[Important]Be Wary of Suspicious URLs and Websites
As we have mentioned in the past, we have confirmed that certain individuals are attempting to direct players to fake login websites which imitate the Square Enix Account Management System in an effort to steal (also known as “phishing”) information such as their Square Enix ID and password, as well as date of birth.
■ In-game phishing:
We have also confirmed similar attempts in-game which direct players to fake pages imitating Square Enix websites, including the Support Center, the Lodestone, and the official FINAL FANTASY XIV forums. Before opening any URLs you may see in-game (via tells, say, etc.), we urge you to confirm that they are legitimate and not a fraudulent imitation.
■ How to detect fake Square Enix websites:
The Square Enix Account Management System complies with EV SSL certification. Should a website ask for your Square Enix Account information, please make sure that the website is legitimate before entering any information. On certain web browsers, the address bar will display an icon indicating the website’s security certificate. On a legitimate Square Enix Account Management System login page, clicking this security icon will display references to “SQUARE ENIX CO., LTD.”
* On a legitimate website operated by SQUARE ENIX CO., LTD., no other pages apart from login pages will require password entry, nor will any of our staff ever ask you for your password.
Examples of characteristics used in phishing URLs:
* The “s” is missing from “https” in the URL of the login page. The fake website will display http:// in the URL.
* The hyphen symbol is missing from “square-enix.” The fake website will display variations of “squareenix” in the URL.
* The letter “i” is replaced with various characters like “l” or “j.” The fake website will display “square-enlx” or “square-enjx.”
* The “com” in “square-enix.com” is replaced by various domains.
* The examples above are some of the characteristics we have confirmed. However, it is highly likely that phishing attempts will continuously change their methods.
* For more information on EV SSL certification, please visit the website below.
https://www.websecurity.digicert.com/security-topics/what-is-ssl-tls-https
■ Official Square Enix websites:
Official Square Enix Account Management System:
https://secure.square-enix.com/account/
Official Square Enix Support Center:
https://support.na.square-enix.com/
https://support.na.square-enix.com/main.php?id=5382&la=1
The Lodestone:
https://na.finalfantasyxiv.com/lodestone/
Official Forums:
https://forum.square-enix.com/ffxiv/
■ If you have already visited a fake Square Enix website:
If you believe you have visited or entered your account information on a fake website, we recommend scanning your system with anti-malware or anti-virus software and changing your password immediately. For increased account security, we strongly recommend adding a one-time password to your account.
Learn more about login issues and/or changing your password:
https://sqex.to/xPt
Learn more about adding a one-time password to your account:
https://www.square-enix.com/na/account/otp/
Please also refer to the following article entitled "Warning Concerning the Security of Your Account":
https://sqex.to/kWj2b
In order to protect your data and personal information, we urge everyone to remain vigilant when handling account information such as their Square Enix ID and password.
*Updated on Aug. 18, 2021 at 6:30 p.m. (PDT)
Edited to fix an error in translation.
■ In-game phishing:
We have also confirmed similar attempts in-game which direct players to fake pages imitating Square Enix websites, including the Support Center, the Lodestone, and the official FINAL FANTASY XIV forums. Before opening any URLs you may see in-game (via tells, say, etc.), we urge you to confirm that they are legitimate and not a fraudulent imitation.
■ How to detect fake Square Enix websites:
The Square Enix Account Management System complies with EV SSL certification. Should a website ask for your Square Enix Account information, please make sure that the website is legitimate before entering any information. On certain web browsers, the address bar will display an icon indicating the website’s security certificate. On a legitimate Square Enix Account Management System login page, clicking this security icon will display references to “SQUARE ENIX CO., LTD.”
* On a legitimate website operated by SQUARE ENIX CO., LTD., no other pages apart from login pages will require password entry, nor will any of our staff ever ask you for your password.
Examples of characteristics used in phishing URLs:
* The “s” is missing from “https” in the URL of the login page. The fake website will display http:// in the URL.
* The hyphen symbol is missing from “square-enix.” The fake website will display variations of “squareenix” in the URL.
* The letter “i” is replaced with various characters like “l” or “j.” The fake website will display “square-enlx” or “square-enjx.”
* The “com” in “square-enix.com” is replaced by various domains.
* The examples above are some of the characteristics we have confirmed. However, it is highly likely that phishing attempts will continuously change their methods.
* For more information on EV SSL certification, please visit the website below.
https://www.websecurity.digicert.com/security-topics/what-is-ssl-tls-https
■ Official Square Enix websites:
Official Square Enix Account Management System:
https://secure.square-enix.com/account/
Official Square Enix Support Center:
https://support.na.square-enix.com/
https://support.na.square-enix.com/main.php?id=5382&la=1
The Lodestone:
https://na.finalfantasyxiv.com/lodestone/
Official Forums:
https://forum.square-enix.com/ffxiv/
■ If you have already visited a fake Square Enix website:
If you believe you have visited or entered your account information on a fake website, we recommend scanning your system with anti-malware or anti-virus software and changing your password immediately. For increased account security, we strongly recommend adding a one-time password to your account.
Learn more about login issues and/or changing your password:
https://sqex.to/xPt
Learn more about adding a one-time password to your account:
https://www.square-enix.com/na/account/otp/
Please also refer to the following article entitled "Warning Concerning the Security of Your Account":
https://sqex.to/kWj2b
In order to protect your data and personal information, we urge everyone to remain vigilant when handling account information such as their Square Enix ID and password.
*Updated on Aug. 18, 2021 at 6:30 p.m. (PDT)
Edited to fix an error in translation.
