Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
SpywareGuide powered by FaceTime Security Labs
Search SpywareGuide Greynets Database & Site
Security Email Alerts & Updates
Search the Blog
Recent Posts
Monthly Blog Archives
Subscribe to this blog's feed
About the Blog
About SpywareGuide Greynets Blog
Link to Us
Link to SpywareGuide.com

« EBay Sale Of The Century.....Sort Of | Main | More EBay Fake Bidding Wars »

  • DreamPhish: How To Ruin A 10 Year Anniversary

"I wonder what will happen when every rabid Dreamcast community, every "blog" on the internet, and every message board, realizes that someone has setup the above domain name in an effort to scam the Dreamcast fanbase for google ad hits and affiliate points at play-asia." - An Angry Gamer, on the Internet

It seems like the recent Dreamcast Phish story flew right by a lot of people, but if you had any love for Segas ill-fated console - and screenshots of my still-working console running Shenmue 2 will tell you that I did and still do:


.....then you can't help but have been swept up in the wave of nostalgia that hit last week.


Well, it's coming up to the tenth anniversary of Segas masterpiece, and naturally, there's a HUGE fanbase out there expecting everything from a small celebration to the announcement of a new Dreamcast console. In fact, it wasn't too long ago that Sega making some changes to the logo caused near pandemonium amongst gamers.

I swear, they're just doing it to mess with our minds.


It seems the Sega owned domain "Dreamcast.com" had long since been abandoned by them (though the Whois details have seemingly never been altered from the original Sega specific contact information), so with the Tenth Anniversary coming up, what better time than for some unscrupulous scammer to get in on the act with some Phishing antics? Sure enough, anyone visiting the Dreamcast site a week or so ago would have seen something like this:


That would have been enough to send hordes of over-excited gamers into a frenzy. Seriously. It would be like aliens suddenly deciding to send us a "hey, we're out here" message, or the crew of the Marie Celeste turning up on your doorstep wondering what all the fuss was about. Maybe I'm over exaggerating a bit, but wow - I nearly fell off my chair when I heard that the Dreamcast site had suddenly been updated after years of nothing. For the real hardcore gaming fans out there, a similar effect could probably only be achieved by news of the Gaming Intelligence Agency suddenly being resurrected.

Yes, I'm sure half of you don't remember that site but never mind.

Luring you in with the promise of an official @dreamcast.com Email address, they asked for your serial number, desired username, password and a current Email address. Once registered, you would end up with a seemingly valid yourserialnumber@user.dreamcast.com address.

The only problem, of course, was that it wasn't SEGA sending out your details, it was the scammer who had grabbed the domain name. The theory is that people would likely use the same password for their desired Dreamcast address as the alternate Email address they provided when signing up to the "service". Thus, you would have spam lists and hijacked email addresses galore.

It didn't take long before SEGA denounced the site, and it was pulled offline shortly after. In retrospect, a dead giveaway should have been the fact that the site had Google Ads and a few other things on it (check out the rather small screenshot) that probably wouldn't have been there if SEGA had actually been in charge. SEGA almost certainly wouldn't have had a Play-Asia affiliate code embedded in the page, for that matter:



If you weren't there at the time - if you didn't take to this console the way so many gamers did (and still do,even today) - you probably wouldn't have the same nagging feeling as I do, that someone, somewhere, just kicked your puppy into outer space.

Yes, I am pretty annoyed by this.

You can bet a legion of gamers are, too. As one gaming website put it:

"Gaming Target will fill you in on the identities of the scammers if their names (and hopefully addresses) are published."

When you annoy even the mainstream gaming media websites to the point that they're hoping to hand out names and addresses for some vigilante justice, you know you've screwed up royally. I'm not claiming to have waited more than a week before publishing this article simply to see if I could post some triumphant pictures of the culprits being hauled off for ten rounds with Sonic the Hedgehog in a really horrible jail somewhere, but, well, you know.

Annoyed and all that.

Interestingly, this isn't the first time a SEGA domain has been obtained and used for strange and / or dubious purposes. For whatever reason, they don't seem to want anything hanging around that reminds them of the Dreamcast, and a while back something similar happened with the official Shenmue domain. It really baffles me why they would be interested in keeping the Trademark for the dreamcast up to date, while letting the domains slip away from them to be used for things like this. Here's what happened, courtesy of some random guy on the Internet:

"Sega couldn't care less about Shenmue or Dreamcast right now, so they let most Dreamcast-related domains expire. More than a year ago (can't remember the exact date) the shenmue.com domain expired. Someone registered the domain and uploaded a mirror of the then defunct Shenmue site. Since Shenmue Passport also connects to a shenmue.com subdomain, he managed to get Shenmue Passport partially working (all the download functions which had been previously mirrored by the community worked). He posted a message on Shenmue Dojo saying something like "hey guys, like at this, Sega is bringing Shenmue Passport back online". The user would then check he could indeed log in succesfully to Shenmue Passport, and be greeted with a "We're bringing back Shenmue Passport, stay tuned" message.

Now, if he had been a serious person, he would have told people "I just registered the shenmue.com domain and I think I can bring Shenmue Passport online, even though it's totally unofficial, but this is as good as it gets". Instead, he pretended to be Sega.

He registered the shenmue.com domain using his very own name (in case anyone is curious, he's from Colombia). He later changed it to make it look more legit. And I'm almost sure I saw him doing the very same thing with the dreamcast.com domain (first using his name, then changing it to someone from Sega).

It's the second time something like this happens to the Dreamcast community and it sucks."

You said it man, you said it.

Maybe we should have a whip-round and buy them the domains back as a tenth anniversary present.

Now if you'll excuse me, I have to go get my hopes up some more for the sure-to-come announcement of a Dreamcast 2...

  • TrackBack

TrackBack URL for this entry:

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide JapanJapanese

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.