sctman800
Member
Call Midway is the best advice I have heard. I also order from them a lot and they have always been helpful and friendly every time I have called, and I am sure they would want to know about any scams. Jim.
Midway USA Scam?
- Thread starter pdowg881
- Start date
- Status
geekWithA.45
Moderator Emeritus
The pattern is Phishy.
Anything that even looks vaguelly Phishy is best treated as Phishing.
Knowledgeable, professional site manager understand this, and will -never- do anything legitimate that looks like Phishing.
If account updated are legitimately needed, you won't be emailed. They'll logout the world en masse, and snag everyone after they log back in.
Anything that even looks vaguelly Phishy is best treated as Phishing.
Knowledgeable, professional site manager understand this, and will -never- do anything legitimate that looks like Phishing.
If account updated are legitimately needed, you won't be emailed. They'll logout the world en masse, and snag everyone after they log back in.
lance22
Member
No legit company would ever send an exe as part of an email, and no legit company would ask you to reaffirm personal information over the internet ... even though we do that filling out forms if they lose it they will call. Now, I'll grant that Midway may have done this but if they did they should cease the practice.
I'm a senior web developer, btw.
I'm a senior web developer, btw.
Jorg Nysgerrig
Member
- Joined
- Apr 13, 2006
- Messages
- 7,822
So if one guy doesn't set an optional password during an order, they reset all the users? That doesn't seem to be very efficient. I would imagine that they simply have a script that checks for users who have checked out without setting a password that sends an email recommending they do it so can take full advantage of the site. Especially as it seems that
They didn't send an exe as part of the email. They sent a link that looked something like this: https://www.midwayusa.com/eaccount.exe/pleasesignin?utm_source=youraccount&utm_medium=homepage917, emphasis mine. I'm sure as a senior web developer you can see the difference.
Last edited:
MinnMooney
Member
You're right to be skeptical. This is a very commom scam that, unfortunately, works with some computer-unsavy customers of stores & banks.
They make it sound real but in the end they get your password, change it, order a bunch of stuff, have it sent to an address (not their own) where they know people work all day or are an extended vacation and then they show up to accept the delivery.
They make it sound real but in the end they get your password, change it, order a bunch of stuff, have it sent to an address (not their own) where they know people work all day or are an extended vacation and then they show up to accept the delivery.
Harley Quinn
Member
Yep, never answer those unsolicited e-mails they are spam and need to be reported.
Huge business out there trying to steal money, they have traced most of this to locations that are similar to a cold call spot looking for your bank #'s also.
I have a very good virus software that takes care of it.
Yahoo has been having a rough time keeping it out. Anytime you get them report them.
I was just doing business with Midway last week, good outfit I believe.
No scams from them ever.
HQ
Huge business out there trying to steal money, they have traced most of this to locations that are similar to a cold call spot looking for your bank #'s also.
I have a very good virus software that takes care of it.
Yahoo has been having a rough time keeping it out. Anytime you get them report them.
I was just doing business with Midway last week, good outfit I believe.
No scams from them ever.
HQ
Hokkmike
Member
At least it is not the Nigerian VP of Midway offering to sell you a partial ownership of th ecompany for a small one time only investment.
These things are all over the place. Sadly, the ymust be partially successful or they would have dried up.
These things are all over the place. Sadly, the ymust be partially successful or they would have dried up.
geekWithA.45
Moderator Emeritus
No.
If they need something from one guy, they'll log -him- out, and catch him on the way in.
If they've made some sweeping change in their architecture, they'll log everyone out, and catch them one by one as they log in.
The point is, additional information is collected -after- the user has authenticated during the normal course of operations, and that forcing the user to authenticate is trivial.
Authentication is a two way street: The site and the user convince each other of their legitimacy.
Jorg Nysgerrig
Member
- Joined
- Apr 13, 2006
- Messages
- 7,822
If you don't have a password, you can't be logged in. I think they were trying to associate a web account with an existing "order" account.
Anyway, the best bet would be to call Midway USA.
Last edited:
RustyHammer
Member
Sounds Phishy to me!
inherentical
Member
- Joined
- Apr 25, 2007
- Messages
- 753
The original link was to midwayusa.com, nothing phishy about it.
If it makes you feel more comfortable, go directly to the site to log in.
This is a phishing link:
midwayusa.com
This is not:
midwayusa.com
If it makes you feel more comfortable, go directly to the site to log in.
This is a phishing link:
midwayusa.com
This is not:
midwayusa.com
CNYCacher
Member
Myself and another THR member active in this thread who can confirm or deny as he sees fit determined independantly last night that the site manager of midwayusa.com is neither knowlegable or professional. I won't go into details.
I got that exact same E-mail and thought it didn't look quite right. I only gave Midway my E-mail address but never opened an account with them. I ended up deleating their E-mail right away.
I think I will use the phone to deal with them from now on.
I think I will use the phone to deal with them from now on.
Waitone
Member
Any response out of Midway???????
spankaveli
Member
Jorg said:
if you want to get technical, those aren't exe extensions. an exe extension would be exe at the end of the url, not in a folder name. they simply named the folders with .exe (for whatever reason.) it's not actually running an executable file whenever you click the link.
by the OP's post, it seemed as though he was referring to an exe link with exe at the end of teh link. if that's the case, it's not legit. it is possible, however, that i misinterpreted his post.
I like to go by the notion "when in doubt, it's a scam."
If you get an email asking you to confirm anything by any company, don't click on the link. Go to that company's website directly by typing their url into your browser and then log into your account. If there's anything going on, you should get a message from them once you log in.
Harley Quinn
Member
Continued:
I just got my package today ordered it on the 20th...Now that is fast.
3 items in the same box. All in stock
I just got my package today ordered it on the 20th...Now that is fast.
3 items in the same box. All in stock
fireflyfather
Member
- Joined
- Oct 22, 2006
- Messages
- 807
And knowing that, how hard would it be for me to send you an email from "midway" asking for your contact info?
Sincerely,
Stacey & Morgan.
Jorg Nysgerrig
Member
- Joined
- Apr 13, 2006
- Messages
- 7,822
That was in response to post #2 where they said to call and ask if a Stacey or a Morgan worked there. The names are irrelevant and merely a a side note.
The things that validated the email were that it was from Midway, the links went to Midway's secure server, the certificate verified it was them, and a few other things.
- Status
