This ESO Email Is It a Phishing Attack?

Maintenance for the week of December 23:
• NA megaservers for maintenance – December 23, 4:00AM EST (9:00 UTC) - 9:00AM EST (14:00 UTC)
• EU megaservers for maintenance – December 23, 9:00 UTC (4:00AM EST) - 14:00 UTC (9:00AM EST)
doright
doright
✭✭✭
No, it is not phishing. Just very poor practice on ESO's part.
I had immediately pressed the spam button on an out of the ordinary email this morning that said my ESO Plus membership has expired. Well ya, I shackled my crafting bag effective at the beginning of last month. Weird they would send this now. The thing that got me to reflexively press the spam button was hovering on the link in "Please click this link to set up a new membership..." resolved the address as u29826878.ct.sendgrid.net/ls/click?upn=*** ton of tracking info
Why would anyone click on a link to the account management page that doesn't take you directly to account.elderscrollsonline.com. That is just stupid. After thinking about it I went back and look at the email I received immediately after cancelling plus and it used the same sendgrid.net domain. So today's email maybe, possibly wasn't phishing.
Please ESO update your email practices not to mimic phishing attacks mimicking actual ESO emails. At the very least it may keep your messages from being marked and automatically deposited directly into our spam folders. Or getting reported as phishing and your emails never even being routed to the end user account at all.
  • Sleepsin
    Sleepsin
    ✭✭✭✭
    I also got an automated e-mail today for an ESO+ payment, that was paid 10 days ago. I think something cliched in their system. I did checked to make sure I wasn't double billed (I wasn't).
  • fizzylu
    fizzylu
    ✭✭✭✭✭
    Same, I got one today even though I canceled my sub last week or something and it shouldn't have renewed until tomorrow even if I didn't. Checked my bank account and there's no charge so something definitely just went wrong on their side, unsurprisingly.

    Edited by fizzylu on December 2, 2024 6:32PM
  • SilverBride
    SilverBride
    ✭✭✭✭✭
    ✭✭✭✭✭
    I got an automated email today saying my subscription renewed, but it is actually due to renew tomorrow. (I looked closer and even though it says it renewed today the payment is dated for tomorrow.)

    I've only been getting these emails for a few months and not sure why they are coming now, but I'd turn them off if I could figure out how.
    Edited by SilverBride on December 2, 2024 8:04PM
    PCNA
  • Tallon_IV
    Tallon_IV
    ✭✭✭
    I also received an email today saying my subscription renewed when it's not due for another two weeks.
  • freespirit
    freespirit
    ✭✭✭✭✭
    ✭✭✭
    Me too when mine renewed last week.....

    Need to check if I've been billed again!
    When people say to me........
    "You're going to regret that in the morning"
    I sleep until midday cos I'm a problem solver!
  • MrGarlic
    MrGarlic
    ✭✭✭✭✭
    Wow, yeah, there's no way I would have clicked on that link either.

    Discretion is safer than being hacked or phished.
    'Sharp Arrows'Mr.Garlic
    Spoiler
    Hidden by darkness, a shadow in the night,A sped arrow dissecting the gloom,Finding it's target, such delight.
  • RexyCat
    RexyCat
    ✭✭✭✭
    Not sure what have happened, but on the 2nd Dec I have got email confirmation that should have been sent in November for November renewal of ESO+ on two accounts. So for two account I have now got 4 email at once with different order number which is confusing at first, but it seem to be correctly paid for November and now for December.

    On account is normally paid around the 25/26th and the other in the start of month like 30th or 1th., so I am a bit surprised to get also the one that is paid around 25th on same date as the other now on the 2nd.

    Something must have gone wrong with ESO+ account and billing system.

