• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 00:08
CEST 06:08
KST 13:08
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
[ASL20] Ro24 Preview Pt1: Runway132v2 & SC: Evo Complete: Weekend Double Feature3Team Liquid Map Contest #21 - Presented by Monster Energy9uThermal's 2v2 Tour: $15,000 Main Event18Serral wins EWC 202549
Community News
Maestros of The Game—$20k event w/ live finals in Paris18Weekly Cups (Aug 11-17): MaxPax triples again!13Weekly Cups (Aug 4-10): MaxPax wins a triple6SC2's Safe House 2 - October 18 & 195Weekly Cups (Jul 28-Aug 3): herO doubles up6
StarCraft 2
General
What mix of new and old maps do you want in the next 1v1 ladder pool? (SC2) : Geoff 'iNcontroL' Robinson has passed away The GOAT ranking of GOAT rankings RSL Revival patreon money discussion thread Weekly Cups (Aug 11-17): MaxPax triples again!
Tourneys
Maestros of The Game—$20k event w/ live finals in Paris Sparkling Tuna Cup - Weekly Open Tournament Monday Nights Weeklies Master Swan Open (Global Bronze-Master 2) $5,100+ SEL Season 2 Championship (SC: Evo)
Strategy
Custom Maps
External Content
Mutation # 487 Think Fast Mutation # 486 Watch the Skies Mutation # 485 Death from Below Mutation # 484 Magnetic Pull
Brood War
General
Flash Announces (and Retracts) Hiatus From ASL BW General Discussion BW AKA finder tool Maps with Neutral Command Centers Victoria gamers
Tourneys
[ASL20] Ro24 Group C [Megathread] Daily Proleagues [ASL20] Ro24 Group A [ASL20] Ro24 Group B
Strategy
Simple Questions, Simple Answers Fighting Spirit mining rates [G] Mineral Boosting Muta micro map competition
Other Games
General Games
General RTS Discussion Thread Dawn of War IV Path of Exile Stormgate/Frost Giant Megathread Nintendo Switch Thread
Dota 2
Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Heroes of StarCraft mini-set
TL Mafia
TL Mafia Community Thread Vanilla Mini Mafia
Community
General
Russo-Ukrainian War Thread US Politics Mega-thread Things Aren’t Peaceful in Palestine The year 2050 European Politico-economics QA Mega-thread
Fan Clubs
INnoVation Fan Club SKT1 Classic Fan Club!
Media & Entertainment
Anime Discussion Thread Movie Discussion! [Manga] One Piece [\m/] Heavy Metal Thread
Sports
2024 - 2026 Football Thread TeamLiquid Health and Fitness Initiative For 2023 Formula 1 Discussion
World Cup 2022
Tech Support
High temperatures on bridge(s) Gtx660 graphics card replacement Installation of Windows 10 suck at "just a moment"
TL Community
"World Leading Blockchain Asset Retrieval" The Automated Ban List TeamLiquid Team Shirt On Sale
Blogs
Breaking the Meta: Non-Stand…
TrAiDoS
INDEPENDIENTE LA CTM
XenOsky
[Girl blog} My fema…
artosisisthebest
Sharpening the Filtration…
frozenclaw
ASL S20 English Commentary…
namkraft
Customize Sidebar...

Website Feedback

Closed Threads



Active: 3184 users

Account Thieves - They're pretty clever!

Blogs > HackBenjamin
Post a Reply
HackBenjamin
Profile Blog Joined January 2011
Canada1094 Posts
April 05 2011 12:35 GMT
#1
4/4/2011 6:11 AM
Subject: Too Many Attempts Warning No.53

Dear customer,

Due to suspicious activity, your Battle.net account has been locked. You tried to login your account too many times (403). We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, we need you follow these steps:

Step 1: Secure Your Computer

In the event that your computer has been infected with malicious software such as a keylogger or trojan, simply changing your password may not deter future attacks without first ensuring that your computer is free from these programs. Please visit our Account Security website to learn how to secure your computer from unauthorized access.

Step 2: Secure Your E-mail Account

After you have secured your computer, check your e-mail filters and rules and look for any e-mail forwarding rules that you did not create. For more information on securing your e-mail account, visit our Support page.

Step 3: Restore access to Your account

We now provide a secure link for you to verify whether you have taken the appropriate steps to secure the account, your computer, and your email address. Please follow this site to restore the access to your account: <omitted>

If you still have questions or concerns after following the steps above, feel free to contact Customer Support at <omitted>

Sincerely,
The Battle.net Account Team
Online Privacy Policy




It's sad that people fall for this kind of shit, full of spelling mistakes, piss poor grammar, obviously fake links. What's even sadder is...

