Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Fake Email Received

Forum Avatar
Zulkin
#0 - July 27, 2010, 9:46 a.m.
Blizzard Post
Just received a suspicious email informing me that my account password had been modified recently, which I have not done.

The language/grammar is pretty decent, which took me awhile to actually realise that the email address was suspicious. That, and the fact that the email account that received their email was not linked to my actual wow account in any way.

And they actually sent it in two languages. Wow.


The fake links in the mail goes to
wow-europe.invest-security.com/

Just a heads up.

----------------------------------------------------------------------------------------------------


Battle.net Account - Information Change Notice‏
From: Blizzard Entertainment (account@blizzard.sales.com)
Sent: 21 July 2010 02: 47AM
To: **********@hotmail.com
English speaking customers: Please refer to the start of this mail
Para los clientes de España: por favor vaya a la Sección II de este correo electrónico.

Hello,

This is an automated notification regarding the recent change(s) made to your Battle.net account: ************@hotmail.com.

Your password has recently been modified through the Account Management website.

*** If you made this password change, please disregard this notification.

However, if you did NOT make any changes to your password, we recommend you contact Blizzard Billing & Account Services for assistance keeping your account as secure as possible.

For more information, click here for answers to Frequently Asked Questions or to contact the Blizzard Billing & Account Services team.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Sincerely,
The Battle.net Account Team
Online Privacy Policy

-----------------------------

Hola,

Esto es una notificación automática sobre los cambios realizados recientemente a tu cuenta de Battle.net ***************@hotmail.com.

Tu información ha sido modificada recientemente a través del sitio web de Gestión de la Cuenta.

*** Si has realizado este cambio, haz caso omiso de esta notificación.

Sin embargo, si NO has realizado ningún cambio a tu información, te recomendamos que te pongas en contacto con el Departamento de Suscripciones de Blizzard para que te ayuden a mantener tu cuenta lo más segura posible.

Si deseas más información, haz clic aquí para consultar la sección de preguntas frecuentes o ponerte en contacto con el Departamento de Suscripciones.

La seguridad de la cuenta es responsabilidad exclusiva de su titular. Te avisamos de que si la seguridad de tu cuenta queda comprometida, normalmente los representantes de Blizzard deben bloquearla. En estos casos, el equipo de Administración de Cuentas necesitará que le envíes un fax con tu identificación antes de activar la cuenta para jugar de nuevo.

Atentamente,
El equipo de cuentas de Battle.net
Política de protección de datos
Forum Avatar
Orlyia
#3 - July 27, 2010, 1:38 p.m.
Blizzard Post
This is what is commonly referred to as a phish. That quite literally means someone is ‘fishing’ for information and hoping they get a bite :)

If you look at the top of this forum you’ll see a library of ones that are commonly used (or close variants thereof) under “Fake Emails from Blizzard”

http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1

The proper email to report these is hacks@blizzard.com – you can forward the email, headers intact to that address.

Phishes rely on two primal human emotions and hope they get you to react before you think through what is being asked, greed and fear. They’ll either try to entice with an offer or intimidate with a threat.

We never ‘threaten’ an account action. If we have sufficient cause to think an account has been tampered with or needs locked down, we do it first – we don’t threaten with an ‘or else’ email.

WoW accounts are certainly not the only target of phishers. They send them out purporting to be banks, credit card companies, shipping companies – all aimed at obtaining information the thief can use to your detriment.

We will also NEVER ask for your password, or ask you to sign into some website somewhere not under our domain to login.

One way to check any email is to open up the header in your email program and check to see the actual route and sender. This is done in various ways, depending on your email program, but all can do it. Internal email addresses (what you see at the top of an email) can be spoofed very easily. Where it says it came from under sender is not necessarily true. The header of that email will show the true sender. Many spam programs actually use a comparison of these to flag suspicious emails.

Links in an email are also incredibly easy to spoof and/or redirect. Just because the URL looks legit doesn’t necessarily mean that’s where it really goes. Before clicking ANY link, in ANY email, mouse over the link and look at your bottom browser bar to see where it is reported to actually be destined.