Oooo Nice try Sucka

[Redith]

So I guess "Blizzard" contacted me...Yha right



World of Warcraft Password Rese‏ (Wait...isnt that soposed to be Reset?)
From: noreply @ blizzard.com (noreply @ blizzard.com) (Ohhh nice point on the noreply that actually looks leget)
Sent: Fri 5/21/10 7:24 PM
To: (Me lol.)

Greetings!

This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
we recommend you Login verify your password:

www.Batt1e-account@urmomshowse.WTF (Anyone else see the 1 instead of l? Also if you click on the link it brings you to a good look-alike page...But the addy is still Batt1e-account.)

If you are unable to successfully verify your password .
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,


The World of Warcraft Support Team Blizzard Entertainment



Very nice try fool. I am posting this so people can see the type of emails these scammers are sending so you can avoid them.

[Vephriel]

I removed the link from your post just so that no one accidentally clicks on it.

[Redith]

I removed the link from your post just so that no one accidentally clicks on it.

Thanks but I had allready rondomised the numbers and letters so it was a harmess link anywho lol

[Sarayana]

You know, someone must be falling for these things, since they keep sending them out... And I suppose if they send them to thousands each night and even just two fall for it, that's a nice return on an email... no? For them, I mean. :\

[VelkynKarma]

Clever, but not clever enough. I don't understand why people try stuff like this though

~VelkynKarma

[Ryai]

Clever, but not clever enough. I don't understand why people try stuff like this though

~VelkynKarma

Because you can fool some of the people some of the time. And that's enough profit. There's no money required in making scam mails like this. Hell a guy got rich inventing spam mail and pleasure in gloating about it.


it's why I verbally attack gold sellers in whispers when they prove to not be bots

[Saturo]

I have a macro to threaten them with being boiled in their own blood, which it sends as a reply to whispers...

On several occassions I've actually gotten responds, usually just their pricelist tough...

[Dewclaw]

I had two guildies fall for in game spam whispers last week. I had to demote them to lowest rank to make sure our guild bank was protected until they were able to contact gms to clear the mess up. They had both gone to the bogus link in the whisper they got. I gave them tips for next time to know what's safe, and what's not safe.

[Kalanzyne]

I get 2-3 of these a day, they always a make me smile when I read them. Some as good as the one the op posted, some that have an even worse use of the english language. Sadly it seems to many people fall for these scams.

Got a new one today that was an interesting read.
Here it is. Links disabled for safety etc.

Dear customer, hp9fu6ycqahwy51d6qhbvzwwhtiudbcbe

This is an automated notification sent from our account security system. You logined your account successfully at 4:27 on April 26th form the 125.81.137.* range, but our system shows the 125.67.190.* IP range exists a large number of hackers. As too many customer complaints, the 125.32.158.* IP range has been blacklisted. We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, we need you check your account status here as soon as possible. If you have any questions, please visit us.battle.net/login.html?ref=https%3A%2F%2Fus.battle.net%2Faccount%2Fmanagement%2Findex.xml&app=bam.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Regards,

Blizzard account system
Blizzard Entertainmentcrwlzz5gpdogefl0ywjcaslasiibgmml80vy7ob9j5

[kairii]

yeah i get that email alot but my emails are all different from eachother
like my forum one is a @live
my WoW account one is another @live but starts with another name
social things liek facebook and whatnot is a @hotmail

i know it may seem confusing but atleast i know which email is real and which isnt

and as for the links in game
everyone and their dog should know there is a blue blizz icon next to a gms name and anything used wow-ish -.- i really dont understand how people fall for this kinda stuff : /

like theres a lock on my current realm he USE to be a gold seller (no joke i actully reember him /wing me back in tbc) and he cant believe people fell for it either but hes much happier to play the game now and lols when he gets the /w's to xD

[Saturo]

If I'm GM or high-rank officer I tend to just kick people that fall for these scams right away. IMO, some common sense is required, as it is very hard to get a GM to return stuff to the GB.

It's worse when the guildleader gets hacked... That's a straight /gquit for me.

