Daily Archives: January 9, 2010

More Blizzard Account Phishing

This seems to be the week for phishing when it comes to World of Warcraft accounts.

Well, two in one week is two more than I have received in the last five years.

I almost believed this one… for a second or two.

Greetings!

This is an automated notification regarding the recent change(s)  made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.

*** If you made this password change, please disregard this notification.

However, if you did NOT make changes to your password we recommend you Login verify your password

[Bogus URL deleted]

If you are unable to successfully verify your password using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com.

Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Regards,

The World of Warcraft Support Team
Blizzard Entertainment

Okay I believed it for more than a second.  It was simple enough to be believable at first glance, and I still had in the back of my mind the events of another account hacking.  But I had to wonder how anybody could change my password since I have the Blizzard Authenticator, and you need a code from that edit account information.

Then I looked closely at the URL in the email.  The domain it it was “battlu.net.”  Not the real deal.

So be wary.  If you want to go check up on something like this, go directly to the Blizzard site and log into account management from there.  Avoid “helpful” URLs.