Now that Goonswarm has officially taken over control of security at CCP ;) there is a great article about e-mail phishing scams and account security by CCP Sreegs that every EVE player should read. E-mail phishing scams have become quite a problem with EVE players. I personally receive several e-mails per week from EVE Online.com. Lets have a look at one of them...
As you can see I need to fix something with my account. I thought I had setup a re-occurring payment system.... oh well let me just click on the nice link and fix it. Look the link says account management so that must be where I want to go.
WHOOOOO!! My virus scanning software had that link flagged in its database as unsafe! Rather then going to the actual account management website, the link goes to http://184.108.40.206/pnp/eve/https/secure.eveonline.com/login.aspxReturnUrl2fAccountManMenu.aspx3faid3d103543aid193543.htm (note I changed the ip address to prevent some fool from actually going there from this blog). This site is definitely not related to CCP or EVE online!
Now this page is from an e-mail about a month ago so the url clearly has been marked as a problem. However I bet if I had clicked on that link back on the 13th of December, it would have taken me to a site that looks EXACTLY like the actual Eve account management site. I would have entered in my username and password onto the site and the next day, everything my character has in EVE would have been sold by a real-money trader or something. With luck a petition would get some of it back in a few days, but I, and possibly my corp/alliance would have been screwed!
Moral of the story is NEVER EVER EVER trust any link on any email from EVE ONLINE. If you need to do something navigate yourself to eveonline.com and do it there. Even if you are pretty sure it is legitimate, don't take the risk.