Minecraft Scam

[Vaporize]

Hello,

I had received an email from [email protected] and basically they asked for a bunch of info including TID. I had replied with all of the info and picture proof since they said my acc was compromised.

The reason why I answered the email was because it had @mojang.com and I had submitted a ticket prior (few weeks ago) and never got a response. So I assumed they are responding back to me.

My question is, what is going to happen and how can I protect myself?

Thank you,

Vaporize

 

[Mv_]

What was the ticket you submitted a few weeks ago about? It's hard to tell if it was a phishing email or not without a screenshot, so if you could send one of the email that'd be great.

 

[Vaporize]

What was the ticket you submitted a few weeks ago about? It's hard to tell if it was a phishing email or not without a screenshot, so if you could send one of the email that'd be great.

Yes, let me send you a screenshot.

 

[eppy]

I think they're just trying to double check that you're the owner of the account, if not, someone trying to get your information TO take ownership of the account

 

[Vaporize]

You basically gave them everything they need to take ownership of your account by the looks of it..

Yes, but I have the original migrated email which they do not. So I can use that email to counter them, correct?

 

[Mv_]

Do you have a Discord? There a couple of things that you can check to verify the sender, and I have a few more questions. Discord would just be easiest to communicate on.

 

[Vaporize]

Do you have a Discord? There a couple of things that you can check to verify the sender, and I have a few more questions. Discord would just be easiest to communicate on.

Yeah, I do. Could you PM me your discord?

 

[Mv_]

We went through some steps via Discord, and it turns out it was a phishing email. We've got it sorted, but for anyone else reading: be careful when receiving emails that are asking for credentials & always double-check.

 

[ZJump]

That's weird if it is a phishing email scam, considering it's [email protected]

Anyone mind explaining how that isn't the real mojang email?

 

[Vaporize]

That's weird if it is a phishing email scam, considering it's [email protected]

Anyone mind explaining how that isn't the real mojang email?

Basically someone was able to mask as them. I can't believe it... Now they can steal my account.

 

[ShowUp]

Basically someone was able to mask as them. I can't believe it... Now they can steal my account.

How does that even happen??

 

[ZJump]

Basically someone was able to mask as them. I can't believe it... Now they can steal my account.

make a ticket with mojang then, but I didn't know that you can mask someone's email address, just knew that you can mask a url

 

[Steampunk]

In case you guys are wondering how to protect yourself: It's email spoofing (Where people forge the credentials) so always check for the right credentials.

 

[Zyger]

Did the broken english not make you suspicious?

 

[Kuchy]

Seems this has been figured out but in case someone encounters a similar situation, I'll let this be known.

 

[Ally]

In case you guys are wondering how to protect yourself: It's email spoofing (Where people forge the credentials) so always check for the right credentials.

No. There is no credential forging going on here.

What is going on here is the following: Emails aren't secure essentially. Most modern computer systems have checks in place to determine whether someone is legitimate or not. Won't go into detail about them here but you can Google various things like email spam verification, etc. In emails you have a bunch of fields composed in a header (most email clients will have a View Source button to show this), including the from header. Much like HTTP, the headers are entirely changeable and settable. This includes the From header. As I mentioned before, many email services have protective measures - but some don't (obviously). On the outgoing side, you'll have a bunch of headers verified - and then again on the incoming side (though it's much harder to check, it's why blacklists are a thing). Essentially changing a single header without credential hacking will allow you to spoof an email, and I encourage you to try it addressing an email to yourself on a custom client (you can write one in a language which sets the From address) to show how they get blocked.

This is an example of one I did a year ago. Unfortunately it sends through your email server, and other various tidbits, and while you can set one up yourself, residential IPs are blocked on a global email blacklist sort of thing. (It's really hard to make one that passes various security checks). This email got blasted as spam.

 

[Vaporize]

BRUH DO YOU GUYS NOT SEE THE TYPOS
View attachment 371011

Did the broken english not make you suspicious?

Haha, yeah. Stupid me for not catching it, however, I submitted a ticket to Minecraft weeks ago, and this was the only thing I got. So in following my progression, I had thought that they were responding to me but couldn't verify - especially since it showed up as [email protected], which is also the email I used to buy an alt with Paypal from the official Minecraft store years back.

 

[Anish]

If you click that google would say smth along the lines of "email spoofing" detected.

 

[Vaporize]

If you click that google would say smth along the lines of "email spoofing" detected.

That only occurred after I reported it for Phishing. Before it appeared as a contact - Mojang Support