Shop Mobile More Submit  Join Login

Unexpected Login? Check Your URL!

Journal Entry: Wed Aug 31, 2011, 8:16 AM


New Phishing Site Hazards


Being an extreme large community composed of a good number younger people deviantART unfortunately becomes the target of spammers and phishers.

Currently we have an individual or Group of individuals using a fake deviantART login page and they are using hijacked accounts in order to spread the URL to this fake page.

Please spread the work that if you click on a link which directs you through the deviantART "There Be Monsters Out There" outgoing link page and you unexpectedly appear to wind up back on deviantART while logged out  then you should please check the URL of where you are before you enter any of your details.

The proper URL for the actual deviantART login page is; DEVIANTART.COM/USERS/LOGIN- Note that there is nothing bwtween "deviantart" and "com" except for a "dot".

If you find yourself unexpectedly logged out after clicking an offsite link please immediately check the URL to see if there is anything extra added into it which would indicate that you are in fact on some third party website masquerading as deviantART- for example if the URL reads something like DEVIANTART.[SOMETHING].COM/USERS/LOGIN then you are no longer on deviantART and you should not attempt to login.

If there are any words at all between "deviantART" and "com" then you are on a phishing site.

Addressing the Issue


We are currently tracking and banning the accounts being used to spread this phishing site and we have blacklisted the actual URL of the phishing site as well and we are looking into having the site disabled as quickly as possible.

In the meantime the phisher may move to using URL shortening services in order to bypass the blacklist against their own site and if this is the case then we will move to blacklist these shortening services as well at least temporarily.

While we do understand that URL shortening services (such as bit.ly) are popular and well used we will be putting the safety and security of our members ahead of the convenience offered by these services so f you are a routine user of such a service and your use is suddenly blocked please be aware that it is not a bug but a security measure which we have put into place for a period of time.

  • Mood: Content

Add a Comment:
 
:iconsimonpark81:
simonpark81 Featured By Owner Feb 23, 2012  Hobbyist Traditional Artist
its important to keep up to date with crap like this. too many people out there trying to trick the common man outta whats ours etc. faved to spread the word. :salute:
Reply
:icondiren-chan:
Diren-chan Featured By Owner Jan 11, 2012  Hobbyist Traditional Artist
*facepalm* This is just redicilous, some trolls and spammers are abusing dA and considder it as one of the worst offen internet communyties sites in history, going through other users profiles and harrashing them, stealing their arts and claim, they "made" it themselfs? FFFFFFFFFFFFFFF... Oh my god...

One of my watchers accounts have been hacked and had so much issues to log in into their accounts or have been banned.
Oh well... Thanks for sharing this message.:salute:
Reply
:iconyerdian:
Yerdian Featured By Owner Jan 10, 2012  Hobbyist General Artist
I'm going to fave this journal and keep it in mind.
Reply
:iconjaguarpaws:
JaguarPaws Featured By Owner Nov 19, 2011  Hobbyist General Artist
i hate spammers, i see them all the time but i don't usually click on the links if the person has no art ,if i don't know them well enough and if i just get a weird feeling about the page
Reply
:iconscruffadoptables:
ScruffAdoptables Featured By Owner Sep 2, 2011
Know the link to the site?
Reply
:iconrealitysquared:
realitysquared Featured By Owner Sep 2, 2011  Hobbyist General Artist
I do know the link to the site and it has been taken down by the hosting provider at this point in time so it is irrelevant.
Reply
:iconscruffadoptables:
ScruffAdoptables Featured By Owner Sep 14, 2011
Good, i was getting scared
Reply
:icontmpst24myst:
tmpst24myst Featured By Owner Sep 1, 2011  Student Writer
Because I've read this 27 times and have a widget thingy on my page dedicated to this issue, I'm going to read some of your older journals.
I've missed them. I missed alot while I was on internet vacation.
Dae :shamrock:
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
Well I hope Staff are also considering Permanent IP bans On the hackers as well just to be safe given the severity of the situation
Reply
:iconrealitysquared:
realitysquared Featured By Owner Sep 1, 2011  Hobbyist General Artist
IP bans are pretty much worthless against anybody who really knows what they are doing on the Internet.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Sep 1, 2011  Hobbyist General Artist
Eh perhaps :shrug: But it couldn't exactly hurt :P


But thanks for the reply :thumbsup: and for this Journal :salute:
Reply
:iconkawaiidesuclawzy:
KawaiiDesuClawzy Featured By Owner Aug 31, 2011  Hobbyist General Artist
NOES! =C
Reply
:iconquazzie:
Quazzie Featured By Owner Aug 31, 2011
People are assholes..... hate me some damn people.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
I agree
Reply
:iconjd896:
jd896 Featured By Owner Aug 31, 2011  Hobbyist Writer
What will happen to the people who had their accounts compromised? Will they be able to get their accounts returned to them?
Reply
:icondxd:
dxd Featured By Owner Aug 31, 2011  Hobbyist Photographer
If anyone has had their account compromised they should contact violations@deviantart.com and we can begin the process for returning accounts to users asap.
Reply
:iconajglass:
AJGlass Featured By Owner Aug 31, 2011  Professional Artisan Crafter
That information should probably be posted/included over at the HQ blog - [link] - if it isn't already.
Reply
:iconjd896:
jd896 Featured By Owner Aug 31, 2011  Hobbyist Writer
Thanks for the information.
Reply
:icondxd:
dxd Featured By Owner Aug 31, 2011  Hobbyist Photographer
You're welcome

