Get the Desktop App for Battle.net Now
- All your games in 1 place
- Log in once
- Automatic game updates
A lot of people seem to be wondering whether or not the in-game whispers from supposed 'Blizzard' employees are legitimate. Maybe in the future the Phishing Emails thread will be updated with this but in the mean time, it is here as I haven't been able to easily (if at all) find detailed information on them so it's more visible here.
A 'Phishing' e-mail, as described in the Phising Emails thread, is designed to fool you to enter your details on a site in order for the person to gain access to your account. A phishing whisper works in the same way.
I've got a whisper from a GM, is it real?
A person pretending to be a Blizzard employee whispers you saying your account will be shutdown if you don't verify your account details at a site given or something similar to this.
It usually goes along these lines:
Obviously for those curious readers, the link is legitimate however in-game it won't be
Now, since your account is in jeopardy you're worried. Of course, who wouldn't be!
However, the whisper is a fake. You can tell by a number of things:
2. GM's do not call themselves 'Blizzard', they have structured roleplaying names
3. When a GM wishes to talk to you, a box will appear saying 'A GM would like to speak to you'
4.There are spelling/grammatical errors. While it's in human nature to make errors, Blizzard take care in their spelling
5.Your account can't have been shutdown, you're still playing!
Ok, it's fake. Now what?
Quite often, players just ignore the person and don't take any action against it. Don't do this, it means that another player may fall into their trap and become vulnerable to hackers.
Instead, right-click the player's name in the whisper and choose the option 'Report Spam'. This sends all relevent information to Blizzard for investigation. Also, as you didn't open a ticket, it speeds the queue times up for tickets!
*Pats on the back*
Am I done now?
Yes, yes you are. The whisper is fake, and you've reported the offending player.
It's worth noting that with 4.1, Blizzard introduced a new Help frame in-game. The frame can be reached by clicking the red '?' on your menu bar or from the main menu and contains information on Account Security along with information on 'Phishing' whispers
Some further information about in-game mail from Blizzard can be found here along with an example of the 'Chat Request' frame:
There are many different types of phishing whispers, some of which do not involve impersonating a GM. One commonly used tactic is the offer of a free item, usually mounts.
These are usually received through emails however can sometimes reach in-game too usually along the lines of:
[Name]Greetings! You have been selected for a free Celestial Steed Mount, please visit <a href="http://eu.blizzard.com/store/">http://eu.blizzard.com/store/</a> to redeem your code!
Another example is the beta test invite, you will NOT be contacted in-game regarding these 'free' items or beta invites.
I'd suggest that anyone getting these whispers posts them here so people can see the many examples of 'phishing' whispers. Please remember to remove the website links before posting though and remove the names. (Seeing as it is still technically naming and shaming)
Edit: Thanks to all who have been posting here so far, good to hear it's of use. Also thanks to those with more information on current phishing attempts, the guide has been updated with a brief overview of these.
Edited by Vedia on 21/12/2011 13:29 GMT
Thanks very much for taking the time to make this guide, Vedia. ^.^
I’m afraid I can’t say that we’d make it into a sticky topic, as we’re sadly rather full up there already, but it’s still a good resource to link players to… and we should perhaps consider expanding our ‘phishing mails’ sticky in the future as you suggest. :)
Another one that should be noted is the phishing mails.
Very often they are easily identifyable, but odd things such as 41 hour bans or the like, which is just a number that doesn't make sense.
But all too often, these mails seem to be legit. At times even with names from actual GMs in the signature (most likely due to the fact that they got an account banned at one point in time and have the name that was in the signature there).
In the case of any mails coming from (supposedly) blizzard, there is a very easy way to find out if the mail is real or not:
Hover with the mouse over the link provided in the mail. When doing so you will see in the bottom bar of your browser the address where the link actually leads.
In the case of "phishing mails" this is usually some website which has similarity to blizzard names in it but with spelling twists, such as blizzards.com, battles.net, battlenets-eu or battlesnet-eu etc etc. All those are spam emails trying to get at your account details.
And as always, when in doubt it is a simple call to Blizzards account line (the numbers are on their website) to make sure all is ok.
EDIT: If you DO get a fake ingame whisper, you should always report it! All too often the character you are being whispered from is on a hacked account and with the report, Blizz will be alerted to it and the rightful owner can get his/her account back.
Edited by Shandrah on 12/05/2011 03:12 BST
85 Goblin Warlock
The best to avoid being scammed is to configure your email settings, so that you don't recieve as much junkmails and scams. And always keep in mind that:
A Blizzard employee will NEVER ask for your password.
They won't ask for you password, they won't ask for you account name nor email.
A mail recieved from Blizzard, will always be sent from: firstname.lastname@example.org
it is important that you check carefully that it is spelled correctly. Sometimes they name their mails to similar stuff like email@example.com which could be hard to see when you are nervous and eager not to lose your account.
DO NOT ACT TO FAST WHEN YOU ARE SCARED OF LOSING YOUR ACCOUNT, CALM DOWN, ASK YOUR FRIENDS, AND IN WORST CASE, CALL BLIZZARD FOR HELP, OR OPEN A TICKET. THEY ARE HERE TO HELP YOU, SO DO NOT WORRY.
Edited by Hagert on 12/05/2011 07:16 BST
I'm wondering whether it's hard to make character names like Blizzard, Gamemaster unavailable. The algorithm might be: convert weird leters like "í" to corresponding Latin letter, uppercase "I" to "l", and check if the result contains "bliz", "game", "master". If any of it is true, decline creation of character with original name.
Edited by Mesitara on 12/05/2011 09:14 BST
I agree with Stuck :P
i must say that ive seen a decrease in these whipsers.
when i just started wow i got them like every 15 minutes..
now 1-2 a month. (ofc i report every faker).
here is an url to the image of the blizz icon :P (its located atop this topic as well)
as u can c i use dropbox for uploads so its safe :P
Edited by Gekidoku on 14/05/2011 09:20 BST
Maybe a stupid tip but what to do if your english is not that good and you are afraid you miss the obvious signs of criminal behaviour?
Just do what many of my friends do, ask someone ( for my friends it is me) to listen to you while you read out loud the false mail or whisper. It is always better to be safe than sorry!
But even to your friends, no giving away passwords so they can read it themselves, just read it out loud.
One of my friends even does it letter by letter, I write that down on a piece of paper and although it seems like a lot of work to put your friends through, If they are true friends they understand that doing this for you takes less time that cheering someone up after a hacked account ;)
1. use Badboy addon :P
2. if not, report him, post a rude reply, ignore
"Blizzard take care in their spelling": this is so true. Also, the real Blizzard employees don't need to use í, ß, and other similar characters in their names
1. use Badboy addon :P
Yeah and they always ask if you want to chat with them before actually doing it, unlike the fakers.
Since this week i get whispers from a "Blizzardu" with some talk about malicious and suspicious software on my cpu, a internet link and a threat to suspend my account. Pretty annoying that there are ppl around trying to scam you.
Everytime i ask to explain, but no reply. Blizz would reply, im sure of it.
Thanks for the guide! This will be helpfull the next time i encounter such a whisper.
Threats of violence. We take these seriously and will alert the proper authorities.
Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.
Harassing or discriminatory language. This will not be tolerated.