I just saw another spam post for, supposedly, free Minecraft. It was "from" (supposedly) someone who has been a member of this forum for over a year.
There are several things I can pretty much guarantee about that:
1. The person didn't get a free copy of Minecraft, or anything like it.
2. He probably lost his forum account, too.
3. He didn't post that; either his computer his now infected with malware, or his forum account is compromised, or both.
For those of you inclined to go to these websites and give them your information, or download whatever they're offering, because you think you'll get something for nothing, remember this:
If something is too good to be true, it's either not good, or not true.
Nobody is giving out free copies of Minecraft (or any other program). They're not giving you money if you forward their email chain letters, either. If they're promising you that they will, they have some ulterior motive, and it's not good for you. The kind of people who spam up forums are, by their very nature, selfish. They're in it for themselves. Doing anything you want (like stealing from people like Notch on your behalf) is not in their plan at all.
Don't be a bloody idiot. They're not giving you something for nothing; they're taking you for whatever they can get. That's your forum account at the very least, and quite possibly your Minecraft registration, your email account, and even your computer -- which they can add to a botnet, use to scam your friends, or jack more information from than you even knew you had stored there. I say again, don't be a bloody idiot. This means you.
If someone is offering "free Minecraft codes" or anything of the kind, just report them to the mods, because they're not doing it to give; they're doing it to take.
Badprenup reminded me to add: Be sure to mention the URL in your report and ask that it be added to the spam filter.
Usually common knowledge but a good post nonetheless. Also, when you report be sure to mention the URL and request it be added to the spam filter
Rollback Post to RevisionRollBack
Want some advice on how to thrive in the Suggestions section? Check this handy list of guidelines and tips for posting your ideas and responding to the ideas of others!
Well I certainly hope someone with the brain wouldn't fall for them referral links.
So do I ... but I've seen, in the fairly brief time I've been here, several cases where a new account posted one, followed hours later by one or more older accounts posting the same thing -- almost certainly the same person who had hijacked the forum accounts. Apparently nobody ever went broke underestimating the IQ of the average forum member, either.
And we see it again. A user who has been on the forums for over a year, and posting about once a month, suddenly starts spamming up the place with posts giving away free Minecraft gift codes. His earlier posts are simple paragraphs, no formatting at all, and suddenly he uses multiple font sizes, colors, etc., just like the typical spammer. Kinda makes you go hmmmmm.....
Looks like someone else fell for a "free stuff" ad (not necessarily for Minecraft), got his very own keylogger, had his forum account hijacked, and now the spammers are using it to try to rope in other suckers.
Let's look at it a bit more closely: he claims he got 20 Minecraft gift codes in exchange for answering surveys. Well, I used to do surveys for a reputable company back before Borders went under, because I could get "Borders Bucks" and I'm a bookaholic, so I know a bit about real surveys. A survey that takes me about 10 minutes (and I'm very fast) would work out to about $2 worth of points, so for one copy of Minecraft, that would require 13 surveys, or over two hours (even if you he just put in random answers, they're multi-page things and loading time becomes significant). If we assume that's about average for the survey business, this guy is expecting us to believe that he just answered 260 surveys, spending over 43 hours doing so, a full work week (or more if you're slower), and he's not going to give them to his friends, or his family, or even the people who have begged for free registration here in the Minecraft forums. No, he's going to give the results of his 43 hours of work to random strangers who just happen to email him. Starts looking very interesting when you analyze it, no?
Yeah. I totally believe him. Not.
I say again: If it's too good to be true, it's either not good or it's not true. In this case, I'd guess it's both.
The OP might want to change the thread title as originally i thought this was another spam thread about free minecraft.
That aside, I don't think anyone should be doing surveys as they are a waste of time and a sacrifice of privacy. There is no such thing as free minecraft codes, there always is a catch or what most call "The Fine Print". If you like the game, support Mojang and buy it; period.
The OP might want to change the thread title as originally i thought this was another spam thread about free minecraft
That's exactly why I used the title I did.
I wanted to catch the attention of people who were likely to read threads offering them "free" stuff. Most people are clueful enough not to fall for that sort of thing, but there are always a few (the guy whose posts today brought this back to mind, for instance) who will, and I figure if they're the kind of people who are naive enough to think they can get something for nothing, hopefully they'll read this thread, too, and realize why the only thing they'll get free is a computer full of trojans and keyloggers.
