Guide Scam?Follow

This is the correct link. As for whether someone is pulling you leg or not...

I saw a serverwide message last night about 10:30 EST asking for new guide applications. To be sure I would follow the links to the app from SOEs main website

But they say all the time that they will never ask for your password. Weird.

No do not give your pass out. Plain and simple. If any company asks you for your pass and you give it, that is dumb. If they are the holders of what ever account it is they can reset it for you. No need for them to know it. I would be weary of that. If anything, log into eq and speak privately with a chat gm and confirm the info asked. My best suggestion.

The site is legit. If you notice the beginning of the address is https:// ... the S is for a secure server. The reason they ask for your station name and password is to verify that you are, indeed a current subscriber to EQ, which is one of the requirements. It is a sub-domain sitting on www.everquest.com.

Look it up on Network Solutions WHOIS search.

Could be phishing (a billion dollar industry). Although the letter and return address look legit, they could actually be redirected to a scam artist. I have received these things asking for me to validate my credit card stuff through email response and the email looked exactly like the official site for that company. At first you could just click reply to see where it was really going to (muhammed153@yahoo.com), but they have smartened up now, and just clicking reply doesnt work anymore.

If you want to see just how common this scam is, try a Google search, it will make a believer of you.

Bottom line, NEVER EVER validate thru email, ALWAYS go to the official site, no matter how legitimate it looks. Tens of billions of dollars have been stolen through personal information developed in this manner. Looks like some interprising soul thought he might get himself some stuff to sell. If just a few people fell for it he could loot the accounts for boocoo bucks.

check it out.

Karlowin Fennon Ro

Has to be a scam....


Anytime I have ever applied for anything with EQ, such as beta's, or upcoming items, it is all done through the station site. This validates you are who you are. That site looks so fishy I would not touch it with a ten foot pole....

Which is all well and good advice is this were an email. However, this is a web site.

The way web addresses work is the following:

<tag>[hostname.][subdomain.]domain.{com|edu|mil|org|etc...}[/path]


The tag tells the browser what to do with it. https is "secure http", and is used for authentication and should encrypt anything you type in (so it is a valid method for a "login", just like loging into EQ).

The domain name is a DNS name. While this is theoretically spoofable, it's hard to do that without people noticing. You basically have to upload bogus dns information to the top level dns servers. You can go to jail for that really really easily.

The combo of everquest.com, ensures that your packets will go to the domain owned by whoever owns everquest.com (that's SOE in this case). Everything to the left of that is subdomain information, and is handled by *their* dns service. So unless SOE got hacked (or you got hacked, or .com level dns servers got hacked), there's no way for this to be a non-SOE controlled host.

Everything to the right of the .com is a path. This is local to the hostname that the stuff to the left resolves to. So this can't ***** you either. Basically, if the field to the left of .com is the domain owned by SOE, then the entire address is almost certainly legit. The authoritative DNS source for any address under that domain must come from that domain itself, so there's a pretty reasonable degree of saftey. Again. They would have to spoof a dns update and make it look like it was coming fromm the everquest.com domain in order to redirect everyone on the internet to the wrong location.


Finally. If you really really are unsure. You can do a dns lookup on the hostname given. Do one on the domain name, and one on the complete hostname. If the IP addresses are "close" (in this case, the first two fields will be the same since IIRC, Sony has a class B network), then you know that your packets are being routed to their network. Now. Unless someone managed to hack the routing tables internet wide (even harder then DNS spoofing), you are safe.



I'd still double check it. However, they aren't asking you to type your station name and password in the clear, or give it to someone over the phone. They are asking you to type them in as a login, right? How is that different then what you do every time you log in to play the game? Theoretically, it should be just as secure (assuming their web people know what they are doing). You type your credit card number into their web site when you pay for the game, this shouldn't be any different.


I'd give about 99% odds that this is totally legit. They probably should have released some info about the login process to avoid confusing folks though...

Ok. I see what you are talking about now. I was thrown off because you only talked about sending replies to an email.

Certainly, never trust the text written down on the link. You can put anything there. For example:

https://guide.everquest.com/guideapp


Clearly, the text I wrote is not the same as the destination the link actually point to. But in any case, your browser will take you to an address. That address will be the correct address for the site. That's what you look at. Not what appeared as text in your email. Always check the url in the box where the browser says it's at, not what some link has written in it.


I am well aware of what phishing means. My point is that if you look at where you actually go, you'll be able to determine if you are at a site owned by the company you think it's owned by.


In this particular case, guide.everquest.com has an IP address of 64.37.148.139. Everquest.com has an IP address of 64.37.156.16. Whois shows that domain as owned by Sony. Thus, if my browser actually takes me to that address, then that is a legitimate sony owned webspace. If I click on a link and end up somewhere else, then I need to assume it's a scam.


The key to avoiding being scammed is to look at what you are actually interacting with, not what the email says. There is functionally no difference between that scam, and me sending a letter to you with a bogus letterhead and asking you to send me a check, or some other personal information. I can put any letterhead that I want on the letter. I can print any name I want on the envelope. What matters is the address that the post office will actually use to deliver it.


Actually, the biggest difference between normal mail fraud and internet fraud is that it's *easier* to catch internet fraud. There are simple tools to verify an address to a domain. There are reasonably simple ways to figure out the correct return address. But odds are you have no way to figure out who actually owns a particular physical address that's printed on an envelope. What makes internet fraud more prevalent, is that it's vastly easier to commit as well. I don't have to stuff a zillion physical envelops and maintain a post office box or something. Additionally, there are fewer laws that restrict stuff like settig up bogus return addresses or links.

The tools are there, but most users of the internet don't know how to check to see if something is legit. In this case, if you actually are at the address listed above, you will be connecting to a sony site.

Great. Thanks for all your help and information all.

dude, a url referenced in ingame gm broadcasts is NOT going to be a scam

You can always try right clicking the link - go to properties and see what URL it really is going to as well.

... the guideapp still asks for your username and password once you get in to it, and who the hell knows what the GUIDEAPP is, but its not asking for your EQ username/pw