Welcome to the Forum Archive!

Years of conversation fill a ton of digital pages, and we've kept all of it accessible to browse or copy over. Whether you're looking for reveal articles for older champions, or the first time that Rammus rolled into an "OK" thread, or anything in between, you can find it here. When you're finished, check out the boards to join in the latest League of Legends discussions.

GO TO BOARDS


The Emergence of Phishing = "Report Post" Feature Must Be Implemented

123
Comment below rating threshold, click here to show it.

Incineration

Senior Member

10-20-2010

If you didn't put your user name and password into that guys' fake login info you're probs fine.

Best practices is still to stop using Internet Explorer and run something like Firefox or Opera with a plugin like Noscript.


Comment below rating threshold, click here to show it.

AstorSapolsky

Senior Member

10-20-2010

Quote:
Tamat:
Greetings Summoners!

We've been tracking this issue today and are tackling these posts as quickly as we can find them. We have a short term and a long term plan to prevent activity like this, but in the meantime, please be mindful that this activity is taking place.


I don't know if we should trust this guy, who's to say Tamat didn't fall for it himself?!??


Comment below rating threshold, click here to show it.

Polaritie

Recruiter

10-20-2010

Quote:
AstorSapolsky:
I don't know if we should trust this guy, who's to say Tamat didn't fall for it himself?!??


Probably the fact that Tamat can just get an admin to fix that in person. Physical access to a system always trumps any form of remote access, and Riot employees have physical access (Or at least can call someone with it)


Comment below rating threshold, click here to show it.

kNocturn

Recruiter

10-20-2010

Quote:
AstorSapolsky:
I don't know if we should trust this guy, who's to say Tamat didn't fall for it himself?!??


Because people who work for a company should know that their site is:

http://www.leagueoflegends.com

Not

http://www.leagueoflegends.xen

or

http://www.texthere.leagueoflegends.com


Comment below rating threshold, click here to show it.

carbonClockwork

Senior Member

10-20-2010

Quote:
knocturn:
because people who work for a company should know that their site is:

http://www.leagueoflegends.com

not

http://www.leagueoflegends.xen

or

http://www.texthere.leagueoflegends.com


omg he is the phisher get him. i mean he has to be he is posting links that pretend to be league of legends. dont fall for it people!!!1


Comment below rating threshold, click here to show it.

Polaritie

Recruiter

10-20-2010

Actually, http://www.something.leagueoflegends.com would resolve to Riot's domain. Or should try to.

Urls are generally interpreted read right-to-left, starting with the top-level domain. "www." itself has no meaning, as opposed to something like "mail."


Comment below rating threshold, click here to show it.

Skorp

Recruiter

10-20-2010

Quote:
Imumybuddy:
Is it this d2k5 guy? I accidently clicked on his link and I immediately clicked exit tab. It didn't load the page but will I have a keylogger/ virus already?


I don't think it's a key-logger, just a page phishing for your login. Looking at the page code, it's just a copy of the riot page with the form redirecting to his own page to save the login. There's nothing to stop him putting malicious code on it though, and you should keep your anti-virus softward up to date.

I think the best way to deal with it is to put a warning on outbound links in the forum (and of course ban the offenders (of course, once he's got someone's account he can post the messages from that). They might need to put Capcha on forum posts if people start using scripts to spam posts.


123