Well usually you should give real info to surveys. They have ways to determine wether you speak the truth.
Also on other note some of those work some don't. Usually gpt sites work (though the one I'm on has bought the max amount of minecraft codes on their credit card so it is no longer available there.
This one is obviously not a legit survey. REAL surveys will:
- tell you how long the survey is up front
- spell out what you'll be getting for taking it up front, with details on how, and when.
- tell you if you disqualify within the first 1/3 of the survey
This one is obviously not a legit survey. REAL surveys will:
- tell you how long the survey is up front
- spell out what you'll be getting for taking it up front, with details on how, and when.
- tell you if you disqualify within the first 1/3 of the survey
This is very true. Also never have I seen a survey worth of 26 dollars.
The Meaning of Life, the Universe, and Everything.
Join Date:
10/26/2014
Posts:
45
Location:
Windhelm
Minecraft:
EpicRattata
Xbox:
RustyDadBaldwin
PSN:
Snakebit3
Member Details
I agree with all of the above about using your common sense. (Sorry if this is bumping, I love this thread) When I was 4 or 5, I got a new laptop which got ruined because I installed about 12 malware programs. Now I'm smarter.
Rollback Post to RevisionRollBack
Eggies: <---- click them!
Hatchies: none
Howdy. I like the elder scrolls and undertale. I also collect dragons on dragon cave.
I once got to a site, and randomly, an ad appeared: "Parabéns ao nosso milionésimo visitante, você acaba de ganhar 1 IPad de graça!". As if I'd fall for that... That's Portuguese BTW, as I'm Brazilian.
Rollback Post to RevisionRollBack
Check out my Dummy Mob Idea![Link] Support and click "" if you like!
I think someone should make a Thread here which would say "OMG Free Codes!" or something like that, and put a shortened link to none other than this thread. It would help making it visible.
Rollback Post to RevisionRollBack
Check out my Dummy Mob Idea![Link] Support and click "" if you like!
I once got to a site, and randomly, an ad appeared: "Parabéns ao nosso milionésimo visitante, você acaba de ganhar 1 IPad de graça!". As if I'd fall for that... That's Portuguese BTW, as I'm Brazilian.
Well, that ended my optimistic assumption that they don't have those fake "winner" things in other languages. Though they don't seem to be nearly as common as they used to be. Maybe there is some hope that people are getting smarter.
That may in fact be part of the problem: Adults have seen all that stuff before, and learned (sometimes the hard way) that if something is too good to be true, it's either not good or not true. But kids are not quite so experienced (or cynical). They haven't seen it all yet, especially not the parts of "it all" that involve people trying to use them, rip them off, etc. So they're an easy target for the scammers.
One of the things I do as a moderator is investigate reports that some download (usually MCPE mods, in my case, because I'm in Other Platforms) is carrying a virus. We had one such report a few days ago and, when I went to download the questionable file so I could investigate (note: do not do this at home) the screen that came up in front of me was what I expected from the service in question -- a delayed download with assorted ads around it -- but the download in question, when "ready", was not in fact the file I was after. It was some random .exe, presented as a download manager, and almost certainly the carrier for the trojan that was said to be in the mod file. If I'd been younger or more naive, I probably would have just clicked "OK" and collected whatever nasty payload that thing was carrying (which was, in fact, probably what was being reported, rather than the file itself, which when we finally got to it, checked out completely clean).
I've investigated a lot of these 'free Minecraft" scams of one sort or another. They vary in type. There are the "surveys" that demand personal information. There are the "complete these offers" ones that are expensive or impossible. There are the ones that say you only have to see the listings of all "offers" and refuse them, but I once went through 30 pages of those, at 10 to a page, before I got bored ... I'm pretty sure I'd seen the same ones several times, which implies that the pages were just being recycled (probably in slightly different combinations) and there never would be an end. And there are the "code generators" that want you to install programs on your computer -- and you're supposed to trust the word of a person who claims to be a hacker and a thief that they won't harm you, just someone else. Um, yeah, right.
There's a saying that you can't scam an honest man. It's not quite true -- there are some scams that take advantage of the mark's natural honesty, like the variant on the 409 scam that presents it as a completely legitimate donation to the mark's church -- but it's mostly true. Most scams use the mark's willingness to do something dishonest -- launder money, buy stolen property, pirate Minecraft -- to hook them into the scam.
You might have heard of the "white van speaker scam" where some shady-looking guy in a parking lot says to passers-by "hey, you wanna buy some speakers, cheap?" And there in the back of the rather junky van he's got a couple of speakers, sometimes with cut-off wires still dangling from them. Most people, being either honest or not in the market for speakers, will pass up the offer. (seriously, would you buy speakers out of the back of a van from some dude in a parking lot?) But every so often, there's one person who figures the speakers are stolen, and he'll get a really good deal if he buys them. And sure enough, the way the guy selling them drops the price as they discuss it convinces him there's definitely something shady going on. So he hands over the money and buys the speakers ... which, when he gets home, he finds out are actually cheap junk, worth about half what he paid for them. What's he going to do? Go to the cops and say "I bought stolen property and the thief charged too much for it?" Yeah, right; he's been well and truly burned. And the guy with the van? He goes to another parking lot, takes another set of speakers out of their boxes, and does the whole thing again ... because he works for a stereo store, and they're making a fortune selling lousy speakers to suckers.
