This time around, it tries to lure you to a site in the NCSOLT.COM domain. Guess who it's registered to?
Domain Name ..................... ncsolt.com
Name Server ..................... ns1.superdns.org
ns2.superdns.org
Registrant ID ................... hc765055622-cn
Registrant Name ................. nc solt
Registrant Organization ......... nc solt
Registrant Address .............. shenyangshenyang liaoning
Registrant City ................. shenyang
Registrant Province/State ....... Liaoning
Registrant Postal Code .......... 100009
Registrant Country Code ......... CN
Registrant Phone Number ......... +86.7916276996 -
Registrant Fax .................. +86.7916276996 -
Registrant Email ................ webmaster@ncsolt.com
Well, not NCSoft for sure. I doubt NCSoft uses cheap-o shared web hosting services in Hong Kong for their secure web site either. ;)
For those interested, the full text (obviously with faked links) is:
Greetings!
This is an automated notification regarding the recent change(s)
made to your Aion Account. NCSoft system scan to your account insecurity, in order not to affect the normal use of your account, please log NCSoft safety net to verify your account information, or else NCSoft will stop using your account's rights . Certification of Aion Account information site of NCSoft:
https://secure.ncsoft.com/cgi-bin/plaync_login.pl
NCSoft staff will verify your account information submitted in two days, please do not modify your account information during this time . It will not affect your game uptime.
Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, NCSoft representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Please retain this e-mail for your reference. If you have any questions about the account information, please contact Support@NCSoft.com.
The Aion Team
The usual advice applies: Don't follow any links in officially-looking mails you didn't request, don't put your account information in there, don't visit such sites with JavaScript or any other scripting enabled and if you suspect you might have done any of it, change your account passwords from a known "clean" computer and make a through viirus and spyware scan of the computer you used just to be sure. If you don't have a "clean" computer, use a Linux-on-CD distribution like Knoppix - they don't require any installation at all and can't be that easy tampered with.
As a side note, I only get those mails to the mail address I used to register at Stratics and no-where else. Makes you wonder about their site security.
(This post should have gone online on Thursday, server/editor issues prevented that)