4/5/2011 2:42 AM
Subject: Too Many Attempts Warning No.42

Dear customer,

Due to suspicious activity, your Battle.net account has been locked. You tried to login your account too many times (403). We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, we need you follow these steps: etc etc etc



Hey wait a second...


4/4/2011 6:11 AM
Subject: Too Many Attempts Warning No.53

...

4/5/2011 2:42 AM
Subject: Too Many Attempts Warning No.42


ALMOST GOT ME SUCKERS



Just out of curiosity, how is it that these people/companies know that I have a battle.net account? It's not like my e-mail is displayed in my SC2 profile, my WoW characters, or anything like that. Having been the victim of a keylogger before, I use a separate e-mail account that is used for my Bnet account only, not for signing up for services, websites, forums, or anything else. It's completely insulated from the rest of my online life. I don't get it O_o

****
57 Corvette
Profile Blog Joined July 2010
Canada5941 Posts
Last Edited: 2011-04-05 12:50:58
April 05 2011 12:43 GMT
#2
I've seen some worse, but yeah these are getting pretty poor quality. You'd think with the amount of e-mails they send out they really want more accounts, and with a ton of spelling errors and stuff its not gonna fool many people.

[image loading]

And another one I got..

Hello (email),
Congratulations! Your world of Warcraft account (email) to receive compensation.This is Blizzard Entertainment's apology, We acknowledge a mistake, for you to lose the World of Warcraft account in order to recover our losses, We will give you 50000 gold coins free of charge and rare mounts (Dark Phoenix), I hope you can restart the game

Login here to authentication, 48 hours you will receive compensation

Description: test account and permanently disabled can not compensation



Edit: And I checked one of my e-mails...

[image loading]
Survival is winning, everything else is bullshit.
OmniEulogy
Profile Blog Joined July 2010
Canada6592 Posts
April 05 2011 12:46 GMT
#3
Time Travelers from the world of tomorrow are trying to take your account!

I'm not sure how they would know you had an sc2 account. Unless you use that same sn on a forums somewhere that also has the email you use for your account in the profile information.. it's a possibility they got it from that o.O
LiquidDota Staff
EscPlan9
Profile Blog Joined December 2006
United States2777 Posts
April 05 2011 12:52 GMT
#4
On April 05 2011 21:35 HackBenjamin wrote:
4/4/2011 6:11 AM
Subject: Too Many Attempts Warning No.53

Dear customer,

Due to suspicious activity, your Battle.net account has been locked. You tried to login your account too many times (403). We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, we need you follow these steps:

Step 1: Secure Your Computer

In the event that your computer has been infected with malicious software such as a keylogger or trojan, simply changing your password may not deter future attacks without first ensuring that your computer is free from these programs. Please visit our Account Security website to learn how to secure your computer from unauthorized access.

Step 2: Secure Your E-mail Account

After you have secured your computer, check your e-mail filters and rules and look for any e-mail forwarding rules that you did not create. For more information on securing your e-mail account, visit our Support page.

Step 3: Restore access to Your account

We now provide a secure link for you to verify whether you have taken the appropriate steps to secure the account, your computer, and your email address. Please follow this site to restore the access to your account: <omitted>

If you still have questions or concerns after following the steps above, feel free to contact Customer Support at <omitted>

Sincerely,
The Battle.net Account Team
Online Privacy Policy




It's sad that people fall for this kind of shit, full of spelling mistakes, piss poor grammar, obviously fake links. What's even sadder is...


The examples you pasted here were surprisingly well written. Yes, there will be inconsistencies and fake links. The inconsistencies in the subjects and dates is because they are merely doing mass mailing. The fake links because it would make no sense to link to the real site.

I find the incomprehensible ones more interesting.
Undefeated TL Tecmo Super Bowl League Champion
Danjoh
Profile Joined October 2010
Sweden405 Posts
April 05 2011 13:16 GMT
#5
I somehow managed to lose my WoW account, way past the time I stopped playing, and I have no idea how, except for brute force. =/

Never signed up with my bnet mail to any wow related sites, when I stopped playing, I changed my password. 3 months later I get a message that a old officer in my guild got hacked, so even tho I felt safe, I changed my password yet again, and I started having some computer issues, so I formated, and while having a clean install (updated all windows updates, installed FF+noscript) I changed my password yet another time, and had at this point stopped visiting WoW related sites.
My pass is 10 characters long, alphanumerical and no word...