So, yeah, the title is intentional. I'm trying to get exactly the same sort of people who would read a real spam thread to read this before they get suckered.
p.s. The particular survey company I was doing them for was not one of the ones people keep spamming for. Their surveys were for things like business decision making, etc. -- rather more selective. What I got from them (Borders Bucks, back when there was still a Borders) was worth the time and privacy. But overall I agree, any "survey" that's looking for meaningless answers from random Internet users doesn't care about your responses, they care about your information and what they can sell you.
Heh, the title worked, I clicked on it with full intention of removing it
I'm sure you're far from the first, though I think most of the mods know about it by now. I'm glad to know it's working!
As such, you see newly created accounts posting "free MC codes!" etc. etc.
What's disturbing isn't so much the newly created accounts -- they're just your garden-variety spammers -- but the ones that are a year or more old. Those are real forum users, real Minecraft players, who got fooled by one of the spammers, and now have computers full of malware and their accounts (here and elsewhere) are being hijacked and used to spam. Since they're established Minecraft players, they probably didn't get suckered by "free Minecraft" spam -- more likely "free Call of Duty" or something, somewhere else. Then they got keylogged, the relevant criminals got their forum information for here, and they promptly used the accounts to post bait they want to use to phish people here. And, sadly, sometimes it works.
I think someone should make a petition and tell mojang to take their Terms and Conditions more seriously. Well, that's just my opinion.
It doesn't help.
Blizzard takes their TOS and the protection of their rights, real and presumed, very seriously (remember the battle.net lawsuit, some years back?), yet there is a constant problem with bogus "game time", "beta invites", and just about everything else for World of Warcraft.
The reason scammers do this is because it works. The reason it works is because there are enough people who are clueless enough to believe that they can get something for nothing (TANSTAAFL), and something that looks too good to be true is both good and true (it isn't). No matter what a game company does, as long as there are suckers, there will be spammers.
Hence my approach of attacking the problem from the other end: We can't get rid of the spammers, but we can get rid of the suckers. The way to get rid of the suckers is to make them not-suckers -- that is, to educate them. If we can get it across to everybody who's likely to fall for this sort of thing that it's a scam, then there will be too few suckers to make it profitable for the scammers, and the scammers will go back to pretending to be Nigerian princes or something.
Obviously I can't do it alone. No one person can. But I can be a star thrower* -- I can help a few people, and it matters to them. Each of us can. When you think about gamers, we're quite an ecosystem. Few if any gamers exist in a vacuum; we all talk to each other, share information with each other, and so on. One of the things we should be telling each other -- a thing that someone is clearly not telling the people who are getting suckered into trying for "free" stuff and losing their game/forum/email/etc. accounts over it -- is that these scams are just that, scams.
Somehow, all of us gamers seem to find out very quickly about everything else that matters; we need to make sure that one of the things everyone finds out about is scammers, so that the pool of victims dries up.
Heh, the title worked, I clicked on it with full intention of removing it
OT: Although most people know by now that reporting those threads is their best option, many users can easily fall for that trap.
As such, you see newly created accounts posting "free MC codes!" etc. etc.
I think this topic is very helpful for people who are new to the forums, it helps them realize that they are fake.
And for everyone reading this, we do our best to remove all those topics from the forums, but, if you see one, report it.
I agree, the title worked. I clicked it with the intention or reporting it. Many "suckers" may have clicked it thinking they would get free minecraft. However, at the end of the day we come to the conclusion "There is no such thing as a free lunch"
I know one way but it would be expensive: someone puts an ad on youtube saying why you shouldn't use these scams (a bit like a no smoking ad on TV) and I'm sure that would take out a good chunk (no minecraft pun intended) of the people fooling for the scam. If I could I would, but right now I need all the money I have for something that will happen.
Well, you might not be able to afford an ad, but how about making a warning video? That might be the YouTube equivalent of this topic -- something that gets people who want a free lunch to watch it, and then explains why there ain't no such thing as a free lunch. If every person in this forum who has a YouTube channel took ten minutes to make a video like that and slapped it up with their seed showcases, build tutorials, and whatnot, that would be a lot of coverage, and it could reach a lot of people. Maybe some of the right people. No, it wouldn't be perfect. But it doesn't have to be.
