fraud
Latest
Online iPhone sales return to NYC
As Engadget is reporting, New York City residents can get back to buying their iPhones via AT&T's website after the strange outage that seemed to start yesterday kept them from doing so. It's been a rollercoaster of a story -- first we heard that they weren't being sold at all because of coverage issues, and then that was clarified to just online sales and only because of fraudulent online ordering. But as we predicted on the talkcast last night, AT&T didn't hold off on sales for long, and everything should be now back to normal. Unfortunately, we never actually heard what the fraud was, but that's not too surprising -- if there was a way to defraud AT&T's ordering process, it's unlikely they'd shout it from the rooftops anyway. And it's also not likely that we'll never know how many customers were actually affected. NYC is a big city, but there's no way we'll see official numbers on how many people couldn't buy iPhones because of the steps taken the other night. Considering that iPhone sales are off the charts in most markets anyway, it's doubtful that online sales in NYC missing for a day or two would make a dent in the numbers. In other words, nothing to see here. But just in case you were in NYC and trying desperately to buy an iPhone via the AT&T site last night, you can now go to it.
Jagex gets RuneScape fraudster arrested in the UK
For quite some time now cheating in an MMO generally only carried with it the repercussion of a virtual slap on the hand. Fake someone out of an item or two, and a GM might intervene, take the stuff and suspend your account. Do something against the terms of service and generally speaking, one might get an account ban. For many farmers and internet fraudsters, this really didn't seem to be much of a deterrent. Just start up a new account and off you go again, taking virtual items, breaking TOS/EULAs, or bilking people for money. Well, that is until now. According to CasualGaming.biz Jagex Games Studio, not content to simply run the cheaters out of RuneScape, actually managed to successfully work with the Police Central e-Crime Unit in the UK to run down an online thief in the real world. The 23-year-old man was reportedly tied to a recent rash of account phishing scams according to an investigation, for which he was arrested. Furthermore, Jagex says that not only are they working with the PCeU overseas, but also with the FBI in the United States. Whether or not other MMO companies will follow this lead and start to chase down the Internet fraudsters plaguing their games for prosecution remains to be seen, but it's definitely worth reading the entire story for Jagex's side of things. [Via PlayNoEvil]
Jailbroken iPhones exposed to second worm, this time malicious
As inevitable as the sun rising in the East and setting in the West, an innocuous iPhone worm has been transformed into a malicious bank details-stealing virus. The second recorded iPhone infection operates on exactly the same principles as the first, as it targets jailbroken handsets with SSH installed, but this time adds the ability for the hacker to remotely control and access the phone. By throwing up a purported ING Direct login page, he (or she, or they) can collect your online banking credentials and, presumably, all the cash they are supposed to protect. Presently isolated within the Netherlands, this outbreak may spread further still, as it is capable of infecting other jailbroken iPhones on the same WiFi network.
i-mate CEO says company isn't dead yet, just dealing with 'major fraud'
Well, it looks like the reports of i-mate's demise may have been slightly exaggerated. Of course, most of its employees are still laid off, its offices are still closed, and no one's answering the phones, but i-mate CEO Jim Morrison assures us that "everything about i-mate will continue." It turns out the company is just dealing with some "major fraud" that was discovered at the end of August as it was beginning to introduce a new line of devices, which led to some problems with little things like "paying employees." Those employees are also now said to be considering taking things up with the local authorities in Dubai, which Morrison admits would make things "difficult," although he insists that the company still has those new products ready to go, that it's "looking for more funding," and that "there is a lot of good stuff happening."[Thanks, Brendan]
EVE Online's largest player-run bank freezes accounts due to massive deficit
Stick with us, because this could get confusing: EVE Online has a long and storied history of in-game corruption, chock-full of enough political and social drama to make Ron Moore's head spin. The latest -- and actually, ongoing since June -- problem comes in the form of financial woes. On August 26, EBANK -- EVE Online's largest player-run financial entity -- revealed it currently has a (roughly) 1.2 trillion InterStellar Kredits (ISK) deficit and would freeze all player and organization accounts that were investing with the bank. As with other MMOs, EVE Online's economy is completely player-driven. Users can adopt various play styles which affect the world's economic machine, allowing players to create and topple empires within the fictional world of New Eden. Where EVE Online differs is how users have expanded the tools given to them by developer CCP Games. Using the game's developer-provided API to create tools that can monitor various pieces of data, players have developed their own financial organizations, complete with standards and rules, like real world banks. Sadly, EVE Online's largest player-operated bank mimicked real world financial institutions too closely.