When I worked for Radio Shack, I had a customer who had been doing this for a while. He had no moral qualms at all about overcharging dishonest people who thought they were buying other people's stolen speakers, and frankly, I can't really say that I would either. They thought they'd found a deal that was too good to be true. And they had -- which meant it was either not good or not true. Or, in this case, both.
There's an old Latin phrase that applies: cui bono? Who benefits? In any business transaction, the first question to ask yourself is cui bono? Any time it looks like the answer is "you" it's time to start getting really, really suspicious. Businesses exist for their own benefit, not yours or mine; it's got something to do with the desire of the owners to be able to buy groceries, or maybe a bigger yacht, but either way, it's for them. Period. Anyone who gets that wrong isn't in business long enough to matter, and anyone who says "we do it all for you" is lying. So one of these "free Minecraft" places is offering to give you something worth $27. Cui bono? If you were to actually get that free game, you would have to be delivering more than $27 worth of value to that business, or they'd be out of business really fast. A retail store wouldn't buy things for $50 each and sell them for $40, obviously; it would be the other way around. So if you were to get an item worth $27, you are giving them something worth more than that. What, exactly, can they get from you that is worth more than $27? The odds are "nothing" -- in which case, they're not going to be giving you said item. The cake is a lie, and so is the promised free Minecraft.
It's important to note that most of these scams always try to get people to advertise for them -- "Sweet! I got a free Minecraft code and it worked!" -- long before the end of the process, when they would supposedly be giving out that freebie. If there really was going to be a free game, why tell people to lie on their behalf when they could just tell the truth? It's another sign that they're not honest.
I have a rule of thumb that has stood me in good stead over many years: never do business with someone who thinks that deception is a valid way to open a business relationship. For example, in my snail mail recently, I got an envelope the size and shape of a Christmas card, that appeared to be hand-addressed, and even had a real stamp on it, not a "presorted first class" thing. What was inside? An ad from a local insurance salesman. He wanted to trick me into opening his ad ... but I'm not going to do business with someone who thinks that fooling his customers is a good idea. What else does he intend to try to deceive me about? And the same thing applies to the "1 millionth visitor" ads ... if they start out by lying to me, what else are they going to lie about? The first criterion I have about any business I intend to deal with is wanting someone who does not intend to cheat me. When they start out by lying to me, they've demonstrated right up front that they will. I'll do business with someone who at least has not started out by giving me a good, solid reason not to trust them.
tl;dr: If it sounds too good to be true, it's either not good or not true.
Also, once, there was a site with a visitor count there... around 1,4K visits. Guess what was on the top of the page? An ad, again the "X Visitor" kind, way over 100K
Rollback Post to RevisionRollBack
Check out my Dummy Mob Idea![Link] Support and click "" if you like!
There is definitely some sort of highjacking with minecraft code links. If someone wants, perhaps someone should set up a virtual machine, load it up with malwarebytes, wireshark, and malwarebytes anti exploit, go to the site. Before downloading, use wireshark and anti exploit to look for drive-by downloads. download whatever software it offers for the code, and run it through virustotal to see if that finds anything. Run the executable and reboot the computer so the payload is fully active. Reboot to safe mode and run an mbam scan to see if it finds any keyloggers or any account highjacking of some sort.
I would like to see what they find. Remember, that we are only letting the malware run in an isolated area. Do not sign in with anything while following these steps. Download tools before even visiting the potentially melicious site, because drive-by downloads are easy to set up if you know how to set up angler ek, and the malware might block antimalware sites.
I don't think that you have acess to all the files. There are fileless infections, aka poweleikes, that you can't runthrough virustotal because they don't exist
It really sounds too good to be true which, I think, should tell people that there is something off about it but that's just my opinion.
Rollback Post to RevisionRollBack
Yo what up guys! I'm Jaiden and I have a YouTube Channel! I mainly post Minecraft videos with the other Cookie Bros, a group of friends that play together, which you can check out on the side bar of the YouTube ! My main goal is to make you laugh! If I made you laugh, comment "#THEGREENCOOKIEBRO" on any one of my vids!
I was just looking at a giftcode spam post and another thought crossed my mind regarding scamming "free stuff" sites, what they ask for, and why it's clearly bogus to anyone who thinks about it for a minute.
The usual requirement from one of these sites is for the sucker to post "I got a free Minecraft gift code from www.example.com" on three (it's usually three, but it can be more) forums in order to get whatever cake they're dangling.