There is a saying attributed to Voltaire: "The perfect is the enemy of the good." If we try to come up with a solution that does everything, we end up not doing anything. That's why my anti-scam posts: I know they're not perfect, and won't reach everybody. But if I didn't do them because I was trying to think of a solution that would indeed reach everybody, in the meantime I wouldn't reach anybody. That's why "The Star Thrower" by Loren Eiseley has so much meaning to me (it has been re-used, generally without credit, many times, by the way). We can't do everything. The guy couldn't save every beached starfish. But even one is better than zero.
Nice post. I would like to add something
Look at their name and information, a player on the forums with no information (Location, IGN, ect)
The name, if it is something generic like "DiamondMiner1234567" or "CreeperKiller1" saying it will most likely be a fake spambot. On youtube, if you see a guy with the name like "Joe Joeson" or "Bill Jackson" will be a fake. Watch out for those generic things.
Rollback Post to RevisionRollBack
A very Smart, Strong and very Annoying one of a kind, Nyanja. If you dont know what that is, please contact my cousin, Nyan cat.
(note: this was written in reply to an actual "free Minecraft" post in this thread, which the mods quickly deleted, if you're wondering what I'm talking about)
Well, this is a new one: a scammer posting in a thread WARNING ABOUT SCAMMERS!
Since it is on the second page, I'll repeat this here:
If something is too good to be true, it's either not good or not true.
If there's anyone who has the faintest thought of believing what that guy said, go read my first post. You'll find it here: READ THIS.
I'm having a look at that particular scam site now, by the way. (do not do this at home! I have a tablet I use specifically for poking at suspicious websites; I would never do that on my real computer!)
Interesting: one of the requirements is to spam three places with their ad -- they even provide a convenient (and suspiciously familiar) pre-formatted spam for the purpose. That makes checking it out a bit trickier: I'll do a lot for science (or at least spambusting) but becoming a spammer myself is not part of it. And I'm too lazy to set myself up some bogus forums just for the purpose. I'm almost tempted to do so, though, for one reason: it says "our servers will check if all steps are completed." While that is clearly bogus -- there's no way they can tell who posted their spam on, say, this forum -- it could be me, or you, or Vladimir Putin -- so of course someone will wait forever for "checking status" to change -- I'm nonetheless curious as to what sort of bot footprints might go marching through my logfiles. Probably none (which is why I'm not going to bother making it some bogus Minecraft forums to look at) but it is intriguing.
So, the results of preliminary analysis:
First, of course, it's bogus. (like anyone with two clues to rub together really needed me to tell them that, but just in case)
Rather to my disappointment, the "sharing" step didn't seem to produce anything at all. Of course, they could have wised up and know about disposable email address sites (which, naturally, I used); I suppose I should make a suitable bogus email alias on a more real domain that I could use for testing, but the laziness issue kicks in again; that's too much work to do just to poke at a scammer.
They want people to spam three other places, so they have remarkably self-multiplying spam. There is no way they can verify whether that step was completed by the user sucker, so they spread more spam, but give nothing.
So, after one waits forever for a "verification" that never happens, the natural decision is to move on to the "click here to skip posting and reveal the content" option. Now there we find some more interesting things. It's another website, by the way -- similar name, but it probably stays the same when they discard the others due to blockage and/or complaints to their hosts.
There, I see the usual "complete these free offers..." crap -- if you've ever looked into those, you'll know they're impossible, as intended. The kind of suckers they're after aren't going to do all that for nothing. But ah, here we go ... a downloadable "Minecraft Codes Generator"! I knew there had to be one somewhere.
That's where the payload is. They did a lot of work to disguise it -- all sorts of "options" that are not intended to work -- but there it is: the malware. This whole elaborate thing, with two websites, recruitment of more spammers, and all, is geared to getting you to download that little .exe file. They might gather something from suckers trying to complete impossible "free offers", too, but the big one for them -- the one they know their victims are going to go for sooner or later -- is that download.
I'm not quite crazy enough to download that and take it apart. I don't happen to have a secure Windows system for malware investigation right now, and I'm not about to let it near any of my real computers. But I guarantee you, that's the payload. The whole thing is geared to getting that onto the sucker's computer, at which point they own it.