[kairii]

narr my bf was GM of a guild for awhile and got hacked twice tbh we never really used our GB much but tbh you normally get double items back which can be ok :p

and for the record hes never clicked any ingame links or email links
hackers can be found in banners on curse mmonchamp wowhead etc they are very hard to notice nowdays

and how do i know they are in banners well my guild is full of nerds who know everything .. though i love the med students the most <3

[Sarayana]

It's not hard at all to get things back the the guild bank Saturo. The GL just has to open a ticket and say the bank was emptied. When the hacked account is investigated and they decide to restore it, they restore the items to the guild bank at the same time. The GL gets all the items in the mail.

As for people getting hacked being stupid, I disagree. Yes, there are a number of very simple things you can do to protect yourself, but not everyone has the knowledge to do so. Hell, I wouldn't if my family wasn't all computer geeks.

i know it may seem confusing but atleast i know which email is real and which isnt

Not confusing at all, Kairii. It's one of the best way to protect yourself. My battle.net account is under an email that isn't used for anything else. If I get an email "from Blizz" on one of my other accounts, it's an immediate delete, I don't even have to think about it.

[Adam-Savage]

I removed the link from your post just so that no one accidentally clicks on it.

Thanks but I had allready rondomised the numbers and letters so it was a harmess link anywho lol

Yah but Vephriel I believe want's to be 110% Sure it can't lead to something bad I believe.

[Darkharvest]

I had never gotten one of these until they switch to the battlenet login thing, and now you need an email to log in, kinda odd. Now I get one every week or 2.

[kairii]

Sarayana .. its confusing for me ... so many passwords T^T

but yeah it is workable system since i made my current account 0 hacks and my old account (which was from my ex BF) was hacked about 7 times form the both of us ... i learnt my lesson


and as for the battlenet thing i remeber when it first came out it was so easy to hack into was funny to watch my friends get hacked who changed to battlenet
and i remeber just before they forced us all to do it there was another mass hack
the scam messages dont shock me since the change after knowning that

[Sarayana]

Sarayana .. its confusing for me ... so many passwords T^T

but yeah it is workable system since i made my current account 0 hacks and my old account (which was from my ex BF) was hacked about 7 times form the both of us ... i learnt my lesson


and as for the battlenet thing i remeber when it first came out it was so easy to hack into was funny to watch my friends get hacked who changed to battlenet and i remeber just before they forced us all to do it there was another mass hack
the scam messages dont shock me since the change after knowning that

Heh sorry, I read it as "my explanation may be confusing" but yeah, I know how multiple email accounts can get. I use thunderbird to just keep track of them all in one place, it's great.

Hacking has gotten worse, but I don't think it has to do with Blizzard having bad security or anything. Two facts:
1) Many keyloggers only run when you have WoW running. Having to log into your account with your email address obviously gives them access to that ON TOP OF giving them your login.
2) WoW has bigger gold sinks now than ever before, because gold is easier to come by. It's fine for the large majority that doesn't mind doing dailies/playing the AH/farming to make gold, but for those that don't want to do that, it's an even bigger motivation to go and buy gold.

I honestly don't know what Blizz can do about it, cause the problem lies with the users, you know? The idiots that buy gold and the players that just don't know how to be safe on the internet. No matter how secure a system Blizz could possibly make, people would still get hacked. :\

[Ghanur]

I never get a scam mail to my battle-net ID - I don't use this email for any other services.

The one email I use on forums receives 5 to 10 mails per day - they are easy to filter out, anything from Blizzard or claiming beeing from Blizzard is moved to /dev/nul.

Interesting part is, the scammers try to use "reset password" on this non battle-net ID so there are several legit mails from Blizzard...
Maybe the scammers use those collected mail addresses (the non battle-net IDs) to create spam accounts?

Blizzards move to battle.net and forcing it's customers to use an email-address as ID opened up the door for phishing/scamming.


Further information:

Code: Select all

battle.net

does have a valid SPF entry, so any mail from other mail servers than listed is scam/phishing.

Code: Select all

wow-europe.com
blizzard.com

don't have SPF entries, so anyone can send in their name, makes filtering hard and phishing really easy.

[Vespias]

My fav is when you mouse over a link and it says "WorldofWarcuraft.com"....lol, classic.