Shop Mobile More Submit  Join Login

Be vigilant of phishing scams

Sun Nov 25, 2012, 11:09 PM


Your account's security is of vital importance to deviantART and we're committed to providing our members resources and advice on how to stay safe and secure online.  Earlier today, an individual or group of individuals redirected some deviantART members to a false deviantART login screen by exploiting a cross-site-scripting vulnerability in deviantART's Journal system.  This tactic, commonly known as phishing, allowed the individuals to gain access to some accounts. 

Phishing is a serious matter on the Web. You've probably heard of phishing attempts through emails, the classic example being a fake email from a bank or other trusted authority, asking you to enter your personal information.

Incident details

The individuals discovered and exploited a cross-site-scripting vulnerability in Journals that provided them the ability to redirect deviants to a different website, designed to mimic a deviantART login screen.  Some deviants who did not realize that they were being taken offsite for a phishing attempt, entered their username and password information which was then logged by the individuals. 

As soon as the malicious activity was discovered, deviantART staff members immediately began response procedures, including patching the scripting vulnerability and taking steps to secure and contain all accounts that were compromised. 

It is important to note that we have no indication that any real harm was done, other than the posting of juvenile comments.  We will work vigilantly to find the wrongdoers and, as necessary, involve law enforcement.

What to do if your account was compromised
 

If you were one of the handful of deviants who entered your account information into the fake deviantART login screen, or otherwise believe your account to be compromised, please note the following: 

If you have access to your account: 
  • First, change your password in your Settings.
  • Second, verify that the email associated with your account is active (one that you still use).
  • Third, check your Sessions page and logout any sessions that you do not recognize.
If you do not have access to your account:
  • Please note that your account may have been locked as a security precaution. In this case, contact our Help Desk for assistance. Be sure to use the email associated with your deviantART account when contacting our staff.

Preventing phishing
 

One of the most important ways to prevent phishing of your deviantART account information is to always ensure that the URL in your address bar always says deviantart.com.

Our login pages will always be located at deviantart.com/users/login or sta.sh/login. They will also be on a secure server as indicated by https:// before the address. 

If you find yourself unexpectedly logged out after clicking an offsite link, immediately check the URL to see if anything extra has been added -- this would indicate that you are in fact on a third-party website masquerading as deviantART.  For example, if the URL reads something like deviantart.[something].com/users/login then you are no longer on deviantART and you should not attempt to login.

If ever in doubt, manually browse to deviantart.com before providing your account information. 

For more information on phishing, check out see Stay Safe Online: Phishing from Google. 



Your account's security is of vital importance to deviantART and we're committed to providing our members resources and advice on how to stay safe and secure online. This article details a recent incident, our response, and provides advice on ensuring account safety in the future.
Add a Comment:
 
:iconluilustraversus:
LuIlustraVersus Featured By Owner Edited Nov 8, 2014  Student Digital Artist
Meu Kaspersky antiVirus Acabou de bloquear pishing Aqui no Deviant Art façam Alguma Coisa
Reply
:iconsilverforfun:
Silverforfun Featured By Owner Nov 4, 2014
Theres a new phishing attempt. I got a journal from "MichelleRomney" saying she was "New to DA" and "wanted as many friends as possible." She then said as a gift, she would give me a free copy of a Software known as "GIMP". With a link. A shortened, tinyurl.com LINK. It had "invite2212" or something in the link. Why are phishers in my deviantart and not my steam????
Reply
:iconryugassj3:
RyugaSSJ3 Featured By Owner Apr 10, 2013  Student Traditional Artist
Faving this & I don't care. These scums have gotta go!!
Reply
:iconpervyjjthplz:
PervyJJTHplz Featured By Owner Mar 31, 2013
hello
i'm XXJJthedragohogXX

i sended DA allot messenges about this
but it doesn't seem effective and whatever happens
they dont give me the chance to get a recovery
can you help me please?
Reply
:iconidjpanda:
iDJPanda Featured By Owner Dec 18, 2012  Student General Artist
I highly doubt that this will be the last time this happens... It's happened like a month ago and they are back again..
Reply
:iconkamipanda:
kamipanda Featured By Owner Dec 13, 2012  Hobbyist Digital Artist
Hi there.

My account gets hacked like, 3 weeks ago.. I can't log in anymore and I've send the e-mails already but up until now, I got no response. I understand that you guys are pretty busy, but please, at least give us an announcement about what's going on here. I really have no idea right now. I'd really missed my friend on my account back there and have a lots of stuff to submit.