So ... free trojans! Free keyloggers! Free botnet membership! But, of course, not free Minecraft.
Again: If something is too good to be true, it's either not good or not true. TANSTAAFL.
Well, this is a new one: a scammer posting in a thread WARNING ABOUT SCAMMERS!
Since it is on the second page, I'll repeat this here:
If something is too good to be true, it's either not good or not true.
I once cracked one of these so called "free Minecraft account downloads". The txt file had nothing but utter rubish. The accounts were obviously fake with usernames such as CreeperMan or TNTguy. What's even more ridicoulous was the passwords! Who the heck would use abcd or monkey as a password?
I once cracked one of these so called "free Minecraft account downloads". The txt file had nothing but utter rubish. The accounts were obviously fake with usernames such as CreeperMan or TNTguy. What's even more ridicoulous was the passwords! Who the heck would use abcd or monkey as a password?
Oh, given the usernames I've seen on these forums, not to mention the XBox gamertags, I wouldn't bet against it. And as for the passwords, it's disturbing how many supposedly intelligent adults use "password" and the other really lame options in the top 10 bad passwords list. They're probably quite real ... provided by people who fell for the "give us your info and get a free Minecraft account" ploy. Yeah, they're giving the suckers' passwords to each other! I suppose that is a sort of poetic justice, but the scammers are still scumbags, and I want to put them out of business. The most practical approach is to educate enough of their targets so that a computer form of "herd immunity" makes the whole thing unprofitable, and they have to go back to pretending to be Nigerian princes or something.
What discourages me is the fact that the Nigerian 419 scam is about as well-known as any scam could be, and it has been around in some form since the 1500s. Yeah, advance fee scams have been around longer than North American has been settled by Europeans. (they used to write letters saying they were a prisoner in a Spanish castle and needed money to bribe their guards) Yet despite this, people still fall for it on a regular basis. Not just 12-year-olds who want to play a videogame, but adults smart enough to have saved tens of thousands of dollars, which they promptly hand over to the scammers. I know there's a sucker born every minute, but one would think that out of all the scams out there, after hundreds of years, they'd at least have heard of this one!
One thing nearly all scams have in common, though, is this: they rely on the dishonesty of their victim. While it's not true that you can't scam an honest man (I've seen at least one -- the "I want to leave my money to a religious institution" that might work if it happened to target a pastor) it is certainly a whole lot harder. Look at your typical 419 scam: the victims are people who are willing to launder money, and violate at least two countries' laws. Among the other common ones are those that purport to be from a dishonest bank employee who wants the sucker to pose as a relative of a dead person, and all the innumerable "mistaken identity" ones (such as winning a lottery you never entered) that target suckers willing to do a little identity theft,= rather than just saying "hey, you've got the wrong person; that's someone else." And, of course, people who want stolen Minecraft account names and passwords.
If you don't expect something for nothing, if you remember there ain't no such thing as a free lunch, if you know that anything that looks too good to be true is either not good or not true, and if you aren't willing to do something dishonest for a promised reward, your chances of being scammed are much, much lower.
There are several things I can pretty much guarantee about that:
1. The person didn't get a free copy of Minecraft, or anything like it.
2. He probably lost his forum account, too.
3. He didn't post that; either his computer his now infected with malware, or his forum account is compromised, or both.
For those of you inclined to go to these websites and give them your information, or download whatever they're offering, because you think you'll get something for nothing, remember this:
If something is too good to be true, it's either not good, or not true.
Nobody is giving out free copies of Minecraft (or any other program). They're not giving you money if you forward their email chain letters, either. If they're promising you that they will, they have some ulterior motive, and it's not good for you. The kind of people who spam up forums are, by their very nature, selfish. They're in it for themselves. Doing anything you want (like stealing from people like Notch on your behalf) is not in their plan at all.
Don't be a bloody idiot. They're not giving you something for nothing; they're taking you for whatever they can get. That's your forum account at the very least, and quite possibly your Minecraft registration, your email account, and even your computer -- which they can add to a botnet, use to scam your friends, or jack more information from than you even knew you had stored there. I say again, don't be a bloody idiot. This means you.
If someone is offering "free Minecraft codes" or anything of the kind, just report them to the mods, because they're not doing it to give; they're doing it to take.
