Account security: Don't get scammed!

accountsecurity

As a regular poster in the WoW Customer Service forum, I see every day how upset people can be when their account is stolen from them. Keeping your account safe is a really important thing. One way that people can hack into your account is by spamming your e-mail with realistic looking posts that claim to be from Blizzard, but are really designed to steal your account information. Even smart people can fall victim to scams (sorry 4haelz). Our friendly druids over at themoonkin repository are also finding that they are getting spammed by scammers, too!

Here are a couple easy ways to spot an e-mail scam:

  1. If you aren’t 100% sure if an e-mail is from Blizzard you can ASK before replying and/or clicking links! A good way to ask is to post the text of the e-mail (without identifying information/malicious links) in the Customer Service forum. The regular posters & the blues are all pretty good at playing “spot the scam.” If you don’t want to post things on the CSF, you can also e-mail it to billing@blizzard.com, and wait to respond until you hear back from them.
  2. That said, how we play the “spot the scam” game is by looking for things like typos. Usually, people typing the scam things are bad at spelling (edit: Brent says they’re even learning how to spell!). They also tend to put in links to regions that your account isn’t in (ie. if you are from a US server, they’ll sometimes say it’s from an EU representative).
  3. Remember that Blizzard will NEVER ask for your name, password, or other personal information by e-mail. If they do ask for information, it’s usually because your account is already locked/banned.
  4. They will never threaten to ban you if you don’t respond to an e-mail. They lock first & ask questions later. To avoid having to click on links on possibly malicious posts, please go directly to the Blizzard support page here. Anything that Blizzard would be linking you to is already on their support page and you can find it directly by searching for key phrases rather than clicking on links. You can also log directly into your account management page rather than clicking on links there.
  5. The e-mail address should be from Blizzard.com. However, it’s pretty easy to “spoof” something that looks like it’s from a real e-mail address, so be careful even if it looks like the real thing.
  6. If you spot a scam, forward it to hacks@blizzard.com . This is the department where they handle all of those kinds of bad things that are floating around the internet.
  7. If you DO get scammed, please also visit the customer service forum for directions on how to check for threats and/or recover your account (and please be nice to them over there, they really are just trying to help).

You can find additional information on scams by reading help stickies on the WoW Customer Service forums. The CSF is also a good place to go if your password gets stolen from either a keylogger or from a scam. Prevention is always the best way to keep your account secure!

I know it seems strange that in a thread where I told you not to click on links, I told you to click on MY links. To avoid having to click on any of these, you are welcome to just go directly to the CSF from the official WoW forums.

This entry was posted in Uncategorized. Bookmark the permalink. Both comments and trackbacks are currently closed.

4 Comments

  1. Posted April 7, 2009 at 1:24 am | Permalink

    1. Always type e-mails into your reply address. Spoofing is a lot harder if you type it in manually, and its easier to spot “blizzardscam@hotmail.com” as the return address.

    2. Typos are getting fewer and farther between as scammers realise how people are spotting them.

    3. Blizzard doesn’t ever get you to reply to an e-mail or click on a link. Blizzard sends out “donotreply” type emails so you should never ever be able to react to a real blizzard e-mail without logging into account management or the forums first.

  2. Posted April 7, 2009 at 11:04 am | Permalink

    Great tips, Lissanna (and Brent!). It’s pretty awful how ‘good’ these scammers are getting nowadays. I personally went and picked up the Blizzard Authenticator for a little extra security as well, though some days I wonder just how random that number is. Heh!

  3. Jwgacy
    Posted April 7, 2009 at 11:10 pm | Permalink

    8./4. When in doubt, do not hesitate to contact Blizzard by phone to discuss any questionable emails.

    @Daez: The authenticator is quite secure, generally token systems like that are designed to expire before any sequence of numbers has to be reused. It’s certainly a good measure for account security.

  4. Posted April 8, 2009 at 12:23 pm | Permalink

    @Jwgacy: Oh, I know it is. I was just referring to the fact that I seem to be getting strings of numbers quite often. 012369… 100100… 54326… I just have to stop and grin, and muse on what the odds are. Heh! :D