User Login

Help Community Login:

Diablo - Blizzard - Email Phishing Attempt Example - What to watch out for

GeekDrop's picture
From:
The Drop!
GeekDrop
Co-Admin. Cuz Even God Rested On The 7th DayModerator (Watching Over The Masses)Joined the Dark SidePremium Member (Gold)I'm a Code Monkey!The Steel CurtainComputer Dr. (Let's clean up that messy Virus!)I use FirefoxI use Google ChromeI use Internet ExplorerI use SafariI'm Here To Help, & Have Proven It!Linux UserWindows UserI donated more than $20+ to GeekDrop!I donated to GeekDrop simply because I love it!I spend all day Photobucketing!Booga Booga BoogaI took a bite of the AppleI'm MagicThe Dr. left the stem off the apple!The JokerSomeone thinks you're a cutlet above the rest!
Relationship Status:
Taken
Joined: 01/20/2009
Posts: 370
Drops: 1109
Mood: Smart

Phishing Example: Diablo 3 | Battle.Net | Blizzard | World of Warcraft | Starcraft | Etc.

I've recently gotten an email in my gmail inbox where the sender (a.k.a. "Scumbag") is attempting to sucker me out of my Battle.net login credentials by pretending to be sent from Blizzard Entertainment themselves. Of course, par for the course, the email portrays a sense of relative impending doom (to your account) and you must hurry and confirm that you're the original owner of the account. Below is a paste of the actual email:

Diablo III Account-Notice wrote:

From: Diablo III (diablo@email.com)

Greetings!

It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.

You can confirm that you are the original owner of the account to this secure website with:

hxxps://www.battle.net/account/support/password-verify.html

If you ignore this mail your account can and will be closed permanently. Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

Regards,

Account Administration Team
World of Warcraft , Blizzard Entertainment 2012

Diablo Blizzard Email Phishing example
I've highlighted some of the things in this email to pay attention to if you should receive this or any other similar email that you may be unsure of, to help you learn to identify phishing attempts.

The highlight above shows that the email was sent from the "email.com" domain. Blizzard Entertainment would not be sending their email messages from there, they'd be using one of their official (and known) domains. But still, that can be faked as well, so don't solely rely on this one piece of information ...

Also, notice that they included a link (in blue) that they want you to click on in order to "confirm your account". Don't blindly assume that just because the link text looks ok that the actual URL it links to is OK, or even the same destination, because in this case, it's not.

 

Diablo Blizzard Email Phishing example
Next thing to notice is the cz.org and hqkmekj@cz.org apparent sender in the source code of the message, which in Gmail can be seen by clicking on the drop-down arrow on the Reply button to the right of the message's date and selecting "Show Original".

The big block of yellow towards the bottom is the actual message, encoded as Base64 in an attempt to mask where the link in the message that they want you to click on actually takes you.

 

Diablo Blizzard Email Phishing example
After selecting, copying and pasting the encoded Base64 message and decoding it in an online Base64 Decoder you can see what the actual message is. Highlighted in yellow is the actual URL that the blue text link takes you to if you click it. Obviously this is not the real Blizzard Entertainment website, even though they've tried a little bit to confuse you by adding the "diablo.net" to the URL. In actuality the URL is "eu.diablo.net.sw-login.in" ... an India domain ... (.in). Blizzard is an American company. In green you can see the link text that was used to try and fool you.

These are not all of the tricks phisher's use to try and steal your account info, for anything, not just games, but just a couple. With a little practice you'll easily be able to tell any phishing attempt quickly at a glance. If you're ever confused or unsure simply ignore clicking on any link within an email and manually type the website's URL into your browser and login that way. If the email notice was legitimate you're most likely see some sort of notice right there in your online account. You could also contact their support via their website contact links and ask them, mentioning the email that you received, which has the added benefit of alerting them to the current phishing attempt going around so that they can better protect you and others, as well as alert the proper authorities.

Also, if you should positively come across a phish attempt in your email box, please don't simply ignore and delete it, if your email provider offers something like "report phishing attempt" like Gmail does (found in the same place as the "Show Original" is) please report it. It only takes a split second and helps everyone. Thumbs Up

I Averaged: 2.7 | 4 votes


Read More ...





Who's New

TANVIR's picture
HeaDHunteR's picture
cameron101914's picture
yogi6796's picture
greeg's picture
abele2017's picture
val5val's picture
olamipoolatokunbo's picture
ariel402's picture
kevimart's picture
vin's picture
WendyLong's picture
Zarkman's picture
Sarwarips's picture
Lohith chowdary's picture
facebook codes exploits tips tricks Phrozen Crew
All contents ©Copyright GeekDrop 2009-2017
TOS | Privacy Policy