Phishers Going After WoW Subscribers

By Kevin Parrish
published

There's an email scam out in the wild that's targeting Blizzard customers... namely World of Warcraft subscribers.

Within the last week, hackers have seemingly beefed up their attempts to trick Blizzard customers into installing malware and/or stealing their personal information. Below is an actual email I've personally received twice within the last seven days, leading to an unsecure "secure" website where I can supposedly confirm I'm the owner of my World of Warcraft account.

Other than the fact that I don't have an active subscription to World of Warcraft (but an active Battle.net account), and the email itself was sent to another personal email address not associated with Battle.net, the link itself is a dead giveaway, taking users to an external "us.battle.woribofwarcraft.com" website (WHOIS) which in itself pulls up a "Bad Request" error. The actual email was also sent from "Blizzard Entertainment" aka kekhrwm@cap.jqbuk.net.

Here' the email:

Greetings,

It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.

You can confirm that you are the original owner of the account to this secure website with:

http://us.battle.woribofwarcraft.com/?ref=https://us.battle.net/account/management/index.xml&app=bam&t=1

Login to your account, In accordance following template to verify your account.

* Account name
* Account password
* First and Surname
* Secret Question and Answer
Show * Please enter the correct information

If you ignore this mail your account can and will be closed permanently.

Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

Regards,

Account Administration Team
Blizzard Entertainment
http://www.blizzard.com/support/
World of Warcraft , Blizzard Entertainment 2010

Please retain all history if you reply to this mail.

Thankfully this email ended up in my spam box. Still, there may be many Blizzard customers who may think this is a legit request. Just pay attention to the "secure" link. If you don't have an active World of Warcraft subscription (but currently play Diablo 2, StarCraft 2), there's nothing to worry about other than the fact that someone has figured out you have a Battle.net account and my be a possible WoW target.

Kevin Parrish
38 Comments Comment from the forums
  • macewrox
    It asks you for your secret question, and your answer? Boy, I hope nobody actually falls for that. If they do, they probably have a hard time breathing and blinking at the same time.
    Reply
  • kingnoobe
    These have been around for a long time. Pretty much since WoW went live lol. And yes, don't ask me how but people do fall for these.
    Reply
  • nukemaster
    This is not new, I don't even have a wow account and get this stuff(in my spam folder :)).
    Reply
  • grieve
    I first got this email about 6 months ago...

    I am in the same boat as you, i dont have an active sub and the email account is not the correct one.
    I bet this scam has nailed a few suckers.
    Reply
  • davewolfgang
    I've been getting these for years! They aren't just "going after" WoW subscribers recently.

    That one actually had all the words spelled correctly, and proper English grammar. Some of them are actually hilarious! And they all end up in my Spam Folder, but I do forward them to Blizz (their Hack/Phishing email), so they can also go after them.
    Reply
  • jkflipflop98
    Welcome to 4 years ago. Great reporting.
    Reply
  • thebigt42
    I am alway amazed and mystified on the stupidity of people using computers. We had a actual police officer that was phished not once but twice inside 6 months!

    I need to flag down a passing flying saucer...I need to get off this planet very SOON!
    Reply
  • Netherscourge
    At this point, anyone who clicks a link in ANY e-mail is playing with fire.

    If you go ahead, click the link and then start punching in User/Password information, you're a stone-cold moron.
    Reply
  • When I played I used to get them all of the time, so i made a new email address for only WoW and never got one after that

    ezpk
    Reply
  • eyemaster
    of the 30+ junk mail I get each day, 30% are blizzard or WoW fishing spam. This isn't new.
    Reply