Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 122 - January 2012 - Page 4

World of Warcraft Phishing Scam

Issue 122 Start Menu

Previous Article            Next Article

Outline
Email claiming to be from Blizzard Entertainment accuses the recipients of trying to sell their World of Warcraft accounts and claims that they must follow a link and verify their account ownership or risk having the account disabled.



Brief Analysis
The message is not from Blizzard Entertainment and the claims in the email are untrue. The message is a phishing scam designed to trick gamers into divulging their World of Warcraft login details.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: 19th December 2011
First published: 19th December 2011
Article written by Brett M. Christensen
Research by Matthew Christensen, Brett Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: World of Warcraft - Account Management

Dear customer,

It has come to our attention that you are trying to sell your personal World of Warcraft account(s).
As you may not be aware of, this conflicts with the EULA and Terms of Agreement.
If this proves to be true, your account can and will be disabled.
It will be ongoing for further investigation by Blizzard Entertainment's employees.
If you wish to not get your account suspended you should immediately verify your account ownership.

You can confirm that you are the original owner of the account to this secure website with:
[Link removed]

Login to your account, In accordance following template to verify your account.
* Account name
* Account password
* First and Surname
* Secret Question and Answer
Show * Please enter the correct information

If you ignore this mail your account can and will be closed permanently.
Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

Blizzard Entertainment SAS
TSA 60 001
Service Administration des Comptes
78143 Velizy Villacoublay Cedex

If you wish to review our current Rules and Policies for World of Warcraft and Battle.net, they can be found at:
[Links Removed] Regards,

Account Administration Team
World of Warcraft , Blizzard Entertainment 2011




Detailed Analysis
Popular online role playing game World of Warcraft (WoW) has been a regular target of phishing attacks in recent years. In this incarnation, the user is accused of trying to sell his or her WoW account, which would be a breach of the company's terms of service. The user is told to click a link in the message and follow the instructions to verify ownership of the account. The user is warned that failing to verify the account immediately will result in the suspension of the account. And, claims the message, ignoring the email may result in the account being closed permanently.

However, the email is certainly not from anyone at Blizzard Entertainment or WoW. In fact, the message is a phishing scam designed to trick users into giving their WoW login details to account hijackers. Those who fall for the ruse and click the link will be taken to a bogus website that closely mirrors the appearance of the genuine WoW login page. The fake page uses a web address that - at least at first glance - looks like a genuine WoW URL. Once the user logs in on the fake site, he or she is then taken to a "Password Retrieval" page and asked to provide name and email address details. Next, the user is asked to provide the answer to their secret account security question. The user is then taken to a final page that proclaims that the "verification"was successful. The user is prompted to click a button to go "Back to Account Management". The login details and other requested information is sent to the scammers, who are then able to hijack the user's real account at will.

To further the illusion, secondary links in the email and on the fake website lead to the genuine battle.net website. Ironically, the "Account Management" button on the last of the fake pages opens a page that informs user about security issues including phishing.

Once they have gained access to the a phished account, the scammers can lock out the real user, steal any personal information stored there and illegally sell accounts and valuable WoW assets such as gold or characters. Such items can sell for surprisingly large amounts of money.

There are a number of variations in the cover stories used by WoW phishing scammers. Players should be wary of any email that asks them to click a link and supply account information. Battle.net has published information about phishing scams and other types of account theft on its website.

Bookmark and Share

References
Phishing in a World of Warcraft
Types of Account Thefts



Previous Article            Next Article

Issue 122 Start Menu

Pages in this month's issue:
  1. Cancer Info From Johns Hopkins Hoax Email
  2. AT&T Phishing Scam
  3. Jon Bon Jovi is NOT Dead
  4. World of Warcraft Phishing Scam
  5. PayPal 'Your Credit Card Information Has Changed' Phishing Scam
  6. Hoax - Julia Gillard Admits Being in A Lesbian Relationship
  7. Facebook Survey Scam - Get a Costco Gift Card for Free
  8. Facebook Survey Scam - Eat for Free at CheeseCake Factory
  9. Hoax Chain Letter - The Vengeful Ghost of Carmen Winstead
  10. Craigslist Account Phishing Scam
  11. JB Hi-Fi Facebook Survey Scam
  12. Decorative Magnets on Refrigerators - Cancer Warning Hoax
  13. ABSA Phishing Scam Emails
  14. Delta Air Lines Passenger Itinerary Receipt Malware Emails
  15. American Airlines Flight Ticket Order Malware Emails
  16. Hotel Key Card Security Risk Hoax
  17. Bogus MADD Petition
  18. Hoax: HIV Infected Blood In Pepsi
  19. Hoax - Cell Phone Numbers Go Public This Month
  20. Video Of Plane With Failed Landing Gear Landing on a Small Truck
  21. Free Facebook Credits Survey Scam
  22. Chicken Jerky Dog Treats Warning
  23. Bogus Warning - 'BBQ Enthusiast' Avatar on Cafe World is a Trojan Horse Virus