I'm classifying this a level 1 Ackbar situation...

[X-13]

Attachment 10443

I got my first WoW scam e-mail today. Content was along the lines of "blah blah blah, CATACLYSM! blah blah, 7 days free." It looked pretty much like a proper blizzard e-mail.

But... Cataclysm is kinda old. If it was really legit Blizzard would have sent it a while ago.

I clocked it straight away because of the link [Oh yes, it was a click and sign in to get game time e-mail].

It started eu.battle.net... Ok, that's legit.

Oh wait!

It's eu.battle.net[.extra crap/doodad/something to redirect/index.xml]


I clicked it anyway, I'm at work and I know it's a scam so I'm not logging in to anything.

It looks so damn legit... It even had the current ad-page. [WoW vanilla is cut price for a bit.]


I'm not too bothered if they get my login details, I have an authenticator. [Problem, scam person?]



But what I do care about is where the hell did they get my E-mail from?

[korifugi]

I got a very authentic looking email from someone purporting to be blizzard a while back - I almost clicked it when my "Pedantic Geek" powers kicked in and I noticed a few problems with some of the grammar.

Further inspection showed a few other tiny lapses and I managed to confirm this was a scam - Maybe you have an updated version of what I saw.

[X-13]

Either that, or my spell checking is broken.

I was going to screen shot/link image, but it's in multiple parts.

Strangely, the URL of the images in the e-mail is [worldofwarcraft.com/trial] and it redirects to [eu.battle.net/wow/en]

[CAM]

That's a question people have been asking themselves for as long as spam exists. Answer is they don't know you have a WoW account, they just blanket spam a block of E-Mail addresses and hope they hit a genuine WoW customer. Same reason I get phishing attacks for banks I don't have accounts with.

Unfortunately clicking the E-Mail is a bad idea as the extra doodad crap often contains a beacon to say who it came from. It's well disguised and started off life as a unique 1x1 pixel image embedded in the spam mail and since evolved. When opened, the beacon gets downloaded and the spammers know that you looked at the mail, adding you to a list of active targets to get more spam. Nowadays with image blocking in mail clients, they resort to other methods like encoding the beacon in the URL so when you click it, they know to send you more spam.

[MK-2]

Unfortunately clicking the E-Mail is a bad idea as the extra doodad crap often contains a beacon to say who it came from. It's well disguised and started off life as a unique 1x1 pixel image embedded in the spam mail and since evolved. When opened, the beacon gets downloaded and the spammers know that you looked at the mail, adding you to a list of active targets to get more spam. Nowadays with image blocking in mail clients, they resort to other methods like encoding the beacon in the URL so when you click it, they know to send you more spam.

is that in the same line as the text messages that say "you have been in an accident, text HELP to claim or STOP to opt out" and by texting opt out, you confirm you are a live number and they then bombard you more?

[CAM]

Yes, I get those too. Except those are far more dangerous as it sometimes costs money to send/receive. Luckily Google helped me spot the scam.

[bushby]

Foward the email to hacks@blizzard.com and they will start the process of closing the site down
iv got it as a recomended contact now because of the influx on spam mail iv been having lately

[RabbieBurns]

i get blizzard scam emails all the time as well and i have never heard of blizzard except for when it snows. i dont think you are special getting it, just that you happen to have a blizzard account you are the ones they are targeting.

[synaesthesia]

I've confirmed that it's almost certainly a case of certain details from certain companies being sold on, or hacked by popular "security outfits". I've had a spate of these in the last few months so made email accounts with just about every free provider I could think of. Google, MSN, yahoo - all started receiving spam within a week. Only one didn't and that was the one I hadn't used to sign up to legitimate companies/mailing lists with.
The only control I have now is to have particular email addresses for everything separate - it means I have many email addresses, but spam is minimal and better yet in some cases it's meant I can contact the people who have that address and ask if they are aware of security problems.

[GrumbleDook]

I'm so annoyed that they have now stripped down some of the Authenticator use. If you are logging on from the same machine on a regular basis you do not need to use the Authenticator. It is a major bone of contention for some people and there is a lengthy thread on it in the communities.

[JoeBloggs]

I get lots of these e-mails, I just never open any e-mails from Blizz...

[CAM]

I'm so annoyed that they have now stripped down some of the Authenticator use. If you are logging on from the same machine on a regular basis you do not need to use the Authenticator. It is a major bone of contention for some people and there is a lengthy thread on it in the communities.

Why is that a problem? EVE is already doing it an asks for the name of a character on your account if you log in from an unknown IP. Likewise Rift doesn't allow trading/selling if you log in from an unknown location without first confirming you own the account via EMail (you can collect gold though). I think Steam has such protection in it's options screen too.

[sonofsanta]

Why is that a problem? EVE is already doing it an asks for the name of a character on your account if you log in from an unknown IP. Likewise Rift doesn't allow trading/selling if you log in from an unknown location without first confirming you own the account via EMail (you can collect gold though). I think Steam has such protection in it's options screen too.

I think the contention is that people would like it to ask, for security, and it isn't.

Possibility: so many gaming sites have been hacked recently that your e-mail has been picked up on them. Which reminds me to look into LastPass again, as I've been putting that off since the Gawker hack...

[ZeroHour]

Why is that a problem? EVE is already doing it an asks for the name of a character on your account if you log in from an unknown IP. Likewise Rift doesn't allow trading/selling if you log in from an unknown location without first confirming you own the account via EMail (you can collect gold though). I think Steam has such protection in it's options screen too.

Steam uses a system which is linked to your pc/laptop. If its a fresh build/device you must enter a code thats emailed to you when you log in. I dont think IP is a factor in that one tbh but it works well.

Which reminds me to look into LastPass again, as I've been putting that off since the Gawker hack...

I use lastpass and xmarks, both rock.

[Zoatibix]

I also got such an email. Thought it might be iffy so I went to the Blizzard site directly. Turns out I was eligible for either 7 days free play of my old account or 10 days of Cata. I downloaded it just to give it a try but it didn't pull me away from Rift.