Log in

View Full Version : Beware New Phishing Attempt


Duane
01-16-2011, 11:18 AM
I received this email last night:


Hello,

Blizzard Entertainment recently received a request to change the e-mail address used to log in to the Battle.net account with the username xxx@123.com. The e-mail address k***@hotmail.com has been specified as the new username for this Battle.net account. An email has been sent to this new address containing a verification link to complete the change.

Once the new address has been verified, the e-mail address xxx@123.com can no longer be used to log in to this Battle.net account or any World of Warcraft accounts merged with this Battle.net account.

If you did not initiate this request, please click here to contact the Blizzard Billing & Account Services team immediately.

The "click here" link takes you to non-Blizzard website.
EaTCarbS
01-16-2011, 07:14 PM
not new. Make an email address you use ONLY for your bnet. That way, it is much harder for them to get your email. Use a different email for your forum accounts and whatnot - This account will eventually start getting spam because either the site you signed up on is either untrustworthy, or a hack/bot got access to the user e-mail list.
Multibocks
01-17-2011, 11:08 AM
I dont mean to be a jerk, but clicking to the website was a bad idea. Don't click anything in emails. If there is a problem go type worldofwarcraft.com into your browser and then check accounts. Never click anything in an email. I send every "blizzard" email I get to the trash. If there is a problem I will know when I can't log in.
Dramoth
01-17-2011, 12:13 PM
I dont mean to be a jerk, but clicking to the website was a bad idea. Don't click anything in emails. If there is a problem go type worldofwarcraft.com into your browser and then check accounts. Never click anything in an email. I send every "blizzard" email I get to the trash. If there is a problem I will know when I can't log in.

I have wow installed on my windows machine...

I download emails using pop3 to that machine as well and I leave a copy of the emails on the server. My linux machine also collects the emails and removes them from the server.

If I want to click on any links, I will do it from the fully sandboxed linux machine because they are expecting the people clicking on the link to be doing it from a windows box and all their exploits are written for that platform.

Actually, I should do it, see what crap gets downloaded and reverse engineer any downloaded dll's

Would be fun to see what these useless script kiddies are trying to do.
ElectronDF
01-17-2011, 12:39 PM
I bet they would send you to www.b1izzard.com (http://www.b1izzard.com) and have you try to type in your username and password. Even if only .01% of people would do it, it is still a lot of people (out of like 12 million).
Dramoth
01-17-2011, 01:18 PM
they would also try and download software keyloggers to your computer in an effort to try and get your email address and password just in case