Sunday, March 29, 2009

Email Scam

So I received this email today:

***NOTICE OF FINAL WARNING***

Account Action: 3 Hour Suspension

Account Offense: Violation of EULA and Terms of Service - Transfer of Account Ownership

Details: An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded. In accordance with EULA section 4, Paragraph B, listed below:

World of Warcraft -> Legal -> End User License Agreement

and Section 8 of the Terms of Use:

Blizzard Entertainment -> Legal -> Terms of Use

A 3-hour probationary suspension is pending on this account, awaiting confirmation from a specialist. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account.

Thank you for respecting our position on this matter.

**In order to prevent an elongated suspension, we request that you verify your legitimate ownership of the account here:

[Address redacted]

Any disputes or questions concerning this account action can only be addressed by Account Administration. To learn more about how Account Administration is able to assist you, please visit us at http://www.blizzard.com/support/wowaa/.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Please visit the World of Warcraft Policies and Terms of Use Agreement: (http://www.blizzard.com/support/wowgm/?id=agm01712p) and (http://www.worldofwarcraft.com/termsofuse.shtml) for further information.

Regards,
Ezartial
Billing & Account Administration
Blizzard Entertainment
Account Administration Overview

This email is a scam. But I have to admit that it is very good. It looks professional, has lots of links to real Blizzard sites. Heck, it might even be a real Blizzard email, but with a couple extra lines added. It almost got me, I actually logged into WoW to check if my account was suspended. But the middle link (which I redacted) actually points to some *.tk domain. Thankfully I didn't click on it.

I sometimes wonder what would happen if you cannot trust your communication lines at all. Email is rapidly approaching that point. Phone lines have begun their slide, as anyone who's received those automated voice notifications of winning contests will know. Maybe we'll have to go back to imposing a per-message cost on communications, so scams like this become economically unfeasible. I don't really want to see the cost of email increase, but better that than having email/phones become completely useless.

19 comments:

Ixobelle said...

I still don't understand how spam even like *works*. WHo the hell even opens one with the subject line "your c0c|< is SO SMALL She's Ga5ped"? Like, our target demographic is 'people who have never had an inbox, and our email is the first one they ever receive'.

Is the click thru on these worth anything? I wonder if it's just some old box in a closet sending the same email over and over forever, and the 'company' being advertised is even in existence anymore...

meh

Klepsacovic said...

What a coincidence, today I noticed a particularly tricky one, though not for WoW. My school email had something about online billing being available. Well cool, that's convenient. Reading reading... password is SSN? F-off. The thing that worries me is if it had said something less risky, but still potentially troublesome, such as my campus ID or one of the passwords I use for the various academic sites we use. "Your default name as password are the same as your login portal." Well that almost sounds legit and I can see people falling for that.

@Ixo trusting people who don't understand the anonymity of the world, that something can be aimed right at them, but not even know them, and certainly not have their interests in mind. Also people who are willing to risk everything, just to make girlfriends stop laughing and then immediately breaking up.

Kiryn said...

I got one of these too, but they probably would have been a lot more convincing if it hadn't had "EU" and "World of Warcraft Europe" written all over it. My account is a US account, so an email telling me my EU WoW account is being sold or traded, when I have an authenticator and know for a fact that I'm the only one logging on to it anyway, raised an eyebrow.

I forwarded it to billing@blizzard.com as their support site suggests for suspicious emails like these.

Anonymous said...

one of our guild officer's received this- sadly he thought it was real, Guild bank cleared- toons deleted:'(

he was our best tank aswell....

sigh

Rohan said...

@anonymous, he can get his stuff back if he opens a ticket in game. Same with the guild bank stuff.

Anonymous said...

@ rohan
yea he did open a ticket- just the hacker's decided to start selling gold on his account.... sooo he's got a while till blizz decide's to let him back on it, if they do at all

ugg i got to get me a ID

Kring said...

E-mail doesn't have to cost money. It would be enough if everybody would sign their mail with a trustworthy signature. That would require a governmental certificate (ID) which some nations have a problem with. :-)

Kylofon said...

@ Ixobelle - This is nothing compared to the Nigerian email scams, and look how that worked out. People aren't very smart. Many moons ago I worked as a phone person in a national newspaper. The amount of stupid I got through the handset daily was staggering. This then is no biggie.

Orgauth said...

"That would require a governmental certificate (ID) which some nations have a problem with. :-)"

And rightfully so...

Rohan said...

It would be enough if everybody would sign their mail with a trustworthy signature.

Sure, and that works fine until one country/authority (Tokelau, for example) is less than discriminate with their signatures.

