Diablo® III

Help with a Diablo III Phishing Email

Posts: 3
I recently received the following email, it has all the usual hallmarks of a phishing site but I clicked on it anyways because I panicked and apparently my account had been recently locked (not sure what was behind this, but it was potentially my fault for trying to log in to a different computer.) I've managed to unlock my account since then but now need to make sure I am in no danger of being hacked or scammed.

I just want to be extra careful that nothing is wrong with my account or with my computer. Can someone verify that this truly is a fake email, and if it is what I can do to protect myself (I have already changed my Blizzard password and I am currently running a full system scan for key loggers or trojans or what have you.)

The email I received is as follows:

Greetings!

It has come to our attention that you are trying to sell your personal Diablo III account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.

Please open this connection:
https://us.battle.net/login/en?ref=http%3A%2F%2Feu.battle.net%2Fwow%2Fen%2Findex&app=com-wow

If your account passes the check successfully, we will send this package of dynamic Battle.net Mobile Authenticator to you in the form of e-mail.

In 3 days after you receiving the e-mail, if you don't submit your information, we have right to freeze your account, every player is obligated to protect the safety of the account. You must work together with us to be determined to crack down all the behaviors of destroying games.

If you had already authenticator your account, please disregard this automatic notification.

Regards,

Account Administration Team
Diablo III , Blizzard Entertainment 2013


Thank you for your time.
Reply Quote
Support Forum Agent
Posts: 42,458
Superunknown,

Yes, it's a phishing email.

I'd recommend changing the Battle.net account password again but I'd do it from another PC you've never connected to Battle.net from before. Ideally one that's been scanned already for malware/trojans.

You'll want to make sure you don't use the same password for the Battle.net account as you do for the email account too. I'd also strongly recommend obtaining an authenticator for the account.

On top of all that, I don't see that you even have Diablo III on this posting account? That right there should have been a major clue that the email was a fake assuming this is the account you're talking about.
Reply Quote
- Technical Support
Posts: 25,730
View profile
That is a very very common phishing scam. Do NOT click on any links in there. You can forward the email, with headers intact, to hacks@blizzard.com. That one is so common they use it as an example in the article on how to avoid phishing :) http://us.battle.net/en/security/theft#phishing

Also, you are right that the security system detected a new PC which was why you were locked earlier. That is normal though and shows the system is working properly.

If you are worried, you can do four things:

1. Scan your PC with Malwarebytes. Boot to safe mode and type gibberish into the login screen before running a FULL (not quick) scan. Repeat with a virus scan.
2. From your now clean PC - create a new email you use ONLY for battle.net. Do not give it out ever. That will help prevent all but the most generic of phishing scams from getting to you. Gmail is a good one because they offer a phone authentication system to help secure the email account.
3. Get an Authenticator if you don't have one on your own battle.net account
4. Consider using SMS Protect - it is NOT an authenticator, but it will alert you to changes in your account and help make some procedures easier.

If you have done all those things then sit back and relax :)

Ediit - Not fast enough to beat the Blue!
Edited by MissCheetah#1661 on 1/2/2013 1:17 PM PST
Reply Quote
Posts: 3
I did click on the link like an idiot and send in the info it asked for (which was just the username, which obviously they already had, and a password that I've since changed.)

You are right Omrakos, but I'm seeing this free to play thing on my account for Diablo III so I thought maybe that someone got a hold of my account and tried to sell it. A careless error, but I probably wasn't in the right state of mind to appreciate that at the time...bottom line is I'm hopelessly gullible!

On a lighter note, you would think that with all the effort they sink into creating a website that pretty much resembles Blizzard's, they would be able to spend roughly 10 minutes to check spelling and grammar on the e-mails.

Thanks so much for the help though, It's looking like I'm clean and I've definitely learned an important lesson (two or three, really) for the future!
Reply Quote
- Technical Support
Posts: 25,730
View profile
Those sites often put keyloggers onto your PC so it is VERY important that you take the time to do a FULL Malware scan like I suggested and after that run a virus scan too! Malwarebytes is recommended for malware and is free. Microsoft Security Essentials/Windows Defender is free and not so bad for a virus scanner.

Change your password again from a clean PC as well. They likely already have your new one if you did not do the malware sweep first.

You are also going to want to check out the other security options such as an Authenticator.
Edited by MissCheetah#1661 on 1/2/2013 1:52 PM PST
Reply Quote
Posts: 3
I have Norton 360, is that ok? I ran a full system scan and came back with like 14 things (nothing major apparently, they were removed without incident). On their forums it seems to be that a few people are having trouble getting keyloggers on to their computer to monitor their children and the like. That seems to be good news for my scenario.

I have changed both passwords from a different, clean PC.
Edited by Superunknown on 1/2/2013 2:42 PM PST
Reply Quote
- Technical Support
Posts: 25,730
View profile
Norton is well known for missing things. Malwarebytes is free and does not run in the background when not in use so will not bog down your PC. Most of us have seen Norton's miss too much to feel 100% safe. The Malwarebytes scan is still recommended. The free version will be good enough for what you want http://www.malwarebytes.org/products/malwarebytes_free/

In fact, doing a malwarebytes scan once a week is just plain good computer maintenance!
Reply Quote

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]