Edited by Aerea on 10/12/10 14:28 (GMT)
Now THAT is an authentic mail....
1) It greets you with your name, I suppose it is the name that you registered your account with.
2) It mentiones your name, and the date of purchase, which coincides with the date you say you've purchased this.
3) It shows your real credit card number, who else would have this?
It does not ask you to follow any links, give any information or whatsoever, it only points out that you can check your BN account or the FAQ.
All these things, together with the fact that you say you actually made the purchase make this the real thing. Since there were so many purchases and transactions, I guess all the confirmations took a little longer than usual....
You are safe!
Edited by Metero on 10/12/10 17:50 (GMT)
My friend has been hacked and therefore he writes through me:
I guess I have been hacked. I got an email yesterday from Blizzard that I had changed my email to j *** @ gmail.com, but I have not. So now I can not login or do anything.
I have written to the webform, but have not heard anything yet and it's almost a day ago.
Anor - Darksorrow
Because I write here is because I have responded to these mails. Stupid me.
Edited by Nephadne on 10/12/10 18:30 (GMT)
Hello there Aerea,
While you’re obviously correct in many respects, a new email address created and used solely for Battle.net purposes would be far less likely to receive any kind of phishing mail attempts (as it wouldn’t have been made publically visible or available online in any form).
You’d obviously also hope that any old phish-happy addresses would then either be abandoned, or it would become far easier to identify that any mails received were of the fake sort. :)
I’ll definitely consider ways to make the wording in that section clearer though, and will bring it up in an upcoming non-panda meeting, so thanks very much!
Good evening Supermilf,
That looks rather like a genuine mail, as Aerea says, especially if it contains your actual name and payment information, so please don’t be too alarmed by the delay in it arriving at your end.
Another hopefully useful clue will be the fact that it doesn’t look like you’re being linked anywhere dodgy from the mail, which is obviously the whole point of phishing and scam mails, so if you’re still at all worried (and there are links in there that we’re not seeing due to the pasting process) then you can simply avoid visiting them directly and ensure that you continue to only ever manually navigate to your Battle.net Account Management pages using the basic URL. :)
It looks like the mail your friend received was actually a genuine notification that someone else had changed the email address associated with their Battle.net account, as he’ll obviously likely be aware by now. :(
If he’s submitted our online webform then he’s already done the right thing, but I’m afraid he’ll have to be patient in the meantime as our Account and Payment Support team is still working through a significant backlog since the launch.
This isn’t perhaps the best place to report this kind of situation, but we do have a dedicated thread regarding compromised accounts so I’d recommend him to read it through and take the time to fully scan and secure his PC while awaiting a response to his webform – this will ensure that he’s in the best possible position for when his account is returned to him.
►► Account Hacked/Stolen? CLICK HERE! ◄◄
[Guide] How to SCAN and SECURE your PC
Edit: I see you found the thread! :)
My advice here still stands, however, so please ensure your friend reads it all through as soon as possible.
i have gotten the same mail several times now and i went into account to check it not using any link in mail and o changes that i could see so this is a fake right?
This is an automated notification regarding your Battle.net account. Some or all of your contact information was recently modified through the Account Management website.
*** If you made recent account changes, please disregard this automatic notification.
*** If you did NOT make any changes to your account, we recommend you log in to Account Management review your account settings.
If you cannot sign into Account Management using the link above, or if unauthorized changes continue to happen, please contact Blizzard Billing & Account Services for further assistance.
Billing & Account Services can be reached at 1-800-59-BLIZZARD (1-800-592-5499 Mon-Fri, 8AM-8PM Pacific Time) or at firstname.lastname@example.org.
Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
The Battle.net Support Team
Edited by Nephadne on 10/12/10 21:22 (GMT)
Edit: Snip snip!
Sorry, Gílgamesh, we seem to have posted at very similar times so I unfortunately didn’t see your new post.
That is indeed a fake, and I’ve removed the URL from the mail for now, as it’s not always wise to leave a dangerous link like that visible (curious people may be tempted to visit it!).
Thanks very much for the report though! :)
Recently, the problem of account invasion is getting worse and worse which cause enormous player’s equipments and virtual currency stolen. This severely damages the benefits of mass players, also causes our company lose a lot of customers.
Our company has to adopt some measures to safeguard our common benefits in order to strengthen the safety of mass players'accounts, and firmly resist the account to be stolen again.Through our company's research and investigation to xxx customers,we will make the following decisions: we launch a package of updated Battle.net Mobile Authenticator and dynamic code protection card which can effectively prevent the accounts invaded. We will send this package of code protection system to players free of charge.
Please open this connection:
If your account passes the check successfully, we will send this package of dynamic Battle.net Mobile Authenticator to you in the form of e-mail.