I'm really looking forward to get my account back, man.
Reply
:iconloco-the-pervert:
Loco-The-Pervert Featured By Owner Dec 10, 2012  Hobbyist Digital Artist
Okay so that what happened! ^^; so ignore my journals about them being hacked
Reply
:iconk4nk4n:
K4nK4n Featured By Owner Dec 6, 2012
Was gary-niger :icongary-niger: the one responsible for the recent hackings in November? What about Neomoti :iconneomoti: , is she innocent?
Reply
:iconstorm-de-up:
Storm-DE-UP Featured By Owner Dec 6, 2012
Neomoti is indeed innocent, she was one of the hacked.
Reply
:iconk4nk4n:
K4nK4n Featured By Owner Dec 7, 2012
Thank you for answering.
Reply
:iconcatxiafox:
CatxiaFox Featured By Owner Dec 5, 2012  Hobbyist Traditional Artist
Excellent post about security thanks ^_^
Reply
:iconaskthescientist:
AskTheScientist Featured By Owner Dec 3, 2012
I'm ( ~Invincible-Tigerman ) still out of an account and I haven't heard anything from the Help Desk since Tuesday and I also sent an email around Thursday when I noticed the ticket said it was "Resolved or Deleted."

Are you guys that busy or did something just happen with the ticket? I really don't want to abandon an account I've spent money on.
Reply
:iconhaldron:
haldron Featured By Owner Dec 11, 2012
Hi there. :)

I've checked on the status of the ticket there and it appears that it was awaiting response from you. Could you check the email that you sent the ticket in on for a response? You can then provide the requested information by responding to that email.

Thanks.
Reply
:iconaskthescientist:
AskTheScientist Featured By Owner Dec 11, 2012
I've just sent another reply after responding to the email about 3 times. I'm really hoping this one works. I'm getting slightly edgy after not being on my account for almost two weeks.
Reply
:iconspindragon12445:
spindragon12445 Featured By Owner Dec 1, 2012  Student Digital Artist
Oh, cheese.
I heard about these hackers not too long ago, and I thought it was chainmail.
But now that I read this... Now I know.
You staff members are amazing. Thank you for solving the issue. :glomp:
Reply
:iconrmxtrailmix:
RMXTrailMix Featured By Owner Dec 1, 2012
"...by exploiting a cross-site-scripting vulnerability in deviantART..."
Cross-site-scripting is the greatest concern I have using Deviantart, it was rarely an issue over on SheezyArt and Fanart Central.
Reply
:iconwolf-girl111:
wolf-girl111 Featured By Owner Nov 30, 2012  Hobbyist General Artist
That was scary,but thank you for the advice! :3
Reply
:iconrakceyen:
Rakceyen Featured By Owner Nov 30, 2012  Hobbyist Digital Artist
I dont know if it has anything to do with phishing, but occasionally when I'm on deviantart from an iPad I will be redirected to a porn site called badoink.com. It happens when I click on a deviation to view it: the picture loads and then I get redirected. Its not just one deviation, it has happened when I clicked my own deviation. Since it redirects, Im sometimes stuck and have to hit the back button several times real fast to get back to dA. It hasnt happened recently, but it used to be a once-a-day occasion.
Reply
:iconst0rmstar:
ST0RMSTAR Featured By Owner Jan 15, 2014
Happened to me
Reply
:iconcrystal-gryphon:
Crystal-Gryphon Featured By Owner Dec 1, 2012  Hobbyist General Artist
omg...that happened to me too ;n;
Reply
:iconrikoee:
rikoee Featured By Owner Dec 1, 2012
Woah... That happened to me once too...I literally FREAKED out when I saw the redirected porn site.... *shudders*
Reply
:iconflipking:
FlipKing Featured By Owner Nov 30, 2012  Student Filmographer
According to a journal I saw, the hacker is a Twitter user names "DongForce".
Reply
:iconaph-nota2p:
APH-NotA2P Featured By Owner Nov 29, 2012
Something else that I have found is common is them putting a letter in to make it look closer to 'deviantart'. Such as 'deviantxart', since 'deviantart' is already the taken domain. Unless people look carefully, they would never realize that 'x' is there.
Reply
:iconmoonsongstudios:
moonsongstudios Featured By Owner Nov 28, 2012  Hobbyist Digital Artist
LIGHTERS IN THE AIR

