i got a email from: WoWAccountAdmin
that said:

*** NOTICE OF FINAL WARNING **

Account Action: 3 Hour Suspension

Account Offense: Violation of EULA and Terms of Service - Transfer of Account Ownership

Details: An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded. In accordance with EULA section 4, Paragraph B, listed below:

World of Warcraft -> Legal -> End User License Agreement

and Section 8 of the Terms of Use:

Blizzard Entertainment -> Legal -> Terms of Use

A 3-hour probationary suspension is pending on this account, awaiting confirmation from a specialist. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account.

Thank you for respecting our position on this matter.

================================================== =======
** We request that you verify your legitimate ownership of the account here:

(https://us.battle.net/login/login?service=https%3A%2F%2Fbattle.net%2Faccount%2 Findex.html)
================================================== =======

Any disputes or questions concerning this account action can only be addressed by Account Administration. To learn more about how Account Administration is able to assist you, please visit us at http://www.blizzard.com/support/wowaa/.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Please visit the World of Warcraft Policies and Terms of Use Agreement: (http://www.blizzard.com/support/wowgm/?id=agm01712p) and (http://www.worldofwarcraft.com/termsofuse.shtml) for further information.

Regards,

Billing & Account Administration
Blizzard Entertainment
http://www.blizzard.com/support/accountadmin/





So i was on one of my toons and i had just logged out of another so i got this email on my storm and quickly logged out to see what the hell was going on and i clicked the link and it took to a bliz like website, so it says put in your username/email address and pw, so i do and i have the authenticator and it didn't ask me for that, which should have been my first clue, and it's asking for all kinds of info and it re-directs me to the wow.com website...

So at this point i log into every one of my accounts and was like oh shit...i just downloaded a keylogger, so word to the wise, just watch out for that stuff.


or does email look legit to you guys? cause i'm about to format my hd

Scam.

Where is your 3h ban?

that's what i though, but man they can make the emails look good. i'm gonna format my hd now lol, well i'll try a virus scanner first.
i dont think they can get into my account, cause they dont have my authenticator. but still, they have all my info now!
should i forward this email to bliz you think?

Your pasted text didn't include what was probably a spoofed address in the HREF tag of the email. I always mouseover the links in thunderbird to confirm where the real address is taking me before I click 'em. ;) Checking the email headers for the real originating server is also a good idea.

the "verify your information" link too me to this link:


DO NOT CLICK!!
en-battienet-verification.freehostia.com/nulogin/Auth/identity_verification.html
DO NOT CLICK!!

and in the email it was shown to supposed to be this link:
(https://us.battle.net/login/login?service=https%3A%2F%2Fbattle.net%2Faccount%2 Findex.html)

so that sucks for me...

but...u guys think i should email bliz?

Don't post phising URLS without making it VERY clear and removing the actual link.

lol... sorry seeing you post it made me laugh. (the link that is) glad a mod smacked that oen.

the "verify your information" link too me to this link:


DO NOT CLICK!!
en-battienet-verification.freehostia.com/nulogin/Auth/identity_verification.html
DO NOT CLICK!!

and in the email it was shown to supposed to be this link:
(https://us.battle.net/login/login?service=https%3A%2F%2Fbattle.net%2Faccount%2 Findex.html)

so that sucks for me...

but...u guys think i should email bliz?1: forward the e-mail to hacks@blizzard.com
2: Get on a *different* computer, and CHANGE YOUR INFO. NOW.

Why? The scumbag that duped you can spam the e-mail change function on the website and lock the account down until you can call on Monday to unlock it - you can only request it a certain number of times in a time period. They do it all the time, probably just to be pissy because their scam did'nt work. From what I've seen at sites where phishers hang out, they're generally 13-14 with a seriously fucked up attitude.

You need to change everything, right now - including your Bnet account. They can't get past the authenticator, but they can shut you down for a few days with highjinxs. @#$#ing scumbags.

To anyone else reading this, educate yourself. Blizzard will NEVER do what this letter says - if they are going to ban you, they just do it, and then sort it out afterwards. They NEVER ask for your info, they HAVE it already. They will NEVER warn you that you are under investigation.

Also, it really benefits you to have a separate e-mail that you use for WoW, and ONLY WoW. Google e-mails are free, or if you have your own domain, or own a cable account, multiple e-mails are part of the service - I host a domain for my freelance work, and for under $100 a year I get 99 unique e-mails.

If one of these little fuckers got your e-mail, that means one thing: you put it out there on the Internet somewhere. They did NOT get it from Blizzard. These little fuckwads scan websites like this, guild sites, WoW related sites, you name it. They also harvest from private servers - if you are stupid enough to go on a private server, and use the same e-mail you do with WoW, you're just plain old stupid. They scan gaming sites in general.

Also, don't assume this is from some far, exotic land. There are thousands of US based kids who's favorite method for stealing accounts is phishing scams like this one (this *exact* letter is hosted on one of the sites I lurk at, for free download), or they do the new one, whispering people in-game about new mounts. Yes, that little snotnosed brat down the street with the ICP t-shirt could be the one who steals your account, or tries to.

Use your head, folks. We invest too much time and money and effort to let these little shitheads steal it. Unique e-mail accounst, Authenticators, and NEVER post your WoW e-mail, anywhere, ever. Get another e-mail to do that with. I've played WoW since release, and I've never gotten on of these e-mails. Why? The WoW e-mail I used has never been used anywhere but the WoW login screen.

And most of all, educate yourself. Read ALL of the stickies in the Customer Service Forum, regularly. They post the newest phishing emails, and discuss the latest scams.

^ I thinks this person was scammed with that level of hostility.

This is Not new (http://www.dual-boxing.com/forums/index.php?page=Thread&threadID=21535) by any means.

I'm torn every time I see this sort of post. One the one hand I have to admit that I think "holy crap, what a complete idiot for getting caught that way", but on the other I'm grateful to people for sharing their momentary lapse of common sense for the greater good :)

Awareness is everything when it comes to this sort of thing.

What they really need to do, is figure the person who is doing the scams, and give their actual address out to some of the people who have been scammed and live relatively close.
What would likely happen in many cases, is a sad state, but if that was the actual course of events, it would be a rather effective deterrant.
While the scumbag gets to sit somewhere totally anonymous, they can do whatever they feel like.

I got hit with this email too, but I knew right away it was a scam. Why? Cause of all the info they asked for, I knew blizzard would never ask for it.
Second reason: I examined the email headers and saw the reply was going to actually go to wowaccountadmin@blizzacd.com (even though the 'To' box showed wowaccountadmin@blizzard.com when I hit reply to test it).

So I just ignored it.