In 3 days after you receiving the e-mail, if you don't submit your information, we have right to freeze your account, every player is obligated to protect the safety of the account. You must work together with us to be determined to crack down all the behaviors of destroying games.
If you had already authenticator your account, please disregard this automatic notification.
The World of Warcraft Support Team
Fake or real?
57 Blood Elf Death Knight
[21:27:25] Gustav: Hello.
I'm posting this for a friend since he can't post at the moment.
''I opened my account two days ago. Yesterday when I tried to log in I got a message saying I had the wrong password to log in. I then checked my email and got an email from Blizz saying my account information had been changed. I changed my password and got myself an authenticator. When I logged on again I realized someone else had been there, all my gear and items were gone. I contacted a GM and when he answered he said that the ticked had been sent to a specialist team or something like that.
About an hour later I was suddenly disconnected, when I tried to log in I got a message saying I had the wrong password again ( no idea how this was possible when I had my authenticator). When I changed my password again and tried to log in, I got a message saying that my account was suspended. I recieved an email about it saying it was for security reasons and that my account had been compromised. I then submitted the "recover account" service. Its been almost 24 hours since and still no response.
Should I just keep waiting or should I try to contact Blizzard via the webform? I'm kind of confused now. Since I can log in to battle.net now I thought they would open it again. Ive also changed email adress for my account.''
Edited by Skogsopp on 12/12/10 02:49 (GMT)
I'm writing on behalf of my brother, as all communication from his account has been disabled, thus he cannot write in the forum himself.
Stupidly enough, he answered one of these fake mails and got his account hacked. Someone, somewhere changed the email registered to the account, so he couldn't log in. I was online at the time, and while he couldn't log in, I saw someone logging on and off all his characters, probably selling gear/sending money etc.
He sent an email through webform and used the Account Recovery thing. A couple of hours later, he got some emails from blizzard so he could change his password and his email account was once again the one registered to the account. He could log into the website and play SC2, but he still couldn't play world of warcraft.
Because apparently, his wow account is "locked", stated in the status in account management. Though the account is no longer in the hackers' hands, blizzard has banned the account I think, for some reason. He sent a couple of webforms, trying to sort this out, but hasn't gotten anything else than the automated response letting you know that it's been received.
It's been over a day now, and he still isn't able to log onto wow. Is there anything we can do? He has tried calling, but the lines don't accept any more calls, since there are so many in queue. He got the automated responses from the webforms, but haven't gotten replies as to what's going to happen.
He just dinged 85 ... the poor thing :(
P.S. His main is Lightmare on Sylvanas, if u can check activity or something ...
Nick, Skogsopp, you are posting in the wrong section. For stolen/hacked accounts there is a seperate sticky:
You'd better take your posts there, I think they might be removed here.
@ Nephadne: Let me rephrase my point: you are correct in assuming a new email adress used exclusively for a battle.net account is a lot less likely to receive spam/phishing mails. But what I meant is that making a new email adress will not stop the trash from being sent to any old email adresses, hence the junk will keep coming as long as the old adresses are used. It just makes it easier to recognize since any mail not sent at the battle.net adress is obviously fake.
So what I meant is that you should perhaps rephrase your point, as you imply in your reply to my last post. ;)
Keep up the good work, I'm loving the expansion!
Already forwarded the mail to the email@example.com address, but I thought I'd post this here as a warning to other people, since the sender's address the same as Blizzard's.
However, I just noticed that while official Blizzard mail does have the green 'trusted sender' icon in hotmail, the scam mail (although appearing to have the same e-mail address) does not. Anyways, these mails are getting more and more sophisticated >.>
Edited by Nephadne on 18/12/10 16:53 (GMT)
Here is a new example, they're now trying to trick users with emails in regards to realID.
Edited by Nephadne on 18/12/10 16:54 (GMT)
today i see that message in my e-mail...is that fake??i dont try to open any link i just want a answer first tnx.
It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.
You can confirm that you are the original owner of the account to this secure website with:
Login to your account, In accordance following template to verify your account.
If you ignore this mail your account can and will be closed permanently.
Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.
Blizzard Entertainment SAS
TSA 60 001
Service Administration des Comptes
78143 Velizy Villacoublay Cedex
If you wish to review our current Rules and Policies for World of Warcraft and Battle.net, they can be found at:
Game Master Dunarthra
Please retain all history if you reply to this mail
Edited by Natryndon on 14/12/10 17:16 (GMT)
Psofakoufala, if your actual account is fine, then you know for certain that the mail you padted there is fake. =)
Volkán, lol@dattle! I've snipped the screenshot for security reasons, but basically he was mousing over one of the legitimate looking links in the mail and it pointed to something clearly malicious.