Beware of Phishing

A big deal lately with the security of wow accounts seems to be phishing. Fake whispers in-game are stating to show up nearly as much as gold advertising.

With the admitted leak of email addresses on the WarcraftRealms website earlier in December due to a security hole, you need to be more cautious as ever, as phishing email is now back on the rise. The email read:
http://img191.imageshack.us/img191/6051/wrealms.png

These people will stop at nothing to get your wow details, here is a perfect example of a classic phishing email:
http://img707.imageshack.us/img707/8303/fakez.png

At first glance, this looks extremely authentic. Note that even the email originates from "blizzard.com" which goes against the in-game loading screen "tip" of trusting emails with such extensions. Infact the only give away that this is a phishing email is when you hover over the link, you can see it forwards to a non-blizzard website, an attempt to steal your account details.

I see people frequently say things like "My computer is secure". That may be fine and dandy, but did you ever stop to think about the security of websites out of your control? The truth is, you just can't guarantee this security. So here's a few tips:

  • Keep your wow password unique, do NOT use the same password anywhere else.
  • Double, even triple think about entering your login details anywhere.
  • Buy an authenticator, you won't regret it. The peace of mind it will bring you far outweighs any downsides. Also, I know you want that cute pet.

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of front243 front243 Feb 05, 2010 at 04:15 UTC - 0 likes

    draoi,

    addons are only active AFTER you logged in, and they can't keep running after you log out so its impossible to make an addon to steal your login information.

    That said, try to avoid addons that require you to run an executable file to install them. Executable files (exe, com, bat) shouldn't be present in the addon folder unless its stated in the documentation for the addon. (I use Vuhdo which contains a .bat file to reset the settings if I mess things up).

    Short story: if you installed via the curse client and don't run anything else you should be safe.

  • Avatar of Kaelten Kaelten Feb 04, 2010 at 01:53 UTC - 0 likes

    @draoi, Sorry for the delay in responding.

    We do extensive checks on all files uploaded to us as well as generated on our servers. We flag any potentially dangerous files for further screening. We've had a few incidents over the past year and a half were we had a short lived issue, but there are no current issues to my knowledge.

    We're in this for the long haul as it were, and it's in our best interest to protect our consumers from any and all harm we can. I personally feel safe downloading and using the dozens of addons I do, both form WowAce, CurseForge, and WowInterface.

    WowAce.com & CurseForge.com Adminstrator
    Check out my new addon, OneChoice, it helps you pick quest rewards faster.
    Developer of Ace3, OneBag3, and many other addons and libraries
    Project lead and Mac developer for the Curse Client

  • Avatar of Draoi Draoi Jan 23, 2010 at 18:50 UTC - 0 likes

    How confident can we be in the addons we download from WoWAce and Curse that they don't have a keylogger embedded in them?

    I recently had my account hacked and I am attempting to find out how that happened. I ran a virus scan that found one infected file (A0011202.exe) and now I am reloading WoW after deleting the old folder. I want to put the addons I had in the past that I got from here and WoWInterface but now I am wondering what caused my hack.

    Thanks.

  • Avatar of Ellcries Ellcries Jan 23, 2010 at 15:37 UTC - 0 likes

    I can tell you I have had many different ones over the past weeks. Most of them you can tell right off because of what they are asking for. The last few however seems to show they are getting better at it. Regardless I forward all of mine to blizzard and they in turn reply back to me on them. You also may find the emails are not sent to your actual game account to. I had one with supposed problems with a game account I don't and never have had. So it is not just WoW that is being targeted. Be wary and check them out safely. Easy to get a key logger by clicking on links.

    Every day is a blessing. Every night is a wonder. Savory them like they could be your last. Ellcries

  • Avatar of bluspacecow2 bluspacecow2 Jan 21, 2010 at 11:03 UTC - 0 likes

    domaintools.com

    Check any website asking for your wow username and password.

    is it blizzard owned ?

    is it asking you to login in at a battle.net address using https ?

  • Avatar of profalbert profalbert Jan 11, 2010 at 10:59 UTC - 0 likes

    The security of websites *could* be verfified by an SSL-certificate. Firefox verifies the certificate and shows the owner and signer in the adressbar, right before the URL.

  • Avatar of front243 front243 Jan 11, 2010 at 03:34 UTC - 0 likes

    Just today I saw 3 phishing attempts in my inbox. Saw 1 yesterday. Not sure if my email was in the WarcraftRealms database. Actually I think it was.

    When you see a phishing email make sure to report it. I use spamcop.net to report everything.

  • Avatar of lowlife2 lowlife2 Jan 10, 2010 at 09:07 UTC - 0 likes

    Wow, good catch... i got about 8 emails to an email that isnt even linked to my account at all and i almost missed them due to the fact they went straight to "SPAM" folder. Not being a retard, aka not clicking the links provided in the emails, i went to the WoW site directly to check it out and nothing out of the ordinary. i didn't even notice the link was different when ya hover over it <http:/ /www. worldofwacrcreft .com/> yeah craft and creft is a dead give away but VERY hard to notice even for someone like me who is very cautious. i split the link up to keep it from showing as a clickable link and some retard click it

    Last edited Jan 10, 2010 by lowlife2
  • Avatar of OrionShock OrionShock Jan 10, 2010 at 05:03 UTC - 0 likes

    Also if your using a web based email service, there is usual an option somewhere to report an email as a phishing attempt. PLEASE do this, it can sometimes help.

    Also blocking everything from hotmail.com helps too, as all the ones ive got have come from their system.

    Last edited Jan 10, 2010 by OrionShock
  • Avatar of supertrooper supertrooper Jan 09, 2010 at 19:03 UTC - 0 likes

    I get these kind of email, nearly every day now. On my normal emai account and in spam.

Facts

Date created
Jan 09, 2010
Last updated
Nov 10, 2011

Author