Now, think about it a bit: Let's say someone does so. We'll call him JoeSucker for the sake of discussion. JoeSucker, having seen one of these things here before we caught and eradicated it, decides he wants a great deal like that, too (he believes that something too good to be true is in fact somehow both good and true) so he goes to the designated site, gives them all the personal information he should be too smart to give anyone, and before he moves on to the next step (generally completing three of some number of actually impossible "offers") is told to post the same scam link on three forums, just like the guy who did it to him. So, not being too bright (or at least not thinking about it much), JoeSucker dutifully proceeds to spam up MCF and a couple of other sites with said link. Now ... imagine, if you can, that -- as JoeSucker believes -- the site isn't a scam. Just like Bill Gates is going to give you a million dollars if you forward that email and a Nigerian prince wants you to launder money for him, they really are giving out free Minecraft gift codes to people who do all the things they ask for. So ... JoeSucker posts that link ... some random person clicks on it ... they go to the scam site. How, exactly is said scam site going to know that it was the link that JoeSucker posted and not the one that JuanEstúpido posted instead? Or the one that HansDummkopf posted last week? That is, how do they know which sucker to credit?
Obviously they can't. It could be any one of those people, or thousands of others, who all posted exactly the same link to exactly the same scam. They're telling you that one of the mandatory steps to getting the cake is to do something that, in fact, they have no way of telling if you've done or not. If they can't tell if you've done it, that means they don't care if you do it. And why wouldn't they care if you do it? Well, if doing X is a condition of getting Y, and there is no way for the Y-giver to test if you've done X, that means it doesn't matter. They never intended to give out Y, so they don't care if you've done X or not. They never intended to give out a free Minecraft gift code, so it doesn't matter how much you spam on their behalf, as requested or ten times as much or not at all. So just by looking at that one thing they're asking, you can be absolutely certain that it's a scam.
Looking at it from the inside: I run a blog. I regularly study my blog stats, hoping against hope that people have read it (which they usually haven't). One of the stats Wordpress supplies is referrer information -- that is, where incoming readers came from. If they followed a link, like the one I have in my signature, it will tell me where the link was from. For example, someone went to that blog from a link in a particular thread ... amusingly enough, one that I locked almost a year ago ... and, though I can tell where they came from, I can't tell who they are. I know they followed a link from a particular page, but not which post on that page, let alone who posted it. For that matter, I'm only assuming they followed the link in my sig -- for all I know, one of the other posters in that thread had "go read Aky's blog" in his sig, and then took it out again before I looked. So I have no way to tell, from my referrer stats, (and what the blog site gives me is basically what's in the site referrer log, tidied up a bit for non-expert viewing) who that person was, what link on the page they followed, or anything else about them or the link, save that it was on a specific page on MCF. And exactly the same thing is true of "post this spam to 3 forums". It's a lie on the face of it.
tl;dr: Someone who lies to you about one thing will lie to you about another. And if it's too good to be true, either it's not good or it's not true.
p.s. This is obviously somewhat different for spam that features an affiliate code, like www.example.com/scam.php?ref=123. They're still just as much scams, just as much lies, and just as much forbidden on pretty much every forum on the Web, but they do it slightly differently. They know who's working how hard to get that cake -- but the cake is still a lie. Read all the rest of this thread. Any time you think that what you can do in 15 minutes is worth $27 to some random company, ask yourself why they'll pay you to do it once instead of paying someone minimum wage for three hours to do it repeatedly. But that's a subject for another post.
I read a post here on MCF the other day that showed the results of falling for a different version of the scam. I wasn't going to post, as I'm not nearly as active on the forums as I used to be, but then I got a rather interesting phishing email that made me think about the forum post, and decided to necro my old thread about not falling for scams to natter on about it for a bit.
The post in question was from someone who'd had his Minecraft account stolen. Some website promised to allow him to create custom texture packs, but before he could do so, it requested his MC login information. He dutifully gave it his username and password, and then came to the forums quite distraught when his account was subsequently jacked (and probably sold) by whoever he'd given that username and password to. He never thought about why he should give it to them, or whether that was a good idea in the first place; he just did what he was told, and lost his account.
