Phishing

Keywords:

Phishing occurs when a hacker or malicious third party attempts to fool you into giving them your account information, which they use to log into your account and cause damage. The scam page typically looks like a company's official page but has an unofficial URL. Some reported scam URL addresses are listed on PhishTank.

If you are concerned about the security of your account or worry that you may have fallen victim to a phishing scam, visit our Account and Computer Security page. If your account has already been compromised, submit a ticket and secure your account as soon as possible. Consider purchasing or downloading a Battle.net Authenticator for an added layer of security.

Fake or Malicious Whispers In-Game

Whether the whisper promises you free items or threatens you with suspension, this is known as a phishing attempt. Sent in an effort to gain your account credentials, the intent is to take control of your account. Although the website or whisper may look like it's really from Blizzard, it isn't.

Note: Blizzard Entertainment representatives will never ask for your password.

A Game Master will have a blue Blizz tag next to their name.  If the Blizz tag is missing, this is a phishing attempt and the player should be reported. This will ignore the player that is sending out the whispers without using space on your ignore list.

The video below will provide you with more information on scam attempts:

Suspicious Email

You may receive emails asking for account-specific information that appear to be from Blizzard Entertainment. These emails may threaten account suspension or closure if the information is not provided, or they may claim that the information is needed to verify the account. These are phishing emails; their goal is to glean information that can be used to compromise an account.. They are not official correspondence from Blizzard Entertainment.

How to Identify a Phishing Email

If you have received a suspicious email and are not sure if it was sent by Blizzard Entertainment, there are a few things to keep in mind:

  • Emails from Blizzard Entertainment will originate from a @blizzard.com or @battle.net address.
  • Blizzard employees will never ask you for your account password.
  • Correspondence from Blizzard Entertainment will always use proper spelling and grammar.
  • Blizzard will not ask you to verify ownership by replying directly to an email and providing detailed account information (name, password, email address, CD key, etc). If we need to verify your account, we will request an ID.
  • In some cases, phishing emails will ask account owners to visit a malicious website. These websites may appear identical to Battle.net. If you are asked to visit a website linked within an email, please be extremely cautious and always double-check the destination of the hyperlink.
"Spoofed" Email Addresses

Even if you receive an email from an @blizzard.com or @battle.net address, it's still important to remain cautious, as it is possible to change how a sending address appears in the "From" field of an email. The process is known as "spoofing" and may cause a phishing email to initially look like it's been sent by Blizzard Entertainment. To determine the actual sending address of an email, you will need to check the email's header information.

Most online email clients and applications will allow you to view an email's header. See your email provider's documentation to determine how to view email headers. A legitimate email header from Blizzard Entertainment should look something like this:

X-SID-PRA noreply@blizzard.com
or
Return-Path: < noreply@blizzard.com >
Received: from smtp01.worldofwarcraft.com ([XX.XXX.XXX.XXX]) by…
Received: from … by smtp01.worldofwarcraft.com …
for ; Tue, 29 Jan 2008 10:46:05 GMT
From: noreply@blizzard.com
To: Your Email Address

Additional details regarding how to locate header information using some of the more common applications and web-based email providers can also be found on Gmail's Message Headers page.

Report Phishing Emails

If you receive a phishing email, please forward the email to hacks@blizzard.com. When forwarding the email, copy and paste the entire email header into the message body to ensure that we are able to identify the source. This information will help us prevent future phishing emails of the same type.

Lost an item?

Restore your lost items with our Item Restoration service.

Get Help

Still can't find a solution? Submit a ticket and someone will help out!