Generally, schemes where you have to count on *everyone* behaving properly don't work.

Kring said...

Sure, and that works fine until one country/authority (Tokelau, for example) is less than discriminate with their signatures.

Generally, schemes where you have to count on *everyone* behaving properly don't work.


That's correct and that's the reason why nobody signs his e-mails. Because you can get away with that. Technically, mail servers could only forward signed e-mails, therefore enforce a proper signature. It only requires your provider to do it and your "protected" from unsigned e-mail and everybody who wants to send an e-mail to you is forced to use a valid signature. It's only a matter of critical mass.

And the governmental ID does actually work for passports, if your traveling abroad. The Tokelaueans might not be allowed to enter certain countries, but the same could be done with e-mails.

Nevertheless, we will have to live with e-mail scam (and SPAM) as long as e-mails are not properly signed.

Someone has to decide which certificates are valid. In your web browser that is done by the Mozilla corporation or by Microsoft. I would trust my government to do that decision. If they are corrupted, I have other problems than the certificates. But who else would you trust to decide which e-mail signatures are valid?

As of today, everyone can buy an e-mail S/MIME certificate without proving his identity. I could buy at Verisign one with your name. These certificates allow you to encrypt the e-mail but they don't prove that they were sent by whom they claim they were.

But, doesn't matter. It won't happen anyway. We'll stick with SPAM and scam I guess. Filters get better... :-)

Artorin said...

Of course Blizz bans first and asks questions later so the pending ban is completely against Blizz standard practice. I've actually gotten very similar e-mails from blizzard when my account was compromised so I could see how someone would fall for this. It took me a week to get all the bans lifted from the gold seller as well as getting all my toons and armor back. Though many items I never got fully restored.

Peregrine said...

Not only is this email a scam, but its some kind of failure scam as well.... whoever this is doesn't know what he's doing, because did anyone else notice, nowhere does he ask you to send in your account information? maybe I just missed it...

Yeah they can look VERY professional. I frequent sites like MMOWNED so I can learn how these scammers think and what tools they have at their disposal, and frankly, its astounding the lengths to which players will go to scam other players.

Two tips:

1) Just because its from XYZ@Blizzard.com, don't automatically trust it. There are e-mail services that disguise one e-mail address (iscamyoululz@scammorz.org) as something official (accountadmin@blizzard.com).

2) Just because the website is www.worldofwarcraft.com/XYZ or www.blizzard.com/XYZ, don't automatically trust it. HTML CAN be edited to provide the TEXT www.blizzard.com while linking www.ugotscammed.com. Always check your address bar AFTER you click the link!

3) anything.blizzard.com (two dots) is illegitimate. anything.worldofwarcraft.com is illegimate. The same holds true of worldofwarcraft.something.com or blizzard.something.com.

Rohan said...

Not only is this email a scam, but its some kind of failure scam as well.... whoever this is doesn't know what he's doing, because did anyone else notice, nowhere does he ask you to send in your account information? maybe I just missed it...

That's the part I redacted. It looked like a link to battle.net, which is pretty clever because of the new linking of Battle.net and WoW accounts. Every other link was a legit World of Warcraft link.

Llanion said...

Peregrine: Correction- *.blizzard.com and *.worldofwarcraft.com are Blizzard-owned. blizzard.*.com and worldofwarcraft.*.com are not.

Rhii said...

Being kind of a crazy person, I keep waking up at night wondering if I'm going to get hacked.

Changing your password at 4am isn't a recipe for account security... it's a recipe for locking yourself out of your own account over and over again. Maybe I'll get an authenticator and be done with it.

Nice catch on the spam mail. :)

Peregrine said...

thanks llanion... I did forget about those ones, heh.

LOL Rhii! thats why my passwords are all more or less the same, just with a few characters moved - like an exclamation mark will come after instead of before, or it won't be there at all. It does get kind of frustrating when you forgot which one is your WoW account and try 13 variations of the same frickin password before you get the right one though, haha.

priestlyendeavors said...

@Klepsocovic, it's worse.

See, there are places that do, indeed, require you to use your social security number as your login or password.

You will typically encounter it if you are hunting for a job. So far the only places at which I've encountered it have been universities and the United States Government, but after quite a bit of discussion with federal authorities I can say that others can do it as well. Yes, they've responsibilities for security but I will assume you understand my discomfort with that.

In other words, what you thought was a scam may not have been such. I'll suggest you contact your school and check. If it wasn't a scam, perhaps you can persuade someone in authority that this might be a bad idea and get it changed.

Kirk

Joenutz24 said...

I have heard tons of these stories but have yet to see an email like this with my own eyes.