4 weeks after that, I get hacked, tho, blizz support was very swift about it and restored my account and gear within 3 hours from the attack happening (or so they told me on the phone).
I saw they had added a 30 day gametime to my account, so I thought I could try it the following weekend, thursday (3 days after getting the hack resolved) I still had the gametime, but on saturday when I had finally downloaded and patched the client, the gametime was removed -_-.

I still don't get why they'd remove the gametime that was added =/
Deleted User 101379
Profile Blog Joined August 2010
4849 Posts
April 05 2011 13:22 GMT
#6
On April 05 2011 22:16 Danjoh wrote:
I somehow managed to lose my WoW account, way past the time I stopped playing, and I have no idea how, except for brute force. =/

Never signed up with my bnet mail to any wow related sites, when I stopped playing, I changed my password. 3 months later I get a message that a old officer in my guild got hacked, so even tho I felt safe, I changed my password yet again, and I started having some computer issues, so I formated, and while having a clean install (updated all windows updates, installed FF+noscript) I changed my password yet another time, and had at this point stopped visiting WoW related sites.
My pass is 10 characters long, alphanumerical and no word...

4 weeks after that, I get hacked, tho, blizz support was very swift about it and restored my account and gear within 3 hours from the attack happening (or so they told me on the phone).
I saw they had added a 30 day gametime to my account, so I thought I could try it the following weekend, thursday (3 days after getting the hack resolved) I still had the gametime, but on saturday when I had finally downloaded and patched the client, the gametime was removed -_-.

I still don't get why they'd remove the gametime that was added =/


I sometimes have the feeling that blizzard or one of it's employees is selling the info, though the passwords are probably encrypted so i guess they still have to phish for it or brute force it/get the password from a phished password with the same hash.
HackBenjamin
Profile Blog Joined January 2011
Canada1094 Posts
April 05 2011 13:24 GMT
#7


I sometimes have the feeling that blizzard or one of it's employees is selling the info, though the passwords are probably encrypted so i guess they still have to phish for it or brute force it/get the password from a phished password with the same hash.


Wouldn't surprise me if it was something along these lines. Blizz sells account emails, people get spam, click the wrong thing, and bam, account jacked. Now don't you wish you had an authenticator for $7.99?

._.
Aerox
Profile Blog Joined September 2004
Malaysia1213 Posts
April 05 2011 13:38 GMT
#8
I remember where it harvested our email addresses. It was during the time when some people (not sure if they're the same people) posted here and other community sites that there were hundreds of free SC2 beta keys available and we had to enter our email addresses at a very well-designed legit-looking site.
"Eyes in the sky."
Pika Chu
Profile Blog Joined August 2005
Romania2510 Posts
April 05 2011 13:48 GMT
#9
They don't know if you have an account. I have just enough friends who receive the same mails and don't own a SC2 account. Just as i'm receiving mail like that for WoW account, which i don't have .
They first ignore you. After they laugh at you. Next they will fight you. In the end you will win.
turdburgler
Profile Blog Joined January 2011
England6749 Posts
April 05 2011 14:17 GMT
#10
On April 05 2011 22:24 HackBenjamin wrote:
Show nested quote +


I sometimes have the feeling that blizzard or one of it's employees is selling the info, though the passwords are probably encrypted so i guess they still have to phish for it or brute force it/get the password from a phished password with the same hash.


Wouldn't surprise me if it was something along these lines. Blizz sells account emails, people get spam, click the wrong thing, and bam, account jacked. Now don't you wish you had an authenticator for $7.99?

._.


i doubt the company does that, if someone blew the whistle they would be sued for millions for data protection infringements. but i think its more than likely that staff who have access to the databases are selling information on, because loads of people i know get spam no matter if they change their emails or dont click anything phishy.
Equinox_kr
Profile Blog Joined December 2006
United States7395 Posts
April 05 2011 14:39 GMT
#11
You can take out all the guesswork of authenticity by just checking where it's mailed from. Obviously the mails will come from blizzard.com and not hotmail.com, which is where 99% of these fake e-mails come from.
^-^
BottleAbuser
Profile Blog Joined December 2007
Korea (South)1888 Posts
April 05 2011 15:18 GMT
#12
It's actually trivial to spoof the from: field. Just don't trust emails.
Compilers are like boyfriends, you miss a period and they go crazy on you.
jtm33
Profile Joined November 2010
19 Posts
April 05 2011 15:32 GMT
#13
I had a really clever one in my Gmail spam folder last month:

Greetings,

It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.

