A solution for phishing

**kernel.k** · 05-20-2010, 08:59 PM

i right click and view source on all blizz emails. most are pphishing scams. the the inbox may say blizz or wowaccountadmin, these are easily spoofed. the source reveals all!.. you will not find any isp info in a legit one except the blizz name.. mostly routing info + hotmail or yahoo balh blah blah.. obviously fake

**Hivetyrant** · 05-20-2010, 09:23 PM

I made a reply as a bump, a great idea methinks!

**Maxion** · 05-20-2010, 10:53 PM

Originally Posted by Souca

I actually thought about putting something in there about not linking to the list of messages, since those will just be another phishing link. It would put a higher burden on the phisher though, since they would need to include more account specific stuff on the phishing page. Granted, I'm not sure how good the spoofs are in the first place, as I have never clicked on a link to go to the wow pages; I always type the url out just to be safe.

- Souca -

They wouldn't need to put anything on the phishing page, once you've clicked the link, the website could install a keylogger etc.

**Zub** · 05-20-2010, 11:19 PM

it's a good idea but unfortunately i can't see it helping.

- the people that WILL go check the battle.net mail page are the same that already check the validity of the urls

- the people that click on phishing lins without checking won't go check the battle.net account.

So all in all, it would only be a way to convince even more those that already know how to defend them selfves. Basically it would just be another proof that an email is a scam or not.

But when you check the links it's already very easy to find the phishing emails.

The thing i like the idea for, it that I wouldn't have to sort between the true and fake blizzard emails.. I would simply delete them all and go to the website to see what there is going.

**Toned** · 05-21-2010, 02:51 PM

Having cata ship with authenticators + this idea would be leet.

Just have the email from blizz say. Dear - Whoever there is a new message in your battle.net account (nolink nothing to emulate). Then the user has to go to battle.net themselves and check. Yes people will still phis and people will still far for it, but they are probably genetic throwbacks anyway and blizz can't protect everyone from themselves.

**blast3r** · 05-22-2010, 02:12 PM

I have never had my credentials on anything compromised. I work in computer security so I am a bit more cautious I guess.

Whenever you get an email that includes a link where it asks you to log in stop and take a close look at the message. If you click on the link it will load up your browser and then you can see the domain. Copy the domain name and go to DNS411.com and do an swhois on it. It will show you who owns that domain.

It is mainly just slowing down and being cautious.

I do think that the OPs idea is a good one, however but it might never be implemented.

**heyaz** · 05-23-2010, 01:49 AM

the solution is to stop being stupid

**Fiddlesticks** · 05-23-2010, 01:55 AM

Originally Posted by heyaz

the solution is to stop being stupid

^^^

Thread: A solution for phishing

Thread Tools

Search Thread

Display

Posting Rules

Dual-Boxing Community

Dual-Boxing.com Quick Links

About Us

Search

Connect With Us