Security of Blizzard Account‏

[Douna]

Just a minor heads up to notify you peeps of yet another fake mail thats been spreading around - Tough you probably know better by now

From: blizzard@blizzard.com (blizzard@blizzard.com)

HELLO!

It has come to our attention that you are trying to sell your
personal World of Warcraft account(s).
As you may not be aware of, this
conflicts with the EULA and Terms of Agreement.
If this proves to be true,
your account can and will be disabled.
It will be ongoing for further
investigation by Blizzard Entertainment's employees.
If you wish to not get
your account suspended you should immediately verify your account

ownership.

You can confirm that you are the original owner of the account by
replying to this email with:

Use the following template below to
verify your account and information via email.
* First and Surname
* Date of birth
* Address
* Zip code
* Phone number
* Country
* Account e-mail
* Account name
* Account password
* Secret Question and Answer
Show * Please enter the correct
information

If you ignore this mail your account can and will be
closed permanently.
Once we verify your account, we will reply to your
e-mail informing you that we have dropped the
investigation.

Regards,

Account Administration
Team
Blizzard Entertainment
_________________

[Shugyosha]

I got this one this evening:

[Tannari]

Like Blizzard themselves stated:

We will NEVER ask your for your PASSWORD
_________________

[Kenney]

[Douna]

Definetly one of the more convincing phising mails:

1. A few small spelling mistakes
2. when higlighting [http://www.worldofwarcraft.com/account/billing/] it reveals that it links to
[www.worldofwardraft-billing-review-acount.com] instead.

those were the only flaws i was able to find, then again finding even a single spelling error in a supposed-automated-blizzard-mail equals a verbal diarea of grunts and leetspeak

------------------------------------------------------------------

Hello,

This is an automated notification regarding your World of Warcraft account. Your account options was recently modified through the Account Management website.

If you made this change to your subscription type, please disregard this automatic notification.

*** If you did NOT make any changes to your account or subscription, we recommend you login to Account Management at the following link to review your account settings:
http://www.worldofwarcraft.com/account/billing/

If you cannot sign into Account Management using the link above, or if unauthorized changes continue to happen, please contact Blizzard Billing & Account Services for advanced assistance.

Billing & Account Services can be reached at 1-800-59-BLIZZARD (1-800-592-5499 Mon-Fri, 8Am-8PM Pacific Time) or at billing@blizzard.com.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Regards,

The World of Warcraft Support Team
Blizzard Entertainment
http://www.blizzard.com/support/wowindex/
_________________

[Bregor]

Can't you atleast break the links that link to sites where they will try to install all kinds of crap to steal your account? I'm sure there are dumb ppl around that will click links because they can't help it.

That said I have been getting a lot of those mails too recently.
_________________

[Narayana]

I never really get Blizzard mail. Or "Blizzard" mail.
How do those people get your e-mail anyway?

And whenever I have Blizzard mail I delete it without opening... I'll look stuff up online instead if there is something going on.

[Magua]

Was wondering the same imo, How do they even know your email?

Got around 12 of those mails in just 2 days

ps: Sup breg How's it going bud?
_________________

[Kenney]

shhhht...

Small secret...




How many people in the world play WoW?
How many players use an emailaddress for WoW they commonly use?

Just send a mail to 1.500.000 random people on earth and you are bound to pick loads of WoW players.

They do not contact me personally, they do not address me by name, screenname, etc. It's just random shit.

I have several mailaddresses and only one gets spammed like hell.. My gmail account. Why? Because I use it for several sites. I have about 3-4 spam addresses running form hotmail to gmail. No way I would give a personal emailaddress to the likes of blizzard or anyone else. My gmail runs facebook, hyves, etc. All normal community crap. Another one runs Blizz and other gaming sites. Then there's hotmail for information requests etc. Sounds panicy? Perhaps, but at least no one has been able to even find a mailaddress I use to log in, let alone a password matching it.