This was brought to mind by a phishing email I got today. It appeared to be perfectly legitimate -- from a certain company, to the email address reserved for email from that company, etc. But I didn't even have to look at the URLs it linked to in order to know it was bogus. (and oh, was it ever bogus) Why? Because it referenced an abandoned shopping cart on their website. Good so far as it goes ... but I'd never used their online store -- I'd only registered a device I'd bought from a physical store with them, for updates -- so there was no way any such cart could exist. It didn't make sense -- and, sure enough, it was as phony as a three-dollar bill. A couple of seconds worth of thought showed me that. (and that the company in question is the latest to get hacked)
Someone who gives their login info for a game to any random website for any reason is not thinking. The classic "we think you're sharing an account; give us your password to prove that you aren't" scam -- which I've seen, in one form or another, for longer than some forum members here have been alive -- is a perfect example. Think about it for a minute: You are playing BigMMO. In order to log in, you naturally have to use your password. Supposedly BigGameCompany wants you to prove that you know your password. But, given that you use it every time you play the game, of course you know that password, and BigGameCompany knows that you know it -- you couldn't be playing their game if you didn't. If you think about the whole thing for 10 seconds, it's blatantly obvious. And yet, for as long as I've been playing MMOs I've watched game companies take extraordinary measures, both educational and technical, to get their players to not go around giving out their passwords to whatever random dweeb asks for them. Unsuccessfully. Because people are not thinking.
Would you scatter copies of your house key, with little tags giving your address, all over town? Of course not; you don't know who might pick one up. You'd only give your key to someone you trusted absolutely and who had a reason to have it that couldn't be handled any other way, like just being home to let them in. The same goes for login information: your password is the house key, and your username is your address. Why does someone want your key? And if they're someone who should legitimately have it, why do they have to get it from you instead of having it already?
Think about that last part: Say you live in multi-unit housing ... an apartment building, a college dorm, whatever. The management has a passkey for all the locks. Some dude you've never seen before comes to you and says "hey, there's a water leak in your room, I need your key so we can fix it." Are you just going to hand over your key to this random stranger? One would hope not. You'd think about it for that critical 10 seconds. "I haven't seen any leak ... the building manager has a passkey to let repairmen in ... and I have no clue who this dude is" and tell him to get lost; calling the cops optional.
It's the same thing: THINK. Think about what someone asked for, and whether it makes sense. Think about why they might want to know that. Think about the whole situation. Just. Plain. Think.
If people spent as much time thinking about whether they want to hand over their MC login information to hackers, their bank account information to online scammers, their money to spammers hawking things I can't even talk about on MCF, etc., as they do thinking about what clothes they're going to wear today*, there wouldn't be any such scams because the pool of suckers they depend on would have long ago dried up.
tl;dr: The cake is a lie. The root user knows all. Something too good to be true is either not good or not true.
THINK!
*not applicable to those of us who just grab the next jeans from the pants stack and the next T-shirt from the shirt stack
Wonderful post. It always bothers me when people come here saying something is wrong with their account. They should go to Mojang with problems with their account, but that's not the whole reason. Most people complain about that their password or email for their account changed, but why would this happen unless they were idiotic enough to give their information out.
About your OP, I've only seen one spam site that promised free accounts, though it was before I got my Forums account. It was actually pretty well made, but it had the system of pasting spam across different forums like you described. However, this site also allowed you get an account through answering a poll. However this poll had simple questions, like "What are your favorite M&M's," that would have no relation to the site and probably just installed viruses and other nasty stuff on your computer.
The way i look at those 'free if you fill out a poll' sites....
At the end of the poll you give out your email, to receive your copy of whatever, and possible enter a password to register an account on their site.
The questions its asked, may seem random, but are they??
Whats your first pets name, what school did you goto, what was your best friends name in highschool, these sound familiar right?
Favourite M&M colour? or it is really wanting your favourite colour
They should, they are all questions companies ask when setting up an account, the magical secret questions.
Filling out their poll could be giving them all the stuff they need, they have your email and a bunch of answers to try to get into your email, and then from there god knows what else they may obtain.
ALWAYS be careful out there kids.
Wow that was deep for me hehe
Wow, I never even realized that! I've always been suspicious about polls, but I could never quite put my finger on why I didn't trust them.
Rollback Post to RevisionRollBack
I'm on a bit of a hiatus from playing Minecraft, so I'm not so active in this forum, either. I still check it though, and participate in a few discussions.
I maybe totally wrong about my thoughts, but they made sense while i wrote it, it was Baryonic_Lord s post that got the thought into my head
As someone who works as a senior adviser for one of the largest banks in the world, that is EXACTLY the purpose of these kind of sites. Most information about all of us is public records, these personal interest questions are the bread and butter of credit card fraud and identity theft.
Rollback Post to RevisionRollBack
"If you don't understand the bigger picture, writitng a program is difficult. That's true with any computer programming language, not just java. If you're typing code without knowing what it's about, and the code doesn't do exactly what you want it to do, then your just plain stuck." - Dr Burd
Owner/Admin of the amazing and awesome super custom modded Ninjacat Server!
As someone who works as a senior adviser for one of the largest banks in the world, that is EXACTLY the purpose of these kind of sites. Most information about all of us is public records, these personal interest questions are the bread and butter of credit card fraud and identity theft.
Which is why I could tell the world my favorite color is orange and it will do nobody any good at all cracking my accounts; if the "secret question" is what my favorite color is, I'll answer, for instance, "minecraft". I have a pattern for what I answer verification questions with, which I know but nobody else does, so I can always produce the same answer, but it's not actually an answer to that question.