You can confirm that you are the original owner of the account to this secure website with:
https://us.battle.net/account/support/login-support.xml

Login to your account, In accordance following template to verify your account.

* Account name
* Account password
* First and Surname
* Secret Question and Answer
Show * Please enter the correct information

If you ignore this mail your account can and will be closed permanently.

Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.



Account Administration Team
Blizzard Entertainment
http://www.blizzard.com/support/
World of Warcraft , Blizzard Entertainment 2010

Please retain all history if you reply to this mail


And the account "login" page URL was a clickable link to a phishing site mimicking the battlenet login page. The from tags were spoofed to resemble Blizzard's. Also, the site returned a warning saying that it was a reported phishing site, but it wouldn't have when it was first made. Really easy to see how that could fool someone that didn't think about it. Of course it was obvious to me because my WoW sub had expired, it seemed an unlikely premise for Blizzard to send an email on, and the dodgy URL the link actually took me to.
Please log in or register to reply.
Live Events Refresh
Korean StarCraft League
03:00
Week 79
CranKy Ducklings102
davetesta43
HKG_Chickenman36
IntoTheiNu 15
Liquipedia
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
Nina 285
RuFF_SC2 146
StarCraft: Brood War
ggaemo 584
Leta 181
Sexy 96
Jaeyun 29
Dota 2
monkeys_forever903
NeuroSwarm127
LuMiX0
League of Legends
JimRising 687
Counter-Strike
C9.Mang0382
Stewie2K369
Super Smash Bros
amsayoshi62
Other Games
tarik_tv13029
summit1g7376
shahzam518
ViBE234
Trikslyr39
Organizations
Other Games
gamesdonequick924
BasetradeTV36
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
sctven
[ Show 14 non-featured ]
StarCraft 2
• Berry_CruncH67
• Sammyuel 8
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
League of Legends
• Lourlo556
• Stunt227
Upcoming Events
CranKy Ducklings
5h 52m
SC Evo League
7h 52m
WardiTV Summer Champion…
8h 52m
Classic vs Percival
Spirit vs NightMare
CSO Cup
11h 52m
[BSL 2025] Weekly
13h 52m
Sparkling Tuna Cup
1d 5h
SC Evo League
1d 7h
Replay Cast
1d 19h
Afreeca Starleague
2 days
Queen vs HyuN
EffOrt vs Calm
Wardi Open
2 days
[ Show More ]
RotterdaM Event
2 days
Replay Cast
2 days
Afreeca Starleague
3 days
Rush vs TBD
Jaedong vs Mong
Afreeca Starleague
4 days
herO vs TBD
Royal vs Barracks
Replay Cast
4 days
The PondCast
5 days
Replay Cast
5 days
LiuLi Cup
6 days
Cosmonarchy
6 days
OyAji vs Sziky
Sziky vs WolFix
WolFix vs OyAji
BSL Team Wars
6 days
Team Hawk vs Team Dewalt
BSL Team Wars
6 days
Team Hawk vs Team Bonyth
Liquipedia Results

Completed

Jiahua Invitational
uThermal 2v2 Main Event
HCC Europe

Ongoing

Copa Latinoamericana 4
BSL 20 Team Wars
KCM Race Survival 2025 Season 3
BSL 21 Qualifiers
ASL Season 20
CSL Season 18: Qualifier 1
Acropolis #4 - TS1
CSLAN 3
SEL Season 2 Championship
WardiTV Summer 2025
Esports World Cup 2025
BLAST Bounty Fall 2025
BLAST Bounty Fall Qual
IEM Cologne 2025
FISSURE Playground #1
BLAST.tv Austin Major 2025

Upcoming

CSL Season 18: Qualifier 2
CSL 2025 AUTUMN (S18)
LASL Season 20
BSL Season 21
BSL 21 Team A
Chzzk MurlocKing SC1 vs SC2 Cup #2
RSL Revival: Season 2
Maestros of the Game
EC S1
Sisters' Call Cup
IEM Chengdu 2025
PGL Masters Bucharest 2025
Thunderpick World Champ.
MESA Nomadic Masters Fall
CS Asia Championships 2025
Roobet Cup 2025
ESL Pro League S22
StarSeries Fall 2025
FISSURE Playground #2
BLAST Open Fall 2025
BLAST Open Fall Qual
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2025 TLnet. All Rights Reserved.