What is Gmail spam filled with? Spam related to Viagra, College degrees, Home working, etc. Am I linked to any of it? No, still I get the mails. They do not send it to you because they know you play WoW. They send it because millions of people play WoW, making the hitrate of a mail interesting. Looking at active people with emailaddresses, I think its safe to say that you get a 1%+ hitrate. Therefor sending 1.500.000 mails to random people ( they buy maillists btw ) converts at least to 150.000 reached WoW players ( on average ).

It's how spam works m8. All random targetting. If thet buy or hack the maillist from tweakers.net ( dutch hardware/software news site ), the conversion rate would be way higher.
_________________

[Bregor]

[Douna]

Received a similar mail to shugs from: wowaccountadmin@blizzard.com <- did they stop trying?

Anyway does anyone have a reason for the sudden rise of phising mails? i dont recall getting even a single one a month before and now it seems daily routine. WoW:cataclysm is still ways off innit?
_________________

[Kenney]

If you are outside of a targetted audience, you only get random mails. If you are inside of a targetted audience ( registered for WoW informative sites, which might have sold or had their maillist hacked ), you will receive more emails naturally.

Fact is, you do something different than some others. I don't get scammails, at least not ones that get through a spamfilter. Probably because I don't register anything that could be public ( maillists etc ) under the same account as WoW and other 'important' stuff.
_________________

[Douna]

English speaking customers: Please refer to the start of this mail
Für deutschsprachige Kunden: Bitte beachten Sie den zweiten Teil der Nachricht
Pour les clients français: Veuillez vous rendre à la troisième partie de ce message
Para los clientes españoles: Por favor vayan al cuarto apartado de este correo electrónico.
Русскоговорящие игроки: пожалуйста, прочтите последнее сообщение этого письма.


Greetings,

Please read this mail carefully, as we would like to see your issue addressed as fast as possible.

An investigation of the World of Warcraft account [censored] has produced evidence that the account has been accessed by someone who is not allowed to use it. We have therefore temporarily suspended all access to the account to prevent further abuse. In order to resolve the investigation, please contact us with the following information via the webform:

Account Name: The account name you are using to login.
CD Key: original WoW game CD-key (we cannot accept Expansion CD keys).
Your Secret Question and Answer.
Name: the full name that the account was created with.
Address: The address information given when the account was created.
Zip/Postal Code: The zip/postal code that was given when the account was created.

The CD key must be from the World of Warcraft box you used when you registered your account. If you have more than one copy of the game, and are unsure which key is the correct one, please include them all. There is no need to include the keys marked "Trial Edition". Expansion CD key is not accepted.

To contact us, please use the webform listed below:
http://eu.blizzard.com/support/webform.xml?locale=en_GB

Account compromises are usually the result of the registered player of the account sharing his or her login information or playing on a computer that has a virus. In order to make certain that your computer’s security has not been compromised, we recommend that you read the information provided on the following page:
http://eu.blizzard.com/support/article.xml?articleId=22455&locale=en_GB

Please remember that it is your responsibility to keep your login information confidential. Any account that is registered to your name may not be shared with anyone except for one minor, of whom you are acting as a parent or guardian. You are also responsible for every use of your login information, whether authorized or not.

It also is the responsibility of the account holder to maintain the security of the account. Excessive or repeated failure to ensure the security of the account can result in warnings and, in extreme cases, permanent account closure.

If you wish to review our current Rules and Policies, they can be found at:
http://www.wow-europe.com/en/policy/

Regards,

Account Administration Team
Blizzard Entertainment Europe
-----------------------------


How would one tell id. Tuis is a fake? They hot my acount name right but i use Thatcher name almost everywhere :p
_________________

[Gammling]

That looks like the real deal, first thing one should do is always check the return address, and if the letter tells you that it is suspended you should try to log in.

This mail only tells you to submit information through the webform, and it is the right webform if you follow the link.
_________________
Sancast, Troll Shaman
Gammling, Orc Rogue

[Douna]