Badprenup reminded me to add: Be sure to mention the URL in your report and ask that it be added to the spam filter.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
Want some advice on how to thrive in the Suggestions section? Check this handy list of guidelines and tips for posting your ideas and responding to the ideas of others!
http://www.minecraftforum.net/forums/minecraft-discussion/suggestions/2775557-guidelines-for-the-suggestions-forum
So do I ... but I've seen, in the fairly brief time I've been here, several cases where a new account posted one, followed hours later by one or more older accounts posting the same thing -- almost certainly the same person who had hijacked the forum accounts. Apparently nobody ever went broke underestimating the IQ of the average forum member, either.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
My fan fiction of the game: http://www.minecraftforum.net/topic/1957118-programmer-my-first-fan-fiction/#entry24096758
Looks like someone else fell for a "free stuff" ad (not necessarily for Minecraft), got his very own keylogger, had his forum account hijacked, and now the spammers are using it to try to rope in other suckers.
Let's look at it a bit more closely: he claims he got 20 Minecraft gift codes in exchange for answering surveys. Well, I used to do surveys for a reputable company back before Borders went under, because I could get "Borders Bucks" and I'm a bookaholic, so I know a bit about real surveys. A survey that takes me about 10 minutes (and I'm very fast) would work out to about $2 worth of points, so for one copy of Minecraft, that would require 13 surveys, or over two hours (even if you he just put in random answers, they're multi-page things and loading time becomes significant). If we assume that's about average for the survey business, this guy is expecting us to believe that he just answered 260 surveys, spending over 43 hours doing so, a full work week (or more if you're slower), and he's not going to give them to his friends, or his family, or even the people who have begged for free registration here in the Minecraft forums. No, he's going to give the results of his 43 hours of work to random strangers who just happen to email him. Starts looking very interesting when you analyze it, no?
Yeah. I totally believe him. Not.
I say again: If it's too good to be true, it's either not good or it's not true. In this case, I'd guess it's both.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
That aside, I don't think anyone should be doing surveys as they are a waste of time and a sacrifice of privacy. There is no such thing as free minecraft codes, there always is a catch or what most call "The Fine Print". If you like the game, support Mojang and buy it; period.
That's exactly why I used the title I did.
I wanted to catch the attention of people who were likely to read threads offering them "free" stuff. Most people are clueful enough not to fall for that sort of thing, but there are always a few (the guy whose posts today brought this back to mind, for instance) who will, and I figure if they're the kind of people who are naive enough to think they can get something for nothing, hopefully they'll read this thread, too, and realize why the only thing they'll get free is a computer full of trojans and keyloggers.
So, yeah, the title is intentional. I'm trying to get exactly the same sort of people who would read a real spam thread to read this before they get suckered.
p.s. The particular survey company I was doing them for was not one of the ones people keep spamming for. Their surveys were for things like business decision making, etc. -- rather more selective. What I got from them (Borders Bucks, back when there was still a Borders) was worth the time and privacy. But overall I agree, any "survey" that's looking for meaningless answers from random Internet users doesn't care about your responses, they care about your information and what they can sell you.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
I am getting sick of seeing all these spam posts everywhere, so I always report them when I can. Any newcomers viewing this post should do the same!
I'm sure you're far from the first, though I think most of the mods know about it by now. I'm glad to know it's working!
What's disturbing isn't so much the newly created accounts -- they're just your garden-variety spammers -- but the ones that are a year or more old. Those are real forum users, real Minecraft players, who got fooled by one of the spammers, and now have computers full of malware and their accounts (here and elsewhere) are being hijacked and used to spam. Since they're established Minecraft players, they probably didn't get suckered by "free Minecraft" spam -- more likely "free Call of Duty" or something, somewhere else. Then they got keylogged, the relevant criminals got their forum information for here, and they promptly used the accounts to post bait they want to use to phish people here. And, sadly, sometimes it works.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
It doesn't help.
Blizzard takes their TOS and the protection of their rights, real and presumed, very seriously (remember the battle.net lawsuit, some years back?), yet there is a constant problem with bogus "game time", "beta invites", and just about everything else for World of Warcraft.
The reason scammers do this is because it works. The reason it works is because there are enough people who are clueless enough to believe that they can get something for nothing (TANSTAAFL), and something that looks too good to be true is both good and true (it isn't). No matter what a game company does, as long as there are suckers, there will be spammers.
