The Elder Scrolls Online

Maintenance for the week of March 16:
• PC/Mac: No maintenance – March 16
• ESO Store and Account System for maintenance – March 18, 6:00AM EDT (10:00 UTC) - 4:00PM EDT (20:00 UTC)

Forum Hacked ??

Leave a Reply
flameweaver
flameweaver
✭✭✭
I got an e-mail today, from a domain called enjin.com.
The email used both my forum handle and my forum/account email address and was a gold selling scam containing a link starting www.elderscrollsforum.com.

Thing is, my email address is a disposable alias (I run my own mail server), and is ONLY used for this game.

Question is how did this guy get hold of this info, and btw the TO list was huge, so not just me affected.

Is your forum security that weak or is there some other reason, say for example some insider selling personal info ?
  • esoone
    esoone
    ✭✭✭
    O.o
  • ZOS_HugoP
    ZOS_HugoP
    ✭✭✭
    Greetings @flameweaver‌ ,

    Thank you for reporting this! Could you please provide us more information (screenshots, email of the sender, etc...)? If you could PM a member of the Social Team to provide those information (for security reason), it would be really helpful!


    The Elder Scrolls Online Social Team - ZeniMax Online Studios
    Facebook | Twitter | Google+ | Tumblr | Pinterest | YouTube | ESO Knowledge Base
    Staff Post
  • Kavid
    Kavid
    You have probably been sent a PM in the game which is then sent to your email address as well. This was happening not so long ago which is why the PM was suspended in game.
  • ZOS_MichelleA
    ZOS_MichelleA
    ✭✭✭✭✭
    Kavid wrote: »
    You have probably been sent a PM in the game which is then sent to your email address as well. This was happening not so long ago which is why the PM was suspended in game.
    When a poster receives a PM on the forums, they receive an email notification; it will also include a quote of the PM they were sent. Someone who sends a PM will not see the email addresses, so please don't be worried about your email address being visible to others.
    The Elder Scrolls Online: Tamriel Unlimited - ZeniMax Online Studios
    Facebook | Twitter | Google+ | Tumblr | Pinterest | YouTube | ESO Knowledge Base
    Staff Post
  • flameweaver
    flameweaver
    ✭✭✭
    I've done a little more digging into this.

    Email was sent by enjin@enjin.com using the name "pudgalask" .
    The link was to a post on an ES Fansite "www.elderscrollsforum.com" - seems genuine but enjin.com looks to be a gaming website/forum hosting platforms for all sort of games.

    It looks as if gold sellers have been farming forum handles from here and maybe others and creating them on the fansite.
    I haven't signed up to any ESO fansites, but if I follow the link in the email, it's a message to "flameweaver" and about 35 other users, whose handles all start with "f", and posted by pudgalask.

    Not sure how they are putting this together but if I look at "flameweaver's" profile on the fansite, it was created back in Feb 2013 by enjin.com. Now, I wasn't playing ESO back then, not even in beta.
    It could be could be coincidence with the choice of "flameweaver", I use it on many MMO game sites, but there's no copyright on my forum handle ;)

    But I'm intrigued as to how they got my ESO specific e-mail address, as apart from my self, no-one else other than ZOS's systems know it and it's obvious that the email to me didn't originated from these forums (or from ZOS).
    Not that it will be useful from now onwards as I've deleted the alias and will create a new once I understand better how my email address appears to have been leaked or otherwise obtained.

    @ZOS_MichelleA I've PM'd you with additional details.

  • AlexDougherty
    AlexDougherty
    ✭✭✭✭✭
    ✭✭
    flameweaver wrote: »
    I've done a little more digging into this.

    Email was sent by enjin@enjin.com using the name "pudgalask" .
    The link was to a post on an ES Fansite "www.elderscrollsforum.com" - seems genuine but enjin.com looks to be a gaming website/forum hosting platforms for all sort of games.
    Yes Enjin is a hosting site used by guilds in various MMOs, but there is nothing to stop Goldsellers setting up shop there.

    But I'm intrigued as to how they got my ESO specific e-mail address, as apart from my self, no-one else other than ZOS's systems know it and it's obvious that the email to me didn't originated from these forums (or from ZOS).
    Not that it will be useful from now onwards as I've deleted the alias and will create a new once I understand better how my email address appears to have been leaked or otherwise obtained.

    @ZOS_MichelleA I've PM'd you with additional details.
    Not to sound patronising but when you created your account (or even afterwards) did you accidently click the box that lets others see your email address . Because that's the simplist thing that springs to mind. Otherwise it has to be somebody at Zos dropping the ball (and I hope it isn't that).


    People believe what they either want to be true or what they are afraid is true!
    Wizard's first rule
    Passion rules reason
    Wizard's third rule
    Mind what people Do, not what they say, for actions betray a lie.
    Wizard's fifth rule
    Willfully turning aside from the truth is treason to one's self
    Wizard's tenth rule
  • Crassius
    Crassius
    ✭✭✭
    AlexDougherty wrote: »
    ... when you created your account (or even afterwards) did you accidently click the box that lets others see your email address...

    This is all it is.

    WOLF! WOLF!
    Let me guess, someone stole your sweetroll...
    Everything I say is just my opinion. Like it or not - that's all it is.
  • KerinKor
    KerinKor
    ✭✭✭✭✭
    flameweaver wrote: »
    I got an e-mail today, from a domain called enjin.com.
    The email used both my forum handle and my forum/account email address and was a gold selling scam containing a link starting www.elderscrollsforum.com.
    You did of course verify that was the actual link, yes? If so then how was a scam supposed to work using ZOS' domain?

    This is going to be yet another PM notification being totally mis-read by the recipient.
  • Hearts
    Hearts
    ✭✭✭
    If your account name is the same as your mail name then they could just be forcing emails to be sent to all the major emails.
    Thats what im guessing at because personally, i havent gotten an email from anyone and im pretty sure the majority of the players didnt either.
    If the server was hacked then they would have access to every email and everyone would have gotten it.
  • skeletorz_ESO
    skeletorz_ESO
    ✭✭✭
    Do you have the box checked in your profile to show people your email address?
    “If you would be a real seeker after truth, it is necessary that at least once in your life you doubt, as far as possible, all things.” -- René Descartes
  • Censorious
    Censorious
    ✭✭✭✭
    Hearts wrote: »
    If your account name is the same as your mail name then they could just be forcing emails to be sent to all the major emails.
    Thats what im guessing at because personally, i havent gotten an email from anyone and im pretty sure the majority of the players didnt either.
    If the server was hacked then they would have access to every email and everyone would have gotten it.

    I'd go for something like this.
    The forum handle is there for everyone to read so try forum_name@googlemail.com and all the other free mail forward services. Chances are pretty good you'll hit paydirt.

    And yes, a gold seller wouldn't stop at spamming a few addresses - he'd hit every single one.
    'Clever' sigs get old real fast - just like this one.
  • starkerealm
    starkerealm
    ✭✭✭✭✭
    ✭✭✭✭✭
    Yeah... the only thing I'm seeing from Enjin in my inbox is stuff from my friends in Enjin's social network. Also, there's the part that my actual email address would be ridiculously easy to guess off of my forum name, so it's a safe bet that this was a glitch involved in ZOS shutting down the forum PMs or with the in game ones triggering an email.
Sign In or Register to comment.