Likewise, I have a system for setting up high-security passwords that guarantees I can always recreate the password for a given site, but it's still gibberish. I don't have to write it down on a stickynote under my keyboard, or use some password-manager software that gathers all my security problems into one place; I can always work out what it's supposed to be, but it's not the same for any two places.
Neither of these is anything that any person with two brain cells to rub together can't do. Then again, people with two brain cells to rub together wouldn't be falling for 419 scams, handing over their Minecraft passwords to random websites, or wiring money via Western Union to strange people on the phone who claim they're with the IRS and they'll send someone to arrest you if you don't pay them off immediately.
Speaking of which, I got one of those phone calls a while ago ... I rather enjoyed mocking the scammer, starting with pointing out that the IRS -- or any American -- would know how to pronounce my name, unlike him ... and wasted about ten or fifteen minutes of his time making fun of him before I was laughing too hard to be able to continue. Yes, I do have an evil streak. Also more than two functional brain cells.
It all comes down to the same thing: think. That's what something like the fake-IRS scam depends on: people not thinking. People always ask you to do things that benefit themselves. That includes "do this right now, before you take any time to think about it." If me not thinking about something is beneficial to whoever wants me to do it, that's a pretty good sign that I'd better think about it, and think long and hard. (yes, "Limited time offer! Buy now!" is the same thing; it's very rare that you can't get at least as good a deal after you've had time to think about it) They try to do it to you in person at car dealerships, by mail from cable TV companies, etc., but they're all trying to do the same thing: get you to make a decision before you think about it. And when someone is trying to get you to make a decision without thinking about it, you can be pretty sure that you would not make the same decision if you did think about it. So ... think.
P.S. my favorite color is not orange; I like being mysterious.
If only people used that same mysterious rare gift you have acquired through some kind of dark magic Akynth, that gift known only as "Common Sense". ^-^
Rollback Post to RevisionRollBack
"If you don't understand the bigger picture, writitng a program is difficult. That's true with any computer programming language, not just java. If you're typing code without knowing what it's about, and the code doesn't do exactly what you want it to do, then your just plain stuck." - Dr Burd
Owner/Admin of the amazing and awesome super custom modded Ninjacat Server!
This one is obviously not a legit survey. REAL surveys will:
- tell you how long the survey is up front
- spell out what you'll be getting for taking it up front, with details on how, and when.
- tell you if you disqualify within the first 1/3 of the survey
This is very true. Also never have I seen a survey worth of 26 dollars.
Eggies: <---- click them!
Hatchies: none
Howdy. I like the elder scrolls and undertale. I also collect dragons on dragon cave.
Support and click "" if you like!
Support and click "" if you like!
Well, that ended my optimistic assumption that they don't have those fake "winner" things in other languages. Though they don't seem to be nearly as common as they used to be. Maybe there is some hope that people are getting smarter.
That may in fact be part of the problem: Adults have seen all that stuff before, and learned (sometimes the hard way) that if something is too good to be true, it's either not good or not true. But kids are not quite so experienced (or cynical). They haven't seen it all yet, especially not the parts of "it all" that involve people trying to use them, rip them off, etc. So they're an easy target for the scammers.
One of the things I do as a moderator is investigate reports that some download (usually MCPE mods, in my case, because I'm in Other Platforms) is carrying a virus. We had one such report a few days ago and, when I went to download the questionable file so I could investigate (note: do not do this at home) the screen that came up in front of me was what I expected from the service in question -- a delayed download with assorted ads around it -- but the download in question, when "ready", was not in fact the file I was after. It was some random .exe, presented as a download manager, and almost certainly the carrier for the trojan that was said to be in the mod file. If I'd been younger or more naive, I probably would have just clicked "OK" and collected whatever nasty payload that thing was carrying (which was, in fact, probably what was being reported, rather than the file itself, which when we finally got to it, checked out completely clean).
I've investigated a lot of these 'free Minecraft" scams of one sort or another. They vary in type. There are the "surveys" that demand personal information. There are the "complete these offers" ones that are expensive or impossible. There are the ones that say you only have to see the listings of all "offers" and refuse them, but I once went through 30 pages of those, at 10 to a page, before I got bored ... I'm pretty sure I'd seen the same ones several times, which implies that the pages were just being recycled (probably in slightly different combinations) and there never would be an end. And there are the "code generators" that want you to install programs on your computer -- and you're supposed to trust the word of a person who claims to be a hacker and a thief that they won't harm you, just someone else. Um, yeah, right.
There's a saying that you can't scam an honest man. It's not quite true -- there are some scams that take advantage of the mark's natural honesty, like the variant on the 409 scam that presents it as a completely legitimate donation to the mark's church -- but it's mostly true. Most scams use the mark's willingness to do something dishonest -- launder money, buy stolen property, pirate Minecraft -- to hook them into the scam.
