[Guide] 'Phishing' whispers

90 Draenei Shaman
9670
A lot of people seem to be wondering whether or not the in-game whispers from supposed 'Blizzard' employees are legitimate. Maybe in the future the Phishing Emails thread will be updated with this but in the mean time, it is here as I haven't been able to easily (if at all) find detailed information on them so it's more visible here.

A 'Phishing' e-mail, as described in the Phising Emails thread, is designed to fool you to enter your details on a site in order for the person to gain access to your account. A phishing whisper works in the same way.
----------
I've got a whisper from a GM, is it real?
----------
A person pretending to be a Blizzard employee whispers you saying your account will be shutdown if you don't verify your account details at a site given or something similar to this.

It usually goes along these lines:
Example
[Blízzard][GM] Greetings! Recent Blizzard security has scanned youre account and found it to be violating the terms of use we have shutdown your account. Go to www.battle.net to unlock it

Obviously for those curious readers, the link is legitimate however in-game it won't be

Now, since your account is in jeopardy you're worried. Of course, who wouldn't be!
However, the whisper is a fake. You can tell by a number of things:
    1. A GM will ALWAYS have a Blue 'Blizz' badge to the left of their name in-game. Never [GM]
    2. GM's do not call themselves 'Blizzard', they have structured roleplaying names
    3. When a GM wishes to talk to you, a box will appear saying 'A GM would like to speak to you'
    4.There are spelling/grammatical errors. While it's in human nature to make errors, Blizzard take care in their spelling
    5.Your account can't have been shutdown, you're still playing!

----------
Ok, it's fake. Now what?
----------
Quite often, players just ignore the person and don't take any action against it. Don't do this, it means that another player may fall into their trap and become vulnerable to hackers.
Instead, right-click the player's name in the whisper and choose the option 'Report Spam'. This sends all relevent information to Blizzard for investigation. Also, as you didn't open a ticket, it speeds the queue times up for tickets!
*Pats on the back*
----------
Am I done now?
----------
Yes, yes you are. The whisper is fake, and you've reported the offending player.
It's worth noting that with 4.1, Blizzard introduced a new Help frame in-game. The frame can be reached by clicking the red '?' on your menu bar or from the main menu and contains information on Account Security along with information on 'Phishing' whispers

Some further information about in-game mail from Blizzard can be found here along with an example of the 'Chat Request' frame:
http://eu.blizzard.com/support/article.xml?locale=en_GB&articleId=44541
----------
Other Examples
----------
There are many different types of phishing whispers, some of which do not involve impersonating a GM. One commonly used tactic is the offer of a free item, usually mounts.
These are usually received through emails however can sometimes reach in-game too usually along the lines of:
[Name]Greetings! You have been selected for a free Celestial Steed Mount, please visit <a href="http://eu.blizzard.com/store/">http://eu.blizzard.com/store/</a> to redeem your code!


Another example is the beta test invite, you will NOT be contacted in-game regarding these 'free' items or beta invites.
----------
I'd suggest that anyone getting these whispers posts them here so people can see the many examples of 'phishing' whispers. Please remember to remove the website links before posting though and remove the names. (Seeing as it is still technically naming and shaming)
----------
Edit: Thanks to all who have been posting here so far, good to hear it's of use. Also thanks to those with more information on current phishing attempts, the guide has been updated with a brief overview of these.
Edited by Vedia on 21/12/2011 13:29 GMT
Reply Quote
MVP - World of Warcraft
85 Draenei Shaman
5070
Reported! For sticky. :)

/thumbsup
Edited by Shammoz on 30/04/2011 14:52 BST
Reply Quote
90 Draenei Shaman
15590
Shame no-one ever reads the stickies.
Reply Quote
90 Human Warlock
5265
or even does a simple search.
Reply Quote
Blizzard Employee
Thanks very much for taking the time to make this guide, Vedia. ^.^

I’m afraid I can’t say that we’d make it into a sticky topic, as we’re sadly rather full up there already, but it’s still a good resource to link players to… and we should perhaps consider expanding our ‘phishing mails’ sticky in the future as you suggest. :)
Reply Quote
MVP - World of Warcraft
85 Draenei Shaman
5070
True, there is a lot of stickies up there.... I have however added it to my copy/paste doc on my PC ready for use, your hard work will not be wasted :)
Reply Quote
90 Draenei Shaman
9670
As long as it's helpful, that's after all what it is there for!

If this stops one person from replying to those pesky people, it's done it's job :)
Enjoy your night people
Reply Quote
85 Gnome Mage
5665
never got a pishing or goldspam /w in years though. Anti spam addons ftw. Good that at least addon programmers manage what Blizzard cant or doesnt care to do.
Reply Quote
90 Human Mage
10650
Im getting these whispers here and there when i play, and i just report them for spam.

and about the guide... its top shelf =)

thumbs up from me
Reply Quote
64 Draenei Shaman
740
Another one that should be noted is the phishing mails.

Very often they are easily identifyable, but odd things such as 41 hour bans or the like, which is just a number that doesn't make sense.

But all too often, these mails seem to be legit. At times even with names from actual GMs in the signature (most likely due to the fact that they got an account banned at one point in time and have the name that was in the signature there).