Hence my approach of attacking the problem from the other end: We can't get rid of the spammers, but we can get rid of the suckers. The way to get rid of the suckers is to make them not-suckers -- that is, to educate them. If we can get it across to everybody who's likely to fall for this sort of thing that it's a scam, then there will be too few suckers to make it profitable for the scammers, and the scammers will go back to pretending to be Nigerian princes or something.
Obviously I can't do it alone. No one person can. But I can be a star thrower* -- I can help a few people, and it matters to them. Each of us can. When you think about gamers, we're quite an ecosystem. Few if any gamers exist in a vacuum; we all talk to each other, share information with each other, and so on. One of the things we should be telling each other -- a thing that someone is clearly not telling the people who are getting suckered into trying for "free" stuff and losing their game/forum/email/etc. accounts over it -- is that these scams are just that, scams.
Somehow, all of us gamers seem to find out very quickly about everything else that matters; we need to make sure that one of the things everyone finds out about is scammers, so that the pool of victims dries up.
*re: essay by Loren Eiseley
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
I agree, the title worked. I clicked it with the intention or reporting it. Many "suckers" may have clicked it thinking they would get free minecraft. However, at the end of the day we come to the conclusion "There is no such thing as a free lunch"
Well, you might not be able to afford an ad, but how about making a warning video? That might be the YouTube equivalent of this topic -- something that gets people who want a free lunch to watch it, and then explains why there ain't no such thing as a free lunch. If every person in this forum who has a YouTube channel took ten minutes to make a video like that and slapped it up with their seed showcases, build tutorials, and whatnot, that would be a lot of coverage, and it could reach a lot of people. Maybe some of the right people. No, it wouldn't be perfect. But it doesn't have to be.
There is a saying attributed to Voltaire: "The perfect is the enemy of the good." If we try to come up with a solution that does everything, we end up not doing anything. That's why my anti-scam posts: I know they're not perfect, and won't reach everybody. But if I didn't do them because I was trying to think of a solution that would indeed reach everybody, in the meantime I wouldn't reach anybody. That's why "The Star Thrower" by Loren Eiseley has so much meaning to me (it has been re-used, generally without credit, many times, by the way). We can't do everything. The guy couldn't save every beached starfish. But even one is better than zero.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
Look at their name and information, a player on the forums with no information (Location, IGN, ect)
The name, if it is something generic like "DiamondMiner1234567" or "CreeperKiller1" saying it will most likely be a fake spambot. On youtube, if you see a guy with the name like "Joe Joeson" or "Bill Jackson" will be a fake. Watch out for those generic things.
Mini Nova.
"Every time a bat gets killed, a miner falls in a pit of lava while carrying half a stack of diamonds."
Well, this is a new one: a scammer posting in a thread WARNING ABOUT SCAMMERS!
Since it is on the second page, I'll repeat this here:
If something is too good to be true, it's either not good or not true.
If there's anyone who has the faintest thought of believing what that guy said, go read my first post. You'll find it here: READ THIS.
I'm having a look at that particular scam site now, by the way. (do not do this at home! I have a tablet I use specifically for poking at suspicious websites; I would never do that on my real computer!)
Interesting: one of the requirements is to spam three places with their ad -- they even provide a convenient (and suspiciously familiar) pre-formatted spam for the purpose. That makes checking it out a bit trickier: I'll do a lot for science (or at least spambusting) but becoming a spammer myself is not part of it. And I'm too lazy to set myself up some bogus forums just for the purpose. I'm almost tempted to do so, though, for one reason: it says "our servers will check if all steps are completed." While that is clearly bogus -- there's no way they can tell who posted their spam on, say, this forum -- it could be me, or you, or Vladimir Putin -- so of course someone will wait forever for "checking status" to change -- I'm nonetheless curious as to what sort of bot footprints might go marching through my logfiles. Probably none (which is why I'm not going to bother making it some bogus Minecraft forums to look at) but it is intriguing.
So, the results of preliminary analysis:
First, of course, it's bogus. (like anyone with two clues to rub together really needed me to tell them that, but just in case)
Rather to my disappointment, the "sharing" step didn't seem to produce anything at all. Of course, they could have wised up and know about disposable email address sites (which, naturally, I used); I suppose I should make a suitable bogus email alias on a more real domain that I could use for testing, but the laziness issue kicks in again; that's too much work to do just to poke at a scammer.
