Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Uh, Oh

Forum Avatar
Quantumlyn
#0 - Sept. 20, 2010, 4:30 p.m.
Blizzard Post
I received the following e-mail:

Greetings,


An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded. As you may
not be aware of, this conflicts with Blizzard's EULA under section 4 Paragraph B which can be found here:
WoW -> Legal -> End User License Agreement
and Section 8 of the Terms of Use found here:
WoW -> Legal -> Terms of Use
The investigation will be continued by Blizzard administration to determine the action to be taken against your account. If your account is
found violating the EULA and Terms of Use, your account can, and will be suspended/closed/or terminated.
In order to keep this from occurring, you should immediately verify that you are the original owner of the account.
To verify your identity please visit the following webpage:
<Link removed to prevent confusion>

Only Account Administration will be able to assist with account retrieval issues. Thank you for your time and attention to this matter, and
your continued interest in World of Warcraft.
Sincerely,

Kennalith
Account Administration
Blizzard Entertainment


IW7dFryGrI5

******************************

The sender was noreply@blizzard.com. Since I hadn't accessed my account in a long time, I clicked the link. However, it came up with what appeared to be chinese characters. I immediately closed the window and deleted all cookies from the past 15 minutes.

Does just going to the site mean that my account will be hacked? What can I do?
Forum Avatar
Zenlyth
#2 - Sept. 20, 2010, 7:08 p.m.
Blizzard Post
Heya Quantumlyn,

You should always check the email headers of the emails you receive from us, here is some information that can show you how to verify if an email is legit or not.

    http://us.blizzard.com/support/article/25133

    What should I look for in the header?

    Email headers contain information about the sender (who sent the email message), the path the email took to reach your inbox, and things that may have happened to the email before arriving. This information is very important and can be used to determine whether or not an email is malicious.
    Once you've accessed an email's header information, you'll want to attempt to verify the sending address. To do this, look at the "Return-Path" or the "originating address" for the email. For most phishing emails, the email address displayed in this location will differ from the address displayed in the "From" field.

      A legitimate header from Blizzard Entertainment should look something like this:

      X-SID-PRA noreply@blizzard.com
      or
      Return-Path: < noreply@blizzard.com >
      Received: from smtp01.worldofwarcraft.com ([XX.XXX.XXX.XXX]) by…
      Received: from … by smtp01.worldofwarcraft.com …
      for <Your Email Address>; Tue, 29 Jan 2008 10:46:05 GMT
      From: noreply@blizzard.com
      To: You’re Email Address


    If you believe you've received a phishing email, please forward the email to hacks@blizzard.com , at your earliest convenience. When forwarding the email, copy and paste the entire email header into the message body to ensure that we are able to identify the source. This information will help us prevent future phishing emails of the same type.
For similar emails and what to look for when you receive emails from us, please visit this thread:
http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1