In the case of any mails coming from (supposedly) blizzard, there is a very easy way to find out if the mail is real or not:
Hover with the mouse over the link provided in the mail. When doing so you will see in the bottom bar of your browser the address where the link actually leads.

In the case of "phishing mails" this is usually some website which has similarity to blizzard names in it but with spelling twists, such as blizzards.com, battles.net, battlenets-eu or battlesnet-eu etc etc. All those are spam emails trying to get at your account details.

And as always, when in doubt it is a simple call to Blizzards account line (the numbers are on their website) to make sure all is ok.

EDIT: If you DO get a fake ingame whisper, you should always report it! All too often the character you are being whispered from is on a hacked account and with the report, Blizz will be alerted to it and the rightful owner can get his/her account back.
Edited by Shandrah on 12/05/2011 03:12 BST
Reply Quote
85 Goblin Warlock
5690
The best to avoid being scammed is to configure your email settings, so that you don't recieve as much junkmails and scams. And always keep in mind that:

A Blizzard employee will NEVER ask for your password.

They won't ask for you password, they won't ask for you account name nor email.

A mail recieved from Blizzard, will always be sent from: noreplyeu@blizzard.com
it is important that you check carefully that it is spelled correctly. Sometimes they name their mails to similar stuff like norpelyeu@blizzrad.com which could be hard to see when you are nervous and eager not to lose your account.

DO NOT ACT TO FAST WHEN YOU ARE SCARED OF LOSING YOUR ACCOUNT, CALM DOWN, ASK YOUR FRIENDS, AND IN WORST CASE, CALL BLIZZARD FOR HELP, OR OPEN A TICKET. THEY ARE HERE TO HELP YOU, SO DO NOT WORRY.
Edited by Hagert on 12/05/2011 07:16 BST
Reply Quote
28 Blood Elf Paladin
12800
I'm wondering whether it's hard to make character names like Blizzard, Gamemaster unavailable. The algorithm might be: convert weird leters like "í" to corresponding Latin letter, uppercase "I" to "l", and check if the result contains "bliz", "game", "master". If any of it is true, decline creation of character with original name.
Edited by Mesitara on 12/05/2011 09:14 BST
Reply Quote
55 Night Elf Rogue
760
I think we found the next MVP! XD
Reply Quote
90 Undead Rogue
5945
I agree with Stuck :P
i must say that ive seen a decrease in these whipsers.
when i just started wow i got them like every 15 minutes..
now 1-2 a month. (ofc i report every faker).

Thumbs up.

#note
here is an url to the image of the blizz icon :P (its located atop this topic as well)
http://dl.dropbox.com/u/8255156/blizzexample.png

as u can c i use dropbox for uploads so its safe :P
Edited by Gekidoku on 14/05/2011 09:20 BST
Reply Quote
85 Dwarf Death Knight
8230
12/05/2011 07:15Posted by Hagert
DO NOT ACT TO FAST WHEN YOU ARE SCARED OF LOSING YOUR ACCOUNT, CALM DOWN, ASK YOUR FRIENDS, AND IN WORST CASE, CALL BLIZZARD FOR HELP, OR OPEN A TICKET. THEY ARE HERE TO HELP YOU, SO DO NOT WORRY.


Maybe a stupid tip but what to do if your english is not that good and you are afraid you miss the obvious signs of criminal behaviour?

Just do what many of my friends do, ask someone ( for my friends it is me) to listen to you while you read out loud the false mail or whisper. It is always better to be safe than sorry!

But even to your friends, no giving away passwords so they can read it themselves, just read it out loud.

One of my friends even does it letter by letter, I write that down on a piece of paper and although it seems like a lot of work to put your friends through, If they are true friends they understand that doing this for you takes less time that cheering someone up after a hacked account ;)
Reply Quote
70 Human Paladin
3510
1. use Badboy addon :P
2. if not, report him, post a rude reply, ignore

"Blizzard take care in their spelling": this is so true. Also, the real Blizzard employees don't need to use í, ß, and other similar characters in their names
Reply Quote
85 Worgen Druid
4190
need more ppl to notice this topic.
Still so many who falls for it, then askin why they cannot login to their account
Reply Quote
85 Blood Elf Paladin
4145
1. use Badboy addon :P
2. if not, report him, post a rude reply, ignore

"Blizzard take care in their spelling": this is so true. Also, the real Blizzard employees don't need to use í, ß, and other similar characters in their names


Yeah and they always ask if you want to chat with them before actually doing it, unlike the fakers.
Reply Quote
81 Human Priest
930
Got whispers from Blizzardi, Blizzardj, Blizzardu.
Reported. Every. Single. One! And I will continue to do so henceforth.
Reply Quote
90 Gnome Priest
4475
Since this week i get whispers from a "Blizzardu" with some talk about malicious and suspicious software on my cpu, a internet link and a threat to suspend my account. Pretty annoying that there are ppl around trying to scam you.
Everytime i ask to explain, but no reply. Blizz would reply, im sure of it.

Thanks for the guide! This will be helpfull the next time i encounter such a whisper.
Reply Quote

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]