Forum Settings
       
Reply To Thread

Fishing email or kinda hacked?Follow

#1 Aug 16 2011 at 7:11 AM Rating: Good
*
222 posts
I have been getting this email fairly regularly. It is an account password recovery e-mail. I have not asked for an account recovery but at the same time my account has not been hacked. I changed my password and ran a virus scan and nothing, yet this morning I got another one of the e-mails. The links all seem to point to actual blizzard sites and my email has it marked as a safe sender. Here is the email

Quote:
A request for a new password for this World of Warcraft Account has been received. Please follow this link to choose your new password:

LINK REMOVED

Be sure to use a brand new password and not one you have previously used.

Please note that this link is valid for a single use and will expire after 72 hours if not used. If this link does not work, please resubmit your request for a new password.

For the continued security of the account, we recommend that you take the following steps prior to logging in to your account:

- Scan the computer system you are using to remove all viruses, Trojan files, and key loggers.

- Log in to your Account Management page at LINK REMOVED

- Verify that your contact information is accurate and update it if necessary.

- If you would like to add additional security to your account, you can visit this link LINK REMOVED to find out more information about the Battle.net Authenticator.

- Maintain safe Internet practices and safeguard all World of Warcraft account information for the most secure gaming experience.

Thank you for contacting Blizzard Entertainment!


Edited, Aug 16th 2011 9:12am by DrunkDrood
#2 Aug 16 2011 at 7:42 AM Rating: Good
Citizen's Arrest!
******
29,527 posts
Log into the Blizz site directly. If your login still works, then it's still phishing.
#3 Aug 16 2011 at 11:33 AM Rating: Good
*
222 posts
I can definitely still log in with my password. Funny thing is I clicked the links on a computer that is not used for wow and they seem to be legit links. I don't understand how they can even request the password reset without my authenticator.
#4 Aug 16 2011 at 11:43 AM Rating: Decent
It's not entirely hard to recreate the look of a website especially for skilled website designers. But still if you have no problems even logging in, just mark the emails as spam and don't bother opening or reading them.

I had one involving Microsoft and me getting charged for 6000 Microsoft points that didn't go through. Now for one, I know you can't buy that many, and two I haven't made any charges in the past few months for them, so it was obvious to me it was a phishing scam.

Just be careful when reading your email.
#5 Aug 16 2011 at 1:01 PM Rating: Decent
***
1,450 posts
Also, when you look at the website they are sending you to, make sure you are going to a .com.

Often these fishing addresses end in .tk or something like that.

The entire rest of the address may look like a legit blizzard address, but blizzard addresses are all .com.
#6 Aug 16 2011 at 2:55 PM Rating: Good
**
395 posts
Apparently passwords can be changed without entering the authenticator key. Or at least this was true last September. I went to login and was informed my information was incorrect. Tried to log in to battle.net and receieved the same message, so I reset my password. It never asked for my authenticator to do the password reset, but because of the authenticator, the person who changed my password was not able to actually access my account.

And this was all 100% my fault. I logged into my Gmail account on a public computer that was infected with something and my Gmail was compromised, allowing them to reset my WoW password. Gmail can show you where your account has been accessed from, and the night my password was changed, my emal was accessed from an IP in China (I'm in Canada). I haven't done anything stupid like that since and I appreciate my authenticator even more now.
#7 Aug 16 2011 at 3:04 PM Rating: Excellent
Someone may well be trying to hack your account. IE these are real emails. But don't follow any link in them, just in case.

Recently I've had a few of these but for a different reason. Some random guy called Xiang created a battle.net account using my main email address - not sure how that was going to work as they'd not hacked into my email - and when I contacted blizzard and had the account suspended I kept getting emails saying this.

Remember you only need the name and email address of someone to try to reset their password neither of those would be tough to get a hold of. This is why I use a separate address just for WoW now.
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 547 All times are in CST
Anonymous Guests (547)