    @ZOS_Kevin

    Can you explain what have happened with ESO+ now sending out email that should have been sent out earlier and instead are bathing up into 4 messages yesterday at the 2nd Dec?
  • Juomuuri
    Juomuuri
    ✭✭✭✭
    I also got an email about ESO+ renewal on the 2nd, and mine should renew at the 20th...
    PC-EU (Steam) - Roleplayer, Quester, Crafter, Furnisher, Dungeoneer - Fashion Scrolls - CP 2100+
    I tank on each class, my favorite is tanksorc!
  • SilverBride
    SilverBride
    ✭✭✭✭✭
    ✭✭✭✭✭
    One thing to note is that the subscription doesn't renew monthly, but rather every 30 days. Since some months have 31 days and February has 28 (29 on leap year) it won't always fall on the same date each month.

    I have mine set as a 30 day recurring event on my online calendar so I know exactly when it's due.
    PCNA
  • davidtk
    davidtk
    ✭✭✭✭✭
    One thing to note is that the subscription doesn't renew monthly, but rather every 30 days. Since some months have 31 days and February has 28 (29 on leap year) it won't always fall on the same date each month.

    I have mine set as a 30 day recurring event on my online calendar so I know exactly when it's due.

    TBH I never fully understood ESO renew system. I switching sometime between that two:
    ESO account reccuring is 30 days and sometimes it just not go through and payment.
    Steam reccuring is 1 month and I have it set for the 16th and Steam is always trying to renew it ONE day earlier.
    So I need to change date but I don't want to wait almost wholer month without ESO+
    Edited by davidtk on December 3, 2024 4:16PM
    Really sorry for my english
  • SilverBride
    SilverBride
    ✭✭✭✭✭
    ✭✭✭✭✭
    I just got another email again today. I checked my bank to make sure I wasn't charged twice, but there was only one charge.
    Edited by SilverBride on December 4, 2024 4:52AM
    PCNA
  • SeaGtGruff
    SeaGtGruff
    ✭✭✭✭✭
    ✭✭✭✭✭
    I don't know how the emails from ZOS work, but in general if you have a subscription through a recurring charge to your credit card, the company that the subscription is with should send you two emails-- one to alert you that your subscription is about to be automatically renewed (so you can cancel it before it renews if you don't want to renew it), and one to let you know that your subscription has been automatically renewed (if you hadn't stopped the pending renewal from going through).
    I've fought mudcrabs more fearsome than me!
  • ZOS_JessicaFolsom
    ZOS_JessicaFolsom
    Community Manager
    Hey all, the old billing emails from last month that some of you received on December 2 were due to an outbound communications error in our billing and account management system following a maintenance on the same day. No one was actually charged in conjunction with these old billing notice emails, and the issue has since been resolved.

    We're also looking into why the link appeared that way in the email you got, @doright.
    Jessica Folsom
    Associate Director of Community - ZeniMax Online Studios
    Facebook | Twitter | Twitch | Tumblr | Instagram | YouTube | Support
    Staff Post
  • ESO_Nightingale
    ESO_Nightingale
    ✭✭✭✭✭
    ✭✭✭✭
    Hey all, the old billing emails from last month that some of you received on December 2 were due to an outbound communications error in our billing and account management system following a maintenance on the same day. No one was actually charged in conjunction with these old billing notice emails, and the issue has since been resolved.

    We're also looking into why the link appeared that way in the email you got, @doright.

    It's astounding to me just how good the communication with the community now is. Please keep this up!
    PvE Frost Warden Main and teacher for ESO-U. Frost Warden PvE Build Article: https://eso-u.com/articles/nightingales_warden_dps_guide__frost_knight. Come Join the ESO Frost Discord to discuss everything frost!: https://discord.gg/5PT3rQX
  • ZOS_JessicaFolsom
    ZOS_JessicaFolsom
    Community Manager
    We're also looking into why the link appeared that way in the email you got, @doright.

    As a follow-up to this specific piece, we've confirmed that the link in your email is legitimate and part of our tracking. Knowing who clicks on these links (through SendGrid) is one of the ways we can better understand if people are getting our correspondences and if they are effective, and ultimately helps us improve our email efforts and identify any issues.