You might have heard of the "white van speaker scam" where some shady-looking guy in a parking lot says to passers-by "hey, you wanna buy some speakers, cheap?" And there in the back of the rather junky van he's got a couple of speakers, sometimes with cut-off wires still dangling from them. Most people, being either honest or not in the market for speakers, will pass up the offer. (seriously, would you buy speakers out of the back of a van from some dude in a parking lot?) But every so often, there's one person who figures the speakers are stolen, and he'll get a really good deal if he buys them. And sure enough, the way the guy selling them drops the price as they discuss it convinces him there's definitely something shady going on. So he hands over the money and buys the speakers ... which, when he gets home, he finds out are actually cheap junk, worth about half what he paid for them. What's he going to do? Go to the cops and say "I bought stolen property and the thief charged too much for it?" Yeah, right; he's been well and truly burned. And the guy with the van? He goes to another parking lot, takes another set of speakers out of their boxes, and does the whole thing again ... because he works for a stereo store, and they're making a fortune selling lousy speakers to suckers.
When I worked for Radio Shack, I had a customer who had been doing this for a while. He had no moral qualms at all about overcharging dishonest people who thought they were buying other people's stolen speakers, and frankly, I can't really say that I would either. They thought they'd found a deal that was too good to be true. And they had -- which meant it was either not good or not true. Or, in this case, both.
There's an old Latin phrase that applies: cui bono? Who benefits? In any business transaction, the first question to ask yourself is cui bono? Any time it looks like the answer is "you" it's time to start getting really, really suspicious. Businesses exist for their own benefit, not yours or mine; it's got something to do with the desire of the owners to be able to buy groceries, or maybe a bigger yacht, but either way, it's for them. Period. Anyone who gets that wrong isn't in business long enough to matter, and anyone who says "we do it all for you" is lying. So one of these "free Minecraft" places is offering to give you something worth $27. Cui bono? If you were to actually get that free game, you would have to be delivering more than $27 worth of value to that business, or they'd be out of business really fast. A retail store wouldn't buy things for $50 each and sell them for $40, obviously; it would be the other way around. So if you were to get an item worth $27, you are giving them something worth more than that. What, exactly, can they get from you that is worth more than $27? The odds are "nothing" -- in which case, they're not going to be giving you said item. The cake is a lie, and so is the promised free Minecraft.
It's important to note that most of these scams always try to get people to advertise for them -- "Sweet! I got a free Minecraft code and it worked!" -- long before the end of the process, when they would supposedly be giving out that freebie. If there really was going to be a free game, why tell people to lie on their behalf when they could just tell the truth? It's another sign that they're not honest.
I have a rule of thumb that has stood me in good stead over many years: never do business with someone who thinks that deception is a valid way to open a business relationship. For example, in my snail mail recently, I got an envelope the size and shape of a Christmas card, that appeared to be hand-addressed, and even had a real stamp on it, not a "presorted first class" thing. What was inside? An ad from a local insurance salesman. He wanted to trick me into opening his ad ... but I'm not going to do business with someone who thinks that fooling his customers is a good idea. What else does he intend to try to deceive me about? And the same thing applies to the "1 millionth visitor" ads ... if they start out by lying to me, what else are they going to lie about? The first criterion I have about any business I intend to deal with is wanting someone who does not intend to cheat me. When they start out by lying to me, they've demonstrated right up front that they will. I'll do business with someone who at least has not started out by giving me a good, solid reason not to trust them.
tl;dr: If it sounds too good to be true, it's either not good or not true.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
Support and click "" if you like!
I would like to see what they find. Remember, that we are only letting the malware run in an isolated area. Do not sign in with anything while following these steps. Download tools before even visiting the potentially melicious site, because drive-by downloads are easy to set up if you know how to set up angler ek, and the malware might block antimalware sites.
~Gilbat
And also a good rule of thumbs, if it's too good to be true, it probably is.
New Skyblock Server! Come check it out!
IP: SkyblockUniverse.beastmc.com
Or you could just get an antivirus.
"I know there are people in the world that do not love their fellow human beings, and I hate people like that." -Tom Lehrer
http://www.youtube.com/user/JaidenVGames
The usual requirement from one of these sites is for the sucker to post "I got a free Minecraft gift code from www.example.com" on three (it's usually three, but it can be more) forums in order to get whatever cake they're dangling.
