I received 2 emails from Blizzard this week claiming that I have made a new password for my account, but i need to click on the link in the email in order to verify and accept the new password. Here are the images:
This is the message source from the email.. seems legit?
The URLs are linked to worldofwarcraft.com, when i tried resetting my password using the 'forgot my login details' option, i received a similar email but they are linked to battle.net. I dont have an active world of warcraft account even though i used to play it long ago.
This is what i got when i tried to reset my password. Has various differences from the first picture above
before you say you get junk mail from blizz all the time: this is significantly different from the typical junk mail from blizz as the URL in the email redirects you to an 'official' blizzard site, ww w.worldofwarcraft.com/etcetc not a random obvious typical nonsence site like ww w.battle.net.zh.blizzard.com/asdasdasd
These are words that I never thought I'd type, but you should probably go to the battle.net forums for this, the forumers there will be useless per usual but mods will actually be able to check this for you.
If you have a generic email address I guess it's just possible someone typed in the wrong email address when trying to retrieve their own wow password. I'm no expert though.
On August 21 2011 23:22 Carnac wrote: wowadmin.net? obvious scam attempt
if you are referring to the message source, i looked at message source of the email that i purposely requested for a password reset and it also also is linked to wowadmin.net
I get these mails like once a day: 'Your acount has been hacked change your pw and "insert some kind of problem" please contuact us.' It all automaticly goes straight to spam so just ignore it.
If you can still log in, it's BS. And it's BS. The URL isn't battle.net. Basically, as long as your password works, ignore literally everything claiming to be from them. And maybe get an authenticator.
On August 21 2011 23:22 Carnac wrote: wowadmin.net? obvious scam attempt
if you are referring to the message source, i looked at message source of the email that i purposely requested for a password reset and it also also is linked to wowadmin.net
After some more research it seems I was indeed wrong, sorry about that, it just sounded like one of those typical scam URLs, so it might be a legit email.
I'm not sure about Battle.net's password recovery procedures, since I never had to recover my password. I don't know whether anyone can just submit the email address of an existing account and thus have an automatic email sent there without having to provide any additional info first.
Some header information is really easy to fake, some is not.
On August 21 2011 23:49 DusTerr wrote: can you log in to battle.net with your current/old password?
yep it is working fine. i am just very curious about the source of this phishing email because it seems very legit although still possibly a fake.
had my account been compromised and my password stolen, the hacker could just simply change my password on my b.net account site without having to go through any email verification
On August 21 2011 23:22 Carnac wrote: wowadmin.net? obvious scam attempt
if you are referring to the message source, i looked at message source of the email that i purposely requested for a password reset and it also also is linked to wowadmin.net
After some more research it seems I was indeed wrong, sorry about that, it just sounded like one of those typical scam URLs, so it might be a legit email.
I'm not sure about Battle.net's password recovery procedures, since I never had to recover my password. I don't know whether anyone can just submit the email address of an existing account and thus have an automatic email sent there without having to provide any additional info first.
Some header information is really easy to fake, some is not.
Did you try logging in btw?
yep able to login.
the procedure for the password reset is: 1. go to battle.net site, request for a password reset 2. enter account's email address, first and last name of user, and a anti bot security code 3. enter either your secret password or first 6 digits of a cd key attached to account
i guess right now the main clue is that the redirected links from the scam email is worldofwarcraft.com/etcetc while the official blizzard one is us.battle.net/etcetc
^^Lol, then my attempt to explain the email earlier fails pretty hard.
Though it feels a little suspect, how would entering a valid address like worldofwarcraft.com enable anyone to scam you no matter what comes after the .com/?
The e-mail seems legit and I'm pretty sure it's from Blizzard. Therefore, what is going on is that somebody may be trying to hack your account by pretending to be you.
Make sure that you make your e-mail account and WoW account as secure as possible. You might possibly want to even contact Blizzard customer support for additional help, because you have a legitimate concern to be worried if the hacker was able to send a password reset request. (the hacker knows your account's email address, first and last name of user apparently)
I've seen alot of WoW scam emails, but this one seems pretty legit. Only odd thing is it linking to Worldofwarcraft.com instead of battle.net, but it redirects to battle.net all the same.
I'd have to agree with HoMM here, it seems that someone is trying to reset your PW in oder to hack you. I hope you don't use the same password for your email as for your WoW account.
On August 22 2011 00:58 Stress wrote: I would get an authenticator. They are fairly cheap and you don't ever have to worry about crap like this.
There are even free apps for iphone, im using it and it works just fine.
But to OP, i just changed my PW last week and the email i´ve got had no verification link at all, it was just an information, that my PW got changed. So i would assume this is indeed scam. But i never played WoW, so don´t really know about the procedure there.
EPT![[image loading]](http://i.imgur.com/RiZ9f.jpg)
![[image loading]](http://i.imgur.com/KHNKp.jpg)
![[image loading]](http://i.imgur.com/aAsyn.jpg)