    We do appreciate you asking, and it's good to be overly cautious with emails and links that look off, especially this time of year.
    Jessica Folsom
    Associate Director of Community - ZeniMax Online Studios
    Facebook | Twitter | Twitch | Tumblr | Instagram | YouTube | Support
    Staff Post
  • The_Boggart
    The_Boggart
    ✭✭✭✭
    Similarly,
    A message from steam asking to set up my payments details although they have been functioning for several years
  • LootAllTheStuff

    As a follow-up to this specific piece, we've confirmed that the link in your email is legitimate and part of our tracking. Knowing who clicks on these links (through SendGrid) is one of the ways we can better understand if people are getting our correspondences and if they are effective, and ultimately helps us improve our email efforts and identify any issues.

    We do appreciate you asking, and it's good to be overly cautious with emails and links that look off, especially this time of year.

    I would not have clicked on that link if I had received such an email. And if my email service provided a "Report phishing attempt", I would have done that too. Given the number of fraudulent phishing emails I get weekly which follow the exact same pattern, your IT folks may want to reconsider how they implement such tracking. Frankly, ANY link redirecting someone to a third-party service is suspect at this point in time, and the advice from email providers and security experts is to NEVER click such links.
  • doright
    doright
    ✭✭✭

    As a follow-up to this specific piece, we've confirmed that the link in your email is legitimate and part of our tracking. Knowing who clicks on these links (through SendGrid) is one of the ways we can better understand if people are getting our correspondences and if they are effective, and ultimately helps us improve our email efforts and identify any issues.

    We do appreciate you asking, and it's good to be overly cautious with emails and links that look off, especially this time of year.

    I appreciate your looking into it, but you got to admit I identified a huge source of sampling error for your email reception statistics. Be careful of what story SendGrid is selling with the data they give you.
    Again I would emphasize that having a link to ANY login page that isn't the domain familiar to the recipient is a terrible practice. Also more then a level or two of path after the domain or appending tracking information erodes confidence in the link's legitimacy. A bare domain address builds the best comfort for the user to click the link. You could also eliminate the link entirely and just tell users to login through the elderscrollsonline home page.
  • nightstrike
    nightstrike
    ✭✭✭✭✭

    As a follow-up to this specific piece, we've confirmed that the link in your email is legitimate and part of our tracking. Knowing who clicks on these links (through SendGrid) is one of the ways we can better understand if people are getting our correspondences and if they are effective, and ultimately helps us improve our email efforts and identify any issues.

    We do appreciate you asking, and it's good to be overly cautious with emails and links that look off, especially this time of year.

    This isn't really effective, I don't think, when your audience is more mature. The typical TES and ESO community member is older and more well versed in online privacy. I for one never click on links and my UBO won't allow third party tracking anyway. If I'm interested in a topic, I'll browse to the news post directly. Even if we did click through, the problem with metrics like this (and, honestly, most of the metrics that ZOS has explained over the years that are in use) is that the metrics don't shed any light on the "why" of an action or inaction. This is such a well known concept in modern telemetry that Hollywood took a stab at it way back in 2015 with "The Intern" starring Robert De Niro. In that movie, the 70-year old marketing genius tried to explain to 20-somethings why their marketing data wasn't particularly useful. That movie was ten years ago.

    We focus so heavily these days on loosely defined concepts of "engagement" because it is incredibly easy to pop up a slide showing impressive graphs. But those slides are useless. In my particular field of data science, we are grappling with this very problem as people try to throw AI models at everything. But our ground truth understanding of fundamental cause and effect concepts have not improved. AI gets funded, though, so.....
    Edited by nightstrike on December 10, 2024 3:35AM
    Warning: This signature is tiny!
  • TaSheen
    TaSheen
    ✭✭✭✭✭
    ✭✭✭✭✭
    Yeah, I never click links in emails, even from friends and family....
    ______________________________________________________

    "But even in books, the heroes make mistakes, and there isn't always a happy ending." Mercedes Lackey, Into the West

    PC NA, PC EU (non steam)- four accounts, many alts....
Sign In or Register to comment.