Now, think about it a bit: Let's say someone does so. We'll call him JoeSucker for the sake of discussion. JoeSucker, having seen one of these things here before we caught and eradicated it, decides he wants a great deal like that, too (he believes that something too good to be true is in fact somehow both good and true) so he goes to the designated site, gives them all the personal information he should be too smart to give anyone, and before he moves on to the next step (generally completing three of some number of actually impossible "offers") is told to post the same scam link on three forums, just like the guy who did it to him. So, not being too bright (or at least not thinking about it much), JoeSucker dutifully proceeds to spam up MCF and a couple of other sites with said link. Now ... imagine, if you can, that -- as JoeSucker believes -- the site isn't a scam. Just like Bill Gates is going to give you a million dollars if you forward that email and a Nigerian prince wants you to launder money for him, they really are giving out free Minecraft gift codes to people who do all the things they ask for. So ... JoeSucker posts that link ... some random person clicks on it ... they go to the scam site. How, exactly is said scam site going to know that it was the link that JoeSucker posted and not the one that JuanEstúpido posted instead? Or the one that HansDummkopf posted last week? That is, how do they know which sucker to credit?
Obviously they can't. It could be any one of those people, or thousands of others, who all posted exactly the same link to exactly the same scam. They're telling you that one of the mandatory steps to getting the cake is to do something that, in fact, they have no way of telling if you've done or not. If they can't tell if you've done it, that means they don't care if you do it. And why wouldn't they care if you do it? Well, if doing X is a condition of getting Y, and there is no way for the Y-giver to test if you've done X, that means it doesn't matter. They never intended to give out Y, so they don't care if you've done X or not. They never intended to give out a free Minecraft gift code, so it doesn't matter how much you spam on their behalf, as requested or ten times as much or not at all. So just by looking at that one thing they're asking, you can be absolutely certain that it's a scam.
Looking at it from the inside: I run a blog. I regularly study my blog stats, hoping against hope that people have read it (which they usually haven't). One of the stats Wordpress supplies is referrer information -- that is, where incoming readers came from. If they followed a link, like the one I have in my signature, it will tell me where the link was from. For example, someone went to that blog from a link in a particular thread ... amusingly enough, one that I locked almost a year ago ... and, though I can tell where they came from, I can't tell who they are. I know they followed a link from a particular page, but not which post on that page, let alone who posted it. For that matter, I'm only assuming they followed the link in my sig -- for all I know, one of the other posters in that thread had "go read Aky's blog" in his sig, and then took it out again before I looked. So I have no way to tell, from my referrer stats, (and what the blog site gives me is basically what's in the site referrer log, tidied up a bit for non-expert viewing) who that person was, what link on the page they followed, or anything else about them or the link, save that it was on a specific page on MCF. And exactly the same thing is true of "post this spam to 3 forums". It's a lie on the face of it.
tl;dr: Someone who lies to you about one thing will lie to you about another. And if it's too good to be true, either it's not good or it's not true.
p.s. This is obviously somewhat different for spam that features an affiliate code, like www.example.com/scam.php?ref=123. They're still just as much scams, just as much lies, and just as much forbidden on pretty much every forum on the Web, but they do it slightly differently. They know who's working how hard to get that cake -- but the cake is still a lie. Read all the rest of this thread. Any time you think that what you can do in 15 minutes is worth $27 to some random company, ask yourself why they'll pay you to do it once instead of paying someone minimum wage for three hours to do it repeatedly. But that's a subject for another post.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
I read a post here on MCF the other day that showed the results of falling for a different version of the scam. I wasn't going to post, as I'm not nearly as active on the forums as I used to be, but then I got a rather interesting phishing email that made me think about the forum post, and decided to necro my old thread about not falling for scams to natter on about it for a bit.
The post in question was from someone who'd had his Minecraft account stolen. Some website promised to allow him to create custom texture packs, but before he could do so, it requested his MC login information. He dutifully gave it his username and password, and then came to the forums quite distraught when his account was subsequently jacked (and probably sold) by whoever he'd given that username and password to. He never thought about why he should give it to them, or whether that was a good idea in the first place; he just did what he was told, and lost his account.
This was brought to mind by a phishing email I got today. It appeared to be perfectly legitimate -- from a certain company, to the email address reserved for email from that company, etc. But I didn't even have to look at the URLs it linked to in order to know it was bogus. (and oh, was it ever bogus) Why? Because it referenced an abandoned shopping cart on their website. Good so far as it goes ... but I'd never used their online store -- I'd only registered a device I'd bought from a physical store with them, for updates -- so there was no way any such cart could exist. It didn't make sense -- and, sure enough, it was as phony as a three-dollar bill. A couple of seconds worth of thought showed me that. (and that the company in question is the latest to get hacked)
Someone who gives their login info for a game to any random website for any reason is not thinking. The classic "we think you're sharing an account; give us your password to prove that you aren't" scam -- which I've seen, in one form or another, for longer than some forum members here have been alive -- is a perfect example. Think about it for a minute: You are playing BigMMO. In order to log in, you naturally have to use your password. Supposedly BigGameCompany wants you to prove that you know your password. But, given that you use it every time you play the game, of course you know that password, and BigGameCompany knows that you know it -- you couldn't be playing their game if you didn't. If you think about the whole thing for 10 seconds, it's blatantly obvious. And yet, for as long as I've been playing MMOs I've watched game companies take extraordinary measures, both educational and technical, to get their players to not go around giving out their passwords to whatever random dweeb asks for them. Unsuccessfully. Because people are not thinking.
