Warning: Inept Diablo III Account Phishing Increasing


Many of you guys have probably seen these before, if not for Diablo III than over the last many years for WoW, but it’s become quite common for attempted account thieves to send out fake emails that appear to be warnings about your account being hacked or compromised. The goal is to trick you into visiting their fake version of Blizzard’s site, where they hope you’ll type your account name and password into their script, so they can steal it from you.

I’ve personally received dozens of these for World of Warcraft, going back years and years. They range from pathetically-fake to virtually-identical-to-official-Blizzard-notifications. Luckily, by virtue of never having had a WoW account, I have little difficulty ascertaining that they are fake. I hope you guys are hip to this sort of scam, but now that we’re seeing regular reports of these scams targeting Diablo III players, a warning seemed in order.

Below is quoted one I’ve received several times over the past week. It’s a lot closer to the “laughably-incompetent” than “believable”) but don’t expect all of them to be so bad; these scammers do improve with practice, and it’s not hard to fake the sending address to look like it’s from [email protected], or links to look real as well.

Greetings!

It has come to our attention that you are trying to sell your personal Diablo III account(s).
As you may not be aware of, this conflicts with the EULA and Terms of Agreement.
If this proves to be true, your account can and will be disabled.
It will be ongoing for further investigation by Blizzard Entertainment’s employees.
If you wish to not get your account suspended you should immediately verify your account ownership.

You can confirm that you are the original owner of the account to this secure website with:
[snipped fake link to malware-filled, trojan-serving site]

Login to your account, In accordance following template to verify your account.

* First and Surname
* Secret Question and Answer
Show * Please enter the correct information

If you ignore this mail your account can and will be closed permanently.

Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.

Regards,

Account Administration Team
Blizzard Entertainment
http://www.blizzard.com/support/
Diablo III , Blizzard Entertainment 2012

If you receive any such mail and have any suspicion about the authenticity, it’s wise to not click the link. These are usually made to appear real, and will have “battle.net” in there somewhere, but always take you to some phony site where the thieving begins. It’s safer to go directly to www.battle.net, log in, and then navigate to your account info. It’s also a very good idea to use some non-public email for your official contact on this sort of thing, and not the same email you use to register on every forum and mailing list around the Internet. And of course attaching an authenticator to your account will save you, even if you fall for one of these scams.

Tagged As: | Categories: Battle.net, Diablo 3 Hacks

Comments

You're not logged in. Register or login to post a comment.
  1. Got this one today, what was weird is that this mail didn’t go to my spam folder ( and all the rest does ), so I actually clicked on it ^^ Oh well, if someone falls for this it’s their fault IMHO.

  2. I am getting such emails every second day =) Got used to it already.
    I’d actually be more surprised if stop receiving those 😀

  3. I get so many of these. for all their games, i am not stupid for fall for it though

  4. “Please enter the correct information”

    Hahaha, sick and tired of my entering profanities and insults into these fields instead? Wow… Stick it to em and flood em 🙂

    • Phishing sites can / do host malware. You probably shouldn’t do that.

      Also, although the authenticator will protect you against phishing scams, it’s not a sure thing to protect you against malware as, for example, the evil code could be a script that waits for you to log in before locking out the keyboard, joining a game, and dropping your shit on the ground for someone else to pick up.

      • Indeed they can and/or do.

        Fortunately though, if you use a machine that you plan on reimaging/destructive system recovery/OS reinstalling (whatever you want to call it) soon or have high security on, such as everything up to date and can scan afterward or even sandbox it/virtual machine it, these things are a relatively harmless to the tech savvy person. Security through obscurity works pretty well too, when going to websites with linux too.

        I wouldn’t recommend doing the same without being equally tech savvy. That being said, I’ve never been subject to an infection I didn’t intend on being infected with in the first place.

  5. I’d be concerned if my e-mail was being phished in the first place. Might want to figure out why that’s happening, guys.

  6. If you are getting these emails, you should probably use an alternate one for gaming (or make a new one). Your email has gotten out somehow and this can cause problems with brute forcing and such. It caused a pretty big hullabulloo with GW2 because apparently they were using the accounts data mined from Blizzard servers or some shenanigans.

    • @Mpalm

      Latest update on that says that they’re actually trying a lot of accounts that don’t exist in GW2, si they’re obviously trying mail/password combinations they got from somewhere else… but most likely if from gaming forums, as Blizz and Valve had the passwords encrypted.

  7. And I thought “Phishing” was going to a Phish concert and hitting the tank!!

  8. I went through several pages on my inbox and bulk mail inbox and I didnt have any of these fake emails. I guess I suck so bad and all my gear blows, they just dont have any reason to try to hack me.

  9. Good thing, I only open emails from people I personally know.

    • The thing is the emails that I seen have code that makes it show as a true Blizzard address in your email list, that is you cant tell it not blizzard until you open it and read the full address where it be something similar but not quite right.

  10. The best thing to do is to ignore all links in the email expressibly if they try to get you to do something (unless it an expected email like an account verification email).
    If you just go straight to the official battle.net site, if there’s any problems with anything it should appear there with the true stuff to do.

  11. I cant understand why they keep trying…. obviously some people must be stupid enough to fall for this…

  12. I’m also astonished this is still around. Always bad english or some stupid claim in those emails. So easy to see through. But i guess there’s always someone who gladly shares their creditcard, account passwords and whatnot with those douchebags.

  13. The email I got was for a Diablo III account but then it told me that I was trying to sell my World of Warcraft account. I have neither.

  14. Authorities should be able to trace this one back. Where are they?

  15. Was not aware that I had even played the game, however, Diablo III seems to think I do, so got this in the spam

    [EN]Battle.net Account Locked – Action Required??
    Diablo III
    client-ip=110.103.66.87
    [email protected]

    Return-Path:
    Received: from WWW-9763E06E580.net ([110.103.66.87]

    then follows a bunch of text which I suspect is a phish 🙂

    Tend to ignore links in any emails and manually type in the links to wherever I want to goto…

Comments are closed.