Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Phishing emails are overwhelming me

Forum Avatar
Afterall
#0 - Aug. 12, 2010, 12:29 p.m.
Blizzard Post
Greetings all who take the time to read this, im sorry if i violate any rules by posting my copy and pasted material from my email here, but it is purely accidental if i do, i just would like some confirmation about any of the emails i am receiving lately to actually be real or not. I am receiving so many emails lately that i cannot tell if they are actually from blizzard or not and im getting really confused..

here is text from a few of the emails i have been receiving, copied and pasted in their entirety, i have removed my email address from them to protect my privacy, although it doesnt really matter if i do that because it seems a million people already know it.
________________________________________________________________________________
<removed>

____________________________________________________________________________
Any help with this topic would be appreciated, the first two are by far the scariest, because i did in fact receive a 3 hour suspension about a week ago and i was never told why.
Forum Avatar
Orlyia
#1 - Aug. 12, 2010, 12:43 p.m.
Blizzard Post
First - any hyphenated-Blizzard-ish-sounding-string-of-words-battle-net.com does not make it a Blizzard domain :) That is an instant tipoff. Hyphens do not perform the same function as a dot in a URL.

Next, the surest way to tell if any email is legitimate is to pop open the internal routing headers and see who REALLY sent the email. Note - we only send mails from our domains, we don't use Hotmail, etc....:)

These are what is commonly referred to as a phish. That quite literally means someone is ‘fishing’ for information and hoping they get a bite :)

If you look at the top of this forum you’ll see a library of ones that are commonly used (or close variants thereof) under “Fake Emails from Blizzard”

http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1

The proper email to report these is [email protected] – you can forward the email, headers intact to that address.

Phishes rely on two primal human emotions and hope they get you to react before you think through what is being asked, greed and fear. They’ll either try to entice with an offer or intimidate with a threat.

We never ‘threaten’ an account action. If we have sufficient cause to think an account has been tampered with or needs locked down, we do it first – we don’t threaten with an ‘or else’ email.

WoW accounts are certainly not the only target of phishers. They send them out purporting to be banks, credit card companies, shipping companies – all aimed at obtaining information the thief can use to your detriment.

We will also NEVER ask for your password, or ask you to sign into some website somewhere not under our domain to login.

One way to check any email is to open up the header in your email program and check to see the actual route and sender. This is done in various ways, depending on your email program, but all can do it. Internal email addresses (what you see at the top of an email) can be spoofed very easily. Where it says it came from under sender is not necessarily true. The header of that email will show the true sender. Many spam programs actually use a comparison of these to flag suspicious emails.

Links in an email are also incredibly easy to spoof and/or redirect. Just because the URL looks legit doesn’t necessarily mean that’s where it really goes. Before clicking ANY link, in ANY email, mouse over the link and look at your bottom browser bar to see where it is reported to actually be destined.
Forum Avatar
Orlyia
#4 - Aug. 12, 2010, 12:50 p.m.
Blizzard Post
Q u o t e:
thank you for responding so promptly, Game Master Orlyia, i just now read about how to forward the suspicious emails to [email protected] and i will now be doing so with all emails i receive, but i was wondering, were all the messages i pasted in my original post, actual phishing emails?
thank you for your time and i love how you said shenanigans in that one druids post, lol <3


Yes.

Barring any other evidence, just at first glance.

The first one had a mile-long hyphenated Blizzard-ish sounding URL.

The second was 'threatening' an action.

Both those are red flags and I'm sure you'd find other markers in them as well.