Would you scatter copies of your house key, with little tags giving your address, all over town? Of course not; you don't know who might pick one up. You'd only give your key to someone you trusted absolutely and who had a reason to have it that couldn't be handled any other way, like just being home to let them in. The same goes for login information: your password is the house key, and your username is your address. Why does someone want your key? And if they're someone who should legitimately have it, why do they have to get it from you instead of having it already?
Think about that last part: Say you live in multi-unit housing ... an apartment building, a college dorm, whatever. The management has a passkey for all the locks. Some dude you've never seen before comes to you and says "hey, there's a water leak in your room, I need your key so we can fix it." Are you just going to hand over your key to this random stranger? One would hope not. You'd think about it for that critical 10 seconds. "I haven't seen any leak ... the building manager has a passkey to let repairmen in ... and I have no clue who this dude is" and tell him to get lost; calling the cops optional.
It's the same thing: THINK. Think about what someone asked for, and whether it makes sense. Think about why they might want to know that. Think about the whole situation. Just. Plain. Think.
If people spent as much time thinking about whether they want to hand over their MC login information to hackers, their bank account information to online scammers, their money to spammers hawking things I can't even talk about on MCF, etc., as they do thinking about what clothes they're going to wear today*, there wouldn't be any such scams because the pool of suckers they depend on would have long ago dried up.
tl;dr: The cake is a lie. The root user knows all. Something too good to be true is either not good or not true.
*not applicable to those of us who just grab the next jeans from the pants stack and the next T-shirt from the shirt stack
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
Wonderful post. It always bothers me when people come here saying something is wrong with their account. They should go to Mojang with problems with their account, but that's not the whole reason. Most people complain about that their password or email for their account changed, but why would this happen unless they were idiotic enough to give their information out.
About your OP, I've only seen one spam site that promised free accounts, though it was before I got my Forums account. It was actually pretty well made, but it had the system of pasting spam across different forums like you described. However, this site also allowed you get an account through answering a poll. However this poll had simple questions, like "What are your favorite M&M's," that would have no relation to the site and probably just installed viruses and other nasty stuff on your computer.
Wow, I never even realized that! I've always been suspicious about polls, but I could never quite put my finger on why I didn't trust them.
As someone who works as a senior adviser for one of the largest banks in the world, that is EXACTLY the purpose of these kind of sites. Most information about all of us is public records, these personal interest questions are the bread and butter of credit card fraud and identity theft.
Which is why I could tell the world my favorite color is orange and it will do nobody any good at all cracking my accounts; if the "secret question" is what my favorite color is, I'll answer, for instance, "minecraft". I have a pattern for what I answer verification questions with, which I know but nobody else does, so I can always produce the same answer, but it's not actually an answer to that question.
Likewise, I have a system for setting up high-security passwords that guarantees I can always recreate the password for a given site, but it's still gibberish. I don't have to write it down on a stickynote under my keyboard, or use some password-manager software that gathers all my security problems into one place; I can always work out what it's supposed to be, but it's not the same for any two places.
Neither of these is anything that any person with two brain cells to rub together can't do. Then again, people with two brain cells to rub together wouldn't be falling for 419 scams, handing over their Minecraft passwords to random websites, or wiring money via Western Union to strange people on the phone who claim they're with the IRS and they'll send someone to arrest you if you don't pay them off immediately.
Speaking of which, I got one of those phone calls a while ago ... I rather enjoyed mocking the scammer, starting with pointing out that the IRS -- or any American -- would know how to pronounce my name, unlike him ... and wasted about ten or fifteen minutes of his time making fun of him before I was laughing too hard to be able to continue. Yes, I do have an evil streak. Also more than two functional brain cells.
It all comes down to the same thing: think. That's what something like the fake-IRS scam depends on: people not thinking. People always ask you to do things that benefit themselves. That includes "do this right now, before you take any time to think about it." If me not thinking about something is beneficial to whoever wants me to do it, that's a pretty good sign that I'd better think about it, and think long and hard. (yes, "Limited time offer! Buy now!" is the same thing; it's very rare that you can't get at least as good a deal after you've had time to think about it) They try to do it to you in person at car dealerships, by mail from cable TV companies, etc., but they're all trying to do the same thing: get you to make a decision before you think about it. And when someone is trying to get you to make a decision without thinking about it, you can be pretty sure that you would not make the same decision if you did think about it. So ... think.
P.S. my favorite color is not orange; I like being mysterious.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
If only people used that same mysterious rare gift you have acquired through some kind of dark magic Akynth, that gift known only as "Common Sense". ^-^