangerous thing to do. I suggest in addition to the scan you said you did that you also delete all cookies from your web browser. Also, if I were you I would flush the dns cache as well. You can do this by bringing up the Command Prompt as administrator then execute the following command: ipconfig /flushdns.

[sexydadee]

how were they even able to get the ncsoft.com domain?

[studioMagicalFox]

5 minutes ago, sexydadee said:

how were they even able to get the ncsoft.com domain?

Very likely they do not have that domain but rather what the link says and where it goes are not the same place. Could be dns cache poisoning, which is why he should flush his cache to be sure or it could be as simple as the label for the link and the link itself are mismatched.

[Youmukon]

21 minutes ago, sexydadee said:

how were they even able to get the ncsoft.com domain?

They don't have the domain. The sender field of an email can just be spoofed by anyone, it doesn't require any knowledge nor advanced tools. As for the link, you could do the very same on forums as well or any webpage.

 

Anyone can write a link which looks like this http://whitehouse.gov/  but actually directs to another site (I used ncsoft.com here as an example).

 

I'm closing this thread since we already have another one dedicated to Phishing Scams.