Factor 5 accused of fraud in new lawsuit
A new lawsuit by former employees of Factor 5 claims the company fraudulently shifted assets to avoid ponying up $900,000 in unpaid wages to employees and millions to creditors. The Marin Independent Journal reports the suit outright states that the company stopped paying workers on November 1, 2008 and let them go on December 19. That explains why there were rumors of the company shutting down six months before the official closure announcement was made in May.As for the alleged fraud, the suit claims that Factor 5 moved assets (source code and other IP) into a company, now called White Harvest, to shield it from creditors. The plaintiffs claim that the company is being run by the same people, same lawyers, "with all the same management and ownership and control," and is performing the same work that Factor 5 was up to -- just with a new name and address. Expect to see more about this kerfuffle in the future.[Via Gamasutra]
Paul Barnett predicts the decline of future asset-heavy MMOs
Mythic Entertainment's Creative Director for Warhammer Online, Paul Barnett, was recently interviewed by Ablegamers and had some interesting things to say about the current state and future of online gaming and asset-heavy MMOs.To illustrate why he thinks online games are becoming much more mainstream, Paul uses a personal and generational example. His mother is hesitant to buy anything on credit because her generation believes credit is evil. Paul himself is wary of online purchases because of the potential for fraud and identity theft. His son, however, believes there is little difference between buying something online and buying something from the corner store.He also talks about the iPhone generation and how he believes asset-light games that provide shorter bursts of fun are going to have the widest appeal moving forward because they're cheap, mobile, entertaining, and disposable. Established asset-heavy games may not see a huge initial decline, but he does predict a decline in the start-up of these types of games because they are extremely costly and require large teams to make. They are also traditionally geared more toward a heavy investment of player time. If asset-heavy games are to continue successfully, Paul believes they'll have to allow for more flexible "time control."[Via: When casual can get too casual]
Man in the box
People usually play MMOGs as a way to escape real life. Well, according to The Guardian, real life may just be trying to push its way into MMOGs. Several EU government bodies recently came together and released a report titled, Virtual Worlds, Real Money: Security and Privacy in Massively Multi-Player Online Games and Social and Corporate Virtual Worlds. Sound heavy? It is.It seems the impetus for creating this agency position paper was that "2007 was the year of online gaming fraud." The executive summary states that malware targeting MMOGs increased by 145% and over 30,000 new programs emerged with the aim to gain access to accounts and steal virtual goods to sell for real money. The report describes 14 key risks in detail, including avatar identity theft/identity fraud, harassment, problems with online dispute resolution, and security risks for minors just to name a few. The agency also makes 12 recommendations to governments and MMOG developers to address these risks.It seems inevitable that one day we'll have Big Brother looking over our shoulders as we peck away at our keyboards pwning n00bs. It also raises a couple big questions. How far will they go? Will it improve things or make them worse? Time will tell.
SOE hires crime fighting gnomes to fend off credit card worms
Online credit card fraud is big business and even MMORPGs aren't safe from it's far reach. We recently had a chance to sit down with Executive Director of Global Customer Service, Brad Wilcox, and discuss how SOE is dealing with gold selling and power-leveling services for their games. They are taking this war so seriously that they have put all transactional business under keen gnomish scrutiny.Can you tell us how this fraud prevention task force came to be?Brad Wilcox: Since the inception of EQ1, we always had components of a fraud prevention team. These were game masters and individuals tasked with looking at the game economy and making sure that people weren't exploiting. Since September 2007, we started to see a big increase in fraudulent activity in regards to stolen credit cards. That is when it was decided to put a few more resources specifically related to the fraud that was happening with accounts and subs being created with these stolen credit cards. That's when we formed what we call the NUGIT team, which stands for Norrathian Underground Gnome Investigation Team. As you can tell by the name, our employees enjoy having as much fun on the back end as we do on the front end of these games
Japan's online games industry steps up security
The potential for having a hacked game account clearly goes hand in hand with online games, regardless of which country you're in. Japan is taking aim at this particular issue through a rather significant partnership with Visa International, reports Nicholas Aaron Khoo for CNET Asia. The Japan Online Game Association (JOGA) has pushed for the industry-wide adoption of Verified by Visa by year's end. Verified by Visa uses SSL encryption as part of its Three-Domain (3-D) Secure platform, and it's hoped that establishing this industry standard will reduce the frequency of stolen accounts. Khoo writes, "According to JOGA, Verified by Visa has already been implemented by over 60 percent of online gaming companies in Japan -- the highest among any online retail and service provider industry categories." You can check out the full story in Khoo's "Peace of mind for Japanese gamers?" as part of his Geekonomics column at CNET Asia.[Via PlayNoEvil]
Belkingate - as new evidence turns up, the company keeps mum
We found out yesterday that there is something amiss with the ratings that Belkin products have been receiving on Amazon -- and while the company's president pleads ignorance, more evidence of wrongdoing continues to mount. According to The Daily Background, Amazon accounts with names like B. Ekim (whose nickname is listed as "mikebayard," same as the name of the employee that seems to have started this whole mess) exist with little to tie them to reality, aside from the fact that they enthusiastically rated Belkin products on sites like Amazon and PriceGrabber. When we asked a representative of the company point-blank whether or not anyone at Belkin has been offering money for positive reviews, we received this evasive reply: Thanks for your email. We are still investigating the situation, and we hope to have a follow-up statement that will answer these questions later this week. To be entirely honest, we don't know what's worse -- that someone would outsource fraudulent five star ratings for his company, or the fact that the alleged fraud was so painfully obvious. Looking back, it does seem suspicious that so many people were so psyched about TuneCast.