:)
Reply
:iconjd896:
jd896 Featured By Owner Aug 31, 2011  Hobbyist Writer
Stay devious :salute:
Reply
:iconparallellogic:
parallellogic Featured By Owner Aug 31, 2011
Is there any way to estimate the number of users who have had their account hijacked?
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
Estimates would likely be based on the number of reports recieved and the number number of accounts found placing the illicit links in messages
Reply
:iconparallellogic:
parallellogic Featured By Owner Aug 31, 2011
... Yeah, I wonder what that estimate is. It'd also be interesting to compare this phising attempt with historical ones - if this one was limited at all by the fact that "there be monsters out there page" exists

I'd be more curious in how innovate this phiser is. If they're logging into the hacked accounts with the same IP address, and dA tracks which IP address a user logs in with, then it may just be a matter of figuring out how many accounts were logged into with that one IP address.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
Well the rumors I heard put estimates in anywhere between 300-3,500 hacked and/or fake accounts


Also judging by rumors it may be a group so we may be dealing with many IP's and/or proxy's :\
Reply
:iconparallellogic:
parallellogic Featured By Owner Aug 31, 2011
~Well the rumors I heard put estimates in anywhere between 300-3,500 hacked and/or fake accounts
Still would be nice to hear from an official source. On dA, rumors really are just rumors, the staff are tight lipped about everything, regardless of whether they need to be or not.

~Also judging by rumors it may be a group so we may be dealing with many IP's and/or proxy's :\
Somehow I doubt that, the whole point of this would to appear to dA to be coming from as many directions at once as possible, so any phiser would naturally appear as many coordinated users. Many IP/proxies simply means they've gotten the basics down of phising, it doesn't mean it's a group.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
Well I'm just repeating what I've hear so who knows :shrug: I guess all we can do is wait for updates
Reply
:iconkeight:
keight Featured By Owner Aug 31, 2011
Thank you for the heads-up. I appreciate it.
Reply
:iconjust-a-user:
just-a-user Featured By Owner Aug 31, 2011
thanks for the warning! lately the number of hackers increased dramatically, some people get notes which ask for password or to click some suspicious URLs. I think that outgoing page should disabled because it is exploited by many phishers and very confusing to some users
Reply
:iconrealitysquared:
realitysquared Featured By Owner Aug 31, 2011  Hobbyist General Artist
The 'outgoing' page was introduced in order to inform people that they were leaving deviantART- prior to this page being introduced between linking an onsite link and landing on a third party website a cleverly designed fake page would simply pop up without any indication that you didn't actually just get logged out of the real site.

We will not be removing the outgoing warning page for this reason.
Reply
:iconjust-a-user:
just-a-user Featured By Owner Aug 31, 2011
in my opinion it is the user's responsibility to check where they are. It is very easy now thanks to IE9 and Firefox 6 feature which hightlights the main domain in the address bar. And normally you wont get logged out without clicking the logout button, right? If that user is not clever enough, he may still get tricked even if after clicking the link in the outgoing page..
Reply
:icondelqueaboss:
DelqueaBoss Featured By Owner Aug 31, 2011  Hobbyist General Artist
Mind if I cut in? :)

The problem with that is the younger and more naive users who can fall for it easily. The outgoing page will warn them of whats going on. That is all.
Reply
:iconprojectsonic:
projectsonic Featured By Owner Sep 2, 2011   Writer
That, and they never pay attention enough to hover a cursor over a link. Prank links in sigs have taught us that easily. If they won't look at that, they'll always rush into clicking a phishing link.
Reply
:icondelqueaboss:
DelqueaBoss Featured By Owner Sep 2, 2011  Hobbyist General Artist
And at the same time that depends on their browser. Some browsers do not even do that. Which ones I do not know. I'm a firefox user so I am unaware of how other browsers does it.
Reply
:iconelectricjonny:
electricjonny Featured By Owner Aug 31, 2011  Hobbyist Photographer
Sigh, I hate when people try things like this.

Also, the dA login page is a secure page. So it will start with https:// and browsers usually make this pretty well known, like in Firefox the beginning of the address bar is longer and blue, and in Chrome you see a lock icon.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
I strongly agree
Reply
:iconpsyconorikan:
Psyconorikan Featured By Owner Aug 31, 2011  Student Digital Artist
Thanks for the info.
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
Ooo I like your Avatar ^^
Reply
:iconpsyconorikan:
Psyconorikan Featured By Owner Aug 31, 2011  Student Digital Artist
Thanks! :)
Reply
:iconprincesskooh:
PrincessKooh Featured By Owner Aug 31, 2011  Hobbyist General Artist
You're welcome :-)
Reply
Add a Comment:
 
×

Featured in Collections

Journals News by happy-gurl

Fave Journals And News by PrincessKooh


More from DeviantArt



Details

Submitted on
August 31, 2011
Link
Thumb

Stats

Views
25,568 (2 today)
Favourites
10 (who?)
Comments
39
×