[Nexus Mods/GOG Giveaway - Winner's Choice! #3]

Oh I am absolutely Phamysht!

 

(Superfluous comment. Saw new tweet about this, so assumed it was another (newer) one. Oops!)

[Nexus Mods/GOG Giveaway - Winner's Choice! #3]

Then we join crit unit B.

[Nexus Mods/GOG Giveaway - Winner's Choice! #2]

Big Robot Bill is odd.

[Nexus Mods/GOG Giveaway - Winner's Choice!]

This is a comment full of comment-y goodness.

[Nexus Mods Giveaway #18]

This comment isn't random, but desperately random.

 

Reference? Very yes.

[Nexus Mods Giveaway #15 - £35 (~$50) Steam Gift Card]

I am gonna leave this comment... to fester.

[July Giveaway #2 Twitter Special]

Gorble. Can't you hear them gorbling?

[Win a Copy of Kingdom Come: Deliverance + DLC]

If this is not a comment, then I am the rock of Gibraltar.

[July Giveaway #1 Facebook Special]

This is a comment. Oh yes.

[May Giveaway #2]

There's a bird in the attic!

[April Giveaway #1]

I'm usually quick to catch these. Not sure what took me so long this time.

[Kingdom Come: Deliverance Giveaway]

There's a bird in the attic!

[Sketchy looking email from nexus]

I've received one as well, sent via the same bulk service (bnc.mailjet.com) on behalf of another (presumably exploited) French travel service's server (karavaniers.com).

 

If it might help I could send someone the full raw (albeit redacted for my own security reasons) email in plain text so they can take a look.

 

I hope this attack doesn't get too far out of hand. Seems like they're trying everything to get one over on Nexus at this point.

[Staff account compromise. What's happened and an apology.]

In response to post #15488155.

That's what I thought, right down to the letter. Thanks for the confirmation.

[Staff account compromise. What's happened and an apology.]

In response to post #15487935.

I go to get tea in the middle of writing a comment regarding that exact subject and manage to get ninja'd in the process. Yeah I've a strong suspicion it's spam but I can't be too sure.

[Staff account compromise. What's happened and an apology.]

Speaking of security concerns, I just received an email "on behalf of Nexus" from an address at karavaniers.com via mailjet.com. Obviously spam, but some mail services aren't very good at catching a lot of it. The only reason why I spotted this one was because I tend to check my spam bin for false positives.

 

The email in question was pretending to be an update notice for the latest NMM version. I'm certain the archive it linked to (zip named Nexus_Mod_Manager_0.50.2_Update) was malicious as it was hosted at an IP address that resolves to an AWS server.

 

If desired I can send the raw email in plain text to one of the staff (via PM) if nobody else has received it yet. It might not be all too important in the long run (spam spoofs happen all the time) but some might be tricked by this one in particular. It seems whoever designed it did a rather nice job at re-creating the Nexus look.