Fraud and its effects on the MMO industry
As the number of people embracing MMOs has increased exponentially over the years, so too has the frequency and scale of fraud related to these games and credit card transactions. Chargebacks resulting from fraudulent credit activity are a growing problem for MMO publishers. Gamasutra has run an enlightening Q&A with Gene Hoffman, Chairman and CEO of Vindicia, a billing and fraud management company with no small amount of expertise in the MMO arena. The interview discussed the ramifications of chargebacks for MMO publishers, such as Blizzard, which sheds some light on the fact that having the dominant industry marketshare comes with a few downsides as well. While not commenting about Blizzard specifically, Hoffman says, "We have noticed across all our gaming clients when it comes to fraud is that the 1% chargeback rate is really a marketing budget. Having your chargebacks too low often means you aren't being aggressive enough on the customer acquisition side." Have a look at Gamasutra's talk with Hoffman, a discussion which ranges from in-game theft to hybrid subscription/micro-transaction business models.
Forum Post of the Day: Player tries to scam GM for epic flight training, gets shut down
I actually considered asking my boss if this post could be the first in a new series called "Stupid WoW Criminals," but honestly, I'd prefer to think that this guy is one of kind. So, here's the deal: A young Warlock named Kiranth of the Aman'thul server (Who has since deleted his post, but you find it quoted a couple posts down from the top in the thread) came to the customer service forums, and in this thread here, claimed that he somehow lost his epic flying skill after buying it on a Monday and playing until Tuesday morning maintenance. He claimed that he'd been trying to contact the GMs for months in order to get the skill back, and that he was incredibly frustrated and about to cancel his 3 accounts if he didn't get the skill. Luckily, the ever vigilant GMs are always willing to please, and Auryk soon chimed in with an answer to his problem. I'll summarize what he said after the break, but you really should read it for yourself. It's amazing.
EVE Online calls RMT evil
GM Grimmi of EVE Online comes out strong against RMT in an official post called 'Real money trading is bad, mkay?' In no uncertain terms, RMT activities are said to be linked to keyloggers, phishing sites, and hacking attempts, and lead to real-world illegal activities like fraud and theft. Grimmi then goes on to say that there is a service available to players who want more ISK that is not only legitimate, but also helps both the game economy and supports other players: the Secure ETC Trading system.From the post: 'When you buy an ETC and then sell it for ISK via the Secure ETC Trading System you are directly contributing to the growth of EVE as the code will be applied to an account and someone will be using it to play. Some players do not have the means to pay for their subscriptions with credit cards or similar and the Secure ETC Trading System helps them pay and play. The economics are quite different as well since wealth is redistributed between active members of the community rather than injected into the game.' This is a much more creative approach to fighting RMT activity than simple banning of accounts (though that happens as well). Bravo, EVE, slam evil!
