Forum:Account phishing using wowpedia email address

From Warcraft Wiki
Jump to navigation Jump to search
Forums: Village pump → Account phishing using wowpedia email address
(This topic is archived. Please do not edit this page!)

I don't play WoW, I don't even have a WoW account. I do have an account here, and my preferences list an email address I don't use anywhere else (replaced with [email protected] below). I got an email to this address which purported to be from Blizzard, but actually originated from a Computer in china; it asked me to log into a site that appears to be worldofwarcraft.com , but is really a subdomain of account-manage.net . Firefox blocks the site, and it appears to be taken down now (not sure about that), but there are two important issues:

  • If you received this email, went to the site, and entered information such as your WoW password there, you need to change your real password ASAP. If you entered financial information (e.g. credit card info), ask your bank for advice.
  • How did the phisher gain access to my email address stored only on this site? What can be done to prevent a reoccurrence?

--◄mendel► (talk) 22:19, 28 May 2011 (UTC) 

Return-Path: <[email protected]>
Received: from blizzard.com ([61.241.210.0])
	by mymailserver.yyy.yy (8.14.1/8.14.1) with ESMTP id p4SCxjsQ021490
	for <[email protected]>; Sat, 28 May 2011 14:59:48 +0200
Message-Id: <[email protected]>
From: "Blizzard Entertainment" <[email protected]>
Subject: World of Warcraft -- Account Notification
To: [email protected]
Content-Type: text/plain;charset="GB2312"
Content-Transfer-Encoding: 8bit
Date: Sat, 28 May 2011 20:59:46 +0800
X-Priority: 3
X-Mailer: FoxMail 3.11 Release [cn]
Status:  O
X-PM-PLACEHOLDER:                                          .

Your account is being risk because one or more characters were identified using an unauthorized cheat program, also known as a "hack." These programs provide character benefits normally not achievable in the World of Warcraft. Such benefits include, but are not limited to, increased speed, teleportation, or running through walls/boundaries. Use of these unauthorized programs harms the game environment because they offer an unfair advantage over other players and supersede the intended limits of the game.


Even if this behavior is the result of a third party accessing the account instead of the registered user (for example, a friend, family member, or leveling service) then the account can still be held responsible for the penalty because of the impact it had on the game environment.


We've found the above behavior is many times directly related to groups responsible for compromising World of Warcraft accounts; we take these issues very seriously. To better understand our position against exploitative activity and the risks involved, Please visit the account verification platform to comfirm it at£ºhttp://www.worldofwarcraft.com.account-manage.net


The exploitative activity that took place on this account violates the World of Warcraft Terms of Use. We ask you take a moment to review these terms at http://www.worldofwarcraft.account-manage.net. Note that additional Terms of Use violations may result in more severe actions against this account, up to and including permanent closure.




Regards,

Customer Services
Blizzard Entertainment
I've gotten these messages on accounts that have nothing to do with WoW or WoWpedia, so it's probably just sent out en masse. Linke (talk) 09:45, 31 May 2011 (UTC)

Another phishing message

Remember I have only ever used this email address here on this wiki. 

Return-Path: <[email protected]>
Received: from blizzard.com ([61.241.208.22])
	by mymailserver.yyy.yy (8.14.1/8.14.1) with ESMTP id p54Ewgv2020389
	for <[email protected]>; Sat, 4 Jun 2011 16:58:43 +0200
Message-Id: <[email protected]>
From: "Blizzard Entertainment" <[email protected]>
Subject: Battle.net Account-Notice
To: [email protected]
Content-Type: text/plain;charset="GB2312"
Content-Transfer-Encoding: 8bit
Date: Sat, 4 Jun 2011 22:58:41 +0800
X-Priority: 3
X-Mailer: Foxmail 4.2 [cn]
Status:   
X-PM-PLACEHOLDER:                                          .

Greetings!


It has come to our attention that you are trying to sell your personal World of Warcraft account(s).
As you may not be aware of, this conflicts with the EULA and Terms of Agreement.
If this proves to be true, your account can and will be disabled. 
It will be ongoing for further investigation by Blizzard Entertainment's employees.
If you wish to not get your account suspended you should immediately verify your account ownership. 

You can confirm that you are the original owner of the account to this secure website with:
 http://www.worldbattle-account.com/login/en/index.asp?ref=https%3A%2F%2Fus.battle.net%2Faccount%2Fmanagement%2Findex.xml&app=bam

Login to your account, In accordance following template to verify your account.

* E-mail Address< br />* E-mail password
* Secret Question and Answer
Show * Please enter the correct information

If you ignore this mail your account can and will be closed permanently.
Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

Regards,

Account Administration Team
World of Warcraft , Blizzard Entertainment 2011

If you enter your account information, some Chinese will own your account. --◄mendel► (talk) 16:38, 4 June 2011 (UTC)

To be blunt: What's your point? Anyone with more than four brain cells and has played WoW for longer than ten minutes would know these E-mails are bull. --IconSmall Deathwing.gif Joshmaul, Loremaster of Chaos (Leave a Message) 15:52, 9 June 2011 (UTC)
The point is that it may be a Curse-based leak. I don't know if it is or not. Forum:Account phishing spam to my Wowpedia email? shows that this has happened before.--SWM2448 17:31, 9 June 2011 (UTC)

12/2012: Phishing for Diablo III

Hard to tell if someone kept the previously leaked database, or if there's been a new leak, but after over a year of silence, I received another phishing message to my wowpedia address a few hours ago. Here's the start of the email header: 

Return-Path: <[email protected]>
Received: from WWW-9763E06E580.net ([110.103.66.186])
	by xxx.xxx.xx (8.14.1/8.14.1) with ESMTP id qBB4MQ6G002378
	for <[email protected]>; Tue, 11 Dec 2012 05:22:28 +0100
Message-ID: <[email protected]>
From: "Diablo III" <[email protected]>
To: <[email protected]>
Subject: [EN]Diablo III Account Locked - Action Required
Date: Tue, 11 Dec 2012 12:22:18 +0800
MIME-Version: 1.0
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: base64

It contains an link purporting to lead to www.battle.net/account/d3/login-support.html , but if I clicked it, I'd get to a server in India where presumably bad things would happen to me. I know there's not much anyone can do, but I thought it couldn't hurt to give y'all a heads-up. --◄mendel► (talk) 09:56, 11 December 2012 (UTC)

Retrieved from "https://warcraft.wiki.gg/index.php?title=Forum:Account_phishing_using_wowpedia_email_address&oldid=5910705"