They want people to spam three other places, so they have remarkably self-multiplying spam. There is no way they can verify whether that step was completed by the
usersucker, so they spread more spam, but give nothing.So, after one waits forever for a "verification" that never happens, the natural decision is to move on to the "click here to skip posting and reveal the content" option. Now there we find some more interesting things. It's another website, by the way -- similar name, but it probably stays the same when they discard the others due to blockage and/or complaints to their hosts.
There, I see the usual "complete these free offers..." crap -- if you've ever looked into those, you'll know they're impossible, as intended. The kind of suckers they're after aren't going to do all that for nothing. But ah, here we go ... a downloadable "Minecraft Codes Generator"! I knew there had to be one somewhere.
That's where the payload is. They did a lot of work to disguise it -- all sorts of "options" that are not intended to work -- but there it is: the malware. This whole elaborate thing, with two websites, recruitment of more spammers, and all, is geared to getting you to download that little .exe file. They might gather something from suckers trying to complete impossible "free offers", too, but the big one for them -- the one they know their victims are going to go for sooner or later -- is that download.
I'm not quite crazy enough to download that and take it apart. I don't happen to have a secure Windows system for malware investigation right now, and I'm not about to let it near any of my real computers. But I guarantee you, that's the payload. The whole thing is geared to getting that onto the sucker's computer, at which point they own it.
So ... free trojans! Free keyloggers! Free botnet membership! But, of course, not free Minecraft.
Again: If something is too good to be true, it's either not good or not true. TANSTAAFL.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
I once cracked one of these so called "free Minecraft account downloads". The txt file had nothing but utter rubish. The accounts were obviously fake with usernames such as CreeperMan or TNTguy. What's even more ridicoulous was the passwords! Who the heck would use abcd or monkey as a password?
Oh, given the usernames I've seen on these forums, not to mention the XBox gamertags, I wouldn't bet against it. And as for the passwords, it's disturbing how many supposedly intelligent adults use "password" and the other really lame options in the top 10 bad passwords list. They're probably quite real ... provided by people who fell for the "give us your info and get a free Minecraft account" ploy. Yeah, they're giving the suckers' passwords to each other! I suppose that is a sort of poetic justice, but the scammers are still scumbags, and I want to put them out of business. The most practical approach is to educate enough of their targets so that a computer form of "herd immunity" makes the whole thing unprofitable, and they have to go back to pretending to be Nigerian princes or something.
What discourages me is the fact that the Nigerian 419 scam is about as well-known as any scam could be, and it has been around in some form since the 1500s. Yeah, advance fee scams have been around longer than North American has been settled by Europeans. (they used to write letters saying they were a prisoner in a Spanish castle and needed money to bribe their guards) Yet despite this, people still fall for it on a regular basis. Not just 12-year-olds who want to play a videogame, but adults smart enough to have saved tens of thousands of dollars, which they promptly hand over to the scammers. I know there's a sucker born every minute, but one would think that out of all the scams out there, after hundreds of years, they'd at least have heard of this one!
One thing nearly all scams have in common, though, is this: they rely on the dishonesty of their victim. While it's not true that you can't scam an honest man (I've seen at least one -- the "I want to leave my money to a religious institution" that might work if it happened to target a pastor) it is certainly a whole lot harder. Look at your typical 419 scam: the victims are people who are willing to launder money, and violate at least two countries' laws. Among the other common ones are those that purport to be from a dishonest bank employee who wants the sucker to pose as a relative of a dead person, and all the innumerable "mistaken identity" ones (such as winning a lottery you never entered) that target suckers willing to do a little identity theft,= rather than just saying "hey, you've got the wrong person; that's someone else." And, of course, people who want stolen Minecraft account names and passwords.
If you don't expect something for nothing, if you remember there ain't no such thing as a free lunch, if you know that anything that looks too good to be true is either not good or not true, and if you aren't willing to do something dishonest for a promised reward, your chances of being scammed are much, much lower.
The golden age: it's not the game, it's you ⋆ Why Minecraft should not be harder ⋆ Spelling hints
+1 rep and +1 bump.