Star Trek Online

Star Trek Online (http://sto-forum.perfectworld.com/index.php)
-   C-Store, ZEN, and Promotions (http://sto-forum.perfectworld.com/forumdisplay.php?f=200)
-   -   Information Security and You (http://sto-forum.perfectworld.com/showthread.php?t=351921)

rikev 08-13-2012 08:43 AM

Information Security and You
 
For anyone who is tempted by the free Zen offers, please take a moment to have a browse through this security blog that I use run by the AV company Sophos. Yes this may have some bearing on their opinion in matters of personal security on the Internet but you will find similar messages on other security blogs.

http://nakedsecurity.sophos.com/tag/survey-scam/

This link in particular is a list of blog entries related to survey scams and what methods are used by the companies that run them to extract your personal information. Replace who is viewing your profile with Free Zen and you start to see the terrifying similarities that fill me with concern when dealing with PWE and STO.

I should note that PWE might well have a legitimate deal with these companies, but they make little to no effort to forewarn customers about the dangers of giving out personal information. This is dangerous not only for you, but any minors who happen to be using PWE's services and are tempted by these offers. As far as I care, PWE are engaging in a reckless business that should not be tolerated by any gamer and is far more dangerous then even the worst F2P model currently out there.

The basic construction of a survey scam is as follows:

1) Your attention is drawn to a scam with a hook or other promise such as a free iPad (Yes I have seen such promises on the survey link!)

2) You enter your personal information

3) You are tempted by other companies to enter personal information again for more rewards or spread the survey to your peers.

In nearly all such surveys, you do not get any reward. In fact, on here there are plenty of people enquiring why they are turned down for rewards or do not receive them. Someone has already found at least one survey with a hardcoded reward denial buried into the page.

The information gathered is then used to deliver more unwanted marketing material and spam, being traded on a black market between unsavoury individuals and to carry out fraud and/or identity theft. Unfortunately these black sheep in the industry give a negative reputation to those who genuinely use the surveys for responsible marketing.

The information acquired can also be used to guess passwords, security questions and other sensitive details. A number of scams may also covertly install malware on to your computer to capture more personal information or keystrokes such as your PWE login!

To protect yourself online:

1) Do not give out personal information to people you do not know. These companies are little more then people standing on a street corner with a clipboard!

2) Realise that free is not free and always comes at a cost, usually your privacy!

3) Be especially cautious of surveys asking for information that could be used to guess your security questions, such as maiden names, street names, pets, etc.

4) Don't assume that because a survey is offering prizes or affiliations with a major brand that they are actually linked to that brand. Common tactics use brand names as the hook even though the brand itself would be mortified to find it's trademark being abused.

5) NEVER EVER GIVE A SURVEY YOUR FINANCIAL DETAILS SUCH AS BANK NUMBERS OR CREDIT CARD DETAILS! Be especially wary of surveys offering a financial reward or requesting a fee.

6) You do not have to do anything that a survey tells you. You can always back out at any time and are under no legal obligation to provide any money or information to any of them. Your right to say no is never revoked.

7) Do not give out contact details, especially phone numbers or addresses as they can be used with other details revealed in the survey to carry out identity theft.

If you wish to take the risk and fill out the survey then please please please think first and decide if you want to put yourself at risk of spam, identity theft and misuse of your personal information. Please take these points into account!

@PWE/Moderators: I am sorry if I am treading on your business' revenue model here but the company shows a severe lack of responsibility when it comes to protecting the rights and information of it's customer base. Instead of locking/deleting this thread and waving the banstick around, I invite you to actively engage in conversation with the community about the blatant disregard for the welfare of your players! Please!

EDIT - For the record, I am not affiliated with Sophos or any other gaming company.

mb52 08-13-2012 11:37 AM

A good post with useful information.

I myself have begun to question PWE in how they themselves control our private information, and example is my email. Just recently I bought some Zen and had to confirm my email in order to transfer it. Ok.. I figured this is a financial deal, so I had it sent to my email that I use only for such things. As a result that email is normally spam free. Not even a day after I confirmed that I use that email, I've started to get flooded with spam from similar companies to those on this survey thing.

Feels to me like PWE may either be unwillingly or willingly selling email addresses.....


All times are GMT -7. The time now is 06:32 AM.