Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Blizz Store & Phishing Email

Forum Avatar
Erela
#0 - June 4, 2010, 5:58 p.m.
Blizzard Post
Recently my son had me go to blizz store so he could buy me a couple of the pets. Within 2 days of buying those pets I got an email that was obviously not sent from blizzard even tho it said it was about some sort of cheat. My computer is secure and that is the first unsolicited email I have ever recieved on that email account other than from yahoo themselves in over 3 years. All the recent hacks and gold selling spam in trade chat makes me think there is a possible issue with buying from the blizzard store.
Forum Avatar
Malkorix
#12 - June 4, 2010, 6:47 p.m.
Blizzard Post
Q u o t e:
Correlation does not imply causation.


This is a hugely important point.

Were those email addresses used to sign up for anything, at all, anywhere else? If so, then that is by far the most likely source of any phishing messages. Regardless, this is a coincidence, and this would be an excellent time to familiarize yourself with our sticky regarding how to recognize phishing emails. You can find that here:

Fake E-mails from "Blizzard Entertainment"
http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1

Q u o t e:
I prefer to play it safe where I can. And with all the <removed> regarding authenticators on this forum, don't think that's the way to go either.


Actually, acquiring an Authenticator is amongst the single best steps you can take to help secure your account (though they are not fool proof, and a somewhat weaker protection by-themselves if other security measures are not also in place). The Authenticator issues you've seen on this forum are related to those who either were compromised, and an unauthorized authenticator was placed on their account, or, alternatively, they lost access to a physical or mobile Authenticator, but did not write down the serial number of their app or device.

The first can be prevented by having an Authenticator, and the latter can largely be dealt with by making a note of the device serial number.