[link]
Reply
:iconstarsongvinry:
StarsongVinry Featured By Owner Dec 1, 2012  Hobbyist Digital Artist
-clap- -clap- TAKE THAT, HACKERS!!!
Reply
:iconventus-imperatrix:
Ventus-Imperatrix Featured By Owner Dec 4, 2012
That song is about our glorious triumph over DeviantArt, not vice versa.
Reply
:iconstarsongvinry:
StarsongVinry Featured By Owner Dec 4, 2012  Hobbyist Digital Artist
Oh. Never mind. Great song, still. :3
Reply
:iconmiamorecadence:
MiAmoreCadence Featured By Owner Nov 28, 2012  Hobbyist General Artist
If the hacker changed the email of your account how would you(the staff) be able to recover our accounts via email?
Reply
:iconmissdarkangel167:
MissDarkAngel167 Featured By Owner Nov 29, 2012  Student Traditional Artist
If its any help, i was hacked on Monday. But they asked me some info to verify my account and i was able to swap my E-Mail to my current one :)
Reply
:iconmiamorecadence:
MiAmoreCadence Featured By Owner Nov 29, 2012  Hobbyist General Artist
Oh
Reply
:iconswiftwind01:
swiftwind01 Featured By Owner Nov 28, 2012  Hobbyist General Artist
Beware hackers, we will find you out and we will!
Reply
:iconsoaring-of-the-sky:
Soaring-of-the-Sky Featured By Owner Nov 28, 2012  Student Filmographer
Here is some proof of the phishing that I took. : [link]
Reply
:iconorcha3000:
Orcha3000 Featured By Owner Nov 28, 2012  Student Digital Artist
Thank you so much.
Reply
:iconpony-who-waited:
Pony-who-waited Featured By Owner Nov 28, 2012  Hobbyist Photographer
Dem hackers think 2012 is happening that's why :iconmingplz:

But i do find that hackers are a joke and that they know that They could get found out
The problem is sometimes they do get away with it :iconiseewhatyoudidthere:
Reply
:iconfalifer:
Falifer Featured By Owner Nov 27, 2012  Hobbyist General Artist
This happened to me and luckily I took the precautions or I'd be toast! I sent an e-mail because I couldn't access my account and everything's alright now. You guys have a good system, keep it up!
Reply
:icontugera:
Tugera Featured By Owner Nov 27, 2012   General Artist
The hackers were also changing emails on some hacked accounts. Will account recovery work for those accounts?
Reply
:iconhaldron:
haldron Featured By Owner Nov 27, 2012
Yes. :) We're still able to verify the identity of account owners in those cases and restore their accounts to them.
Reply
:icontheraiderinside:
TheRaiderInside Featured By Owner Nov 30, 2012  Hobbyist Digital Artist
Wow, you guy's are amazing!! :tighthug:
Reply
:icontugera:
Tugera Featured By Owner Nov 27, 2012   General Artist
Ah, sweet.
Reply
:iconidjpanda:
iDJPanda Featured By Owner Nov 27, 2012  Student General Artist
I'm starting to question how "safe" DeviantArt really is.
Reply
:iconliggliluff:
Liggliluff Featured By Owner Dec 1, 2012  Hobbyist Digital Artist
You can do this on any site... redirect you to an alternative address with the same login screen, prompting you to login.
If you're suddenly signed out, check the URL... if it's suspect... don't sign in. Always check the URL... on any site.
Reply
:iconidjpanda:
iDJPanda Featured By Owner Dec 1, 2012  Student General Artist
I know that. It's just telling me that dA has a couple openings that crackers and hackers can get into to.
Reply
:iconthorns:
thorns Featured By Owner Nov 27, 2012   Writer
:thumbsup:
Reply
:iconmonochromera:
monochromera Featured By Owner Nov 27, 2012
reason #1 why it feels good to be vegetarian... we don't have phish! :iconimhappyplz:

ha... ha.... lame joke is lame :iconverynotimpressedplz:



but it sure would suck to have my account hacked. :/ I'll be watching those URLs......
Reply
:iconjohntheracoon:
Johntheracoon Featured By Owner Nov 27, 2012  Student Writer
Sometimes lame jokes can be funny if you say that it is lame.
Reply
:iconmonochromera:
monochromera Featured By Owner Nov 28, 2012
:D in which case.... I must be brilliant!~ haha!
Reply
:iconxxxblackhogxxx:
XxXBlackhogXxX Featured By Owner Nov 27, 2012  Hobbyist General Artist
My Girlfriend got hacked by someone like this is she alowed too use my sister's old account or eventually make a new one?
Reply
:iconloivissaxxx:
Loivissaxxx Featured By Owner Nov 27, 2012  Hobbyist Artisan Crafter
You can't use someone else's account, she should wait till the staff fox it and and if not make a new one
Reply
Add a Comment:
 
×

:iconhaldron: More from haldron


Featured in Collections

Editorials - Favs by Bnspyrd

Other journals by KalosysArt

DeviantART by MorriganArt


More from DeviantArt



Details

Submitted on
November 25, 2012
Submitted with
Sta.sh Writer
Link
Thumb

Stats

Views
30,689 (1 today)
Favourites
404 (who?)
Comments
438
×