Another blow in the keylogging experience
Thank you all for the encouragement I received in response to my recent keylogging experience. As a whole the experience was just dreadful. As I mentioned on last week's WoW Insider Show podcast, I am still afraid every time I log in that I will get the "The information you have entered is not valid" error. For the most part things have settled down, but the fear remains. The worst part of the keylogging episode was that my Shaman was transferred from a PvP to PvE server. After about a week in limbo my beloved Tauren was returned to her proper place. I was extremely relieved. Unfortunately that's the only thing on my account that Blizzard was kind enough to restore. They refused to return any of my gear or gold and did nothing about the items ninjaed from the guild bank. I appealed their decision with several emails. Those appeals were ubiquitously denied despite logical arguments and heart-filled plights. I thought it was all over, for better or for worse. I got more bad news in my email box the other day:
Iovation stops 0.365% of transactions
Iovation, a company that markets anti-fraud software to online game operators (and online dating sites) claims to have blocked over ten thousand fraudulent transactions per day out of a round-figure-billion over a year. They don't actually say how many of those billion transactions were actually fraudulent, so we must smilingly acknowledge that while their quoted figures contain some attractive round numbers, they don't actually provide any useful information on their actual success rate. Iovation's patented anti-fraud system (United States Patent 20080040802) basically involves a small piece of software dropped onto a user's machine that provides a unique system fingerprint or device identifier that can be queried alongside transactions. Unfortunately, in our experience (Linden Lab used to use essentially this same sort of system for severe user bans for years, but ultimately had to discontinue it) this kind of system is relatively easily circumvented by the determined or knowledgeable (at least without the most egregious rootkitting), and also only prevents subsequent frauds, after an initial fraud is detected by other means. Nonetheless, with an increasing focus in the online gaming world towards non-subscription-based transaction models, fraud prevention/reduction is occupying increasingly large amounts of attention from MMO/VW operators and developers who are looking for solutions. [via PlayNoEvil]
Bank declines Blizzard charges
It seems that keyloggers and phishers are not the only fraudsters infiltrating World of Warcraft. Halifax, a bank in the United Kingdom has ceased processing most transactions with Blizzard Entertainment. This measure was taken in response to increasing numbers of reports fraudulent transactions for WoW services. I had a similar issue with another bank based in the United States. That institution saw my recurring Blizzard charge as suspicious. Once I contacted them to verify my subscriptions my credit card was quickly returned to an active status. In this case, the only fault on Blizzard's is making an astoundingly popular, subscription-based RPG. Do be on the lookout for unexpected transactions from Blizzard Entertainment and be sure to report them to your bank as soon as possible. Representatives from Blizzard Entertainment declined interviews with the Register, which investigated this phenomenon. Do not be surprised if the transaction for your WoW subscription is refused in the near future. Halifax customers can use their credit cards to pay for their WoW subscriptions by making special arrangements with their account services department. If you would like to continue to use your Halifx Visa or Master card, be sure to contact customer support for authentication.
Linden Lab responds on fraudulent funds griefing
In response to our piece on the both speculative and historical use of fraudulent funds transfer in Second Life as a griefing tactic, Peter Gray of Linden Lab's PR agency, LewisPR sent us an unsolicited statement yesterday. In it Gray begins, "The policy stated at http://secondlifegrid.net/programs/api/risk seems to have caused some confusion. .... The policy stated at the above webpage is directed at operators of Linden dollar exchanges; if Linden Lab identifies that the operators of these exchanges have PURPOSEFULLY purchased fraudulent L$, Linden Lab may recoup 150% of the amount. The fine mentioned on this page is a potential repercussion of an exchange operator purchasing fraudulent L$ where Linden Lab has identified an intent to collude in fraudulent behavior. To date, this fine has never been levied." Which is all very well - but actually has nothing at all to do with what we are talking about.
Linden Lab warns of fraudulent currency exchanges
Linden Lab today have a lengthy set of warnings about possibly fraudulent third-party exchanges for the purchase of Linden Dollars for Second Life . In it are listed a number of common-sense precautions and warnings. However there are two particularly that we think are worth comment. Firstly, there's this "You therefore purchase these third party L$ at your own risk: if they are discovered to be fraudulent - in effect phony - we will recoup them from your account." - well, that goes just a bit further than you might be expecting.
LNLBT back in business in Second Life
The story we ran about someone brute-force hacking several Second Life banks has a happy resolution, at least for one of the banks: LNLBT is back in business, and their insurance is back in force with The Rock as well. SL Investor's Bank is still insured, and the other three affected banks were never insured.LNLBT are distributing new ATMs and have new security measures in place - hopefully properly instituted this time. It is nice to see a financial story in Second Life with a happy ending though. Although that article speculated about the possibility of police involvement due to fraud, it appears from an article in the Second Life Herald that WSE may be the first organisation to face legal investigations following the way they handled defaulting on a payment to Midas Bank and then foreclosing on their trading operations, which we reported at the start of the month.
