Phishing occurs when a hacker or malicious third party attempts to fool you into giving them your account information, which they then use to log into your account and cause damage. The scam page typically looks like a company official page but has an unofficial URL. Some reported scam URL addresses are listed on PhishTank.
If you are concerned about the security of your account or worry that you may have fallen victim to a phishing scam, visit our Account and Computer Security page. If your account has already been compromised, submit a ticket and secure your account as soon as possible. Consider purchasing or downloading a Battle.net Authenticator for an added layer of security.
Fake or Malicious Whispers In-Game
Whether the whisper promises you free items or threatens you with suspension, this is known as a phishing attempt. Sent in an effort to gain your account credentials, the intent of these websites and whispers is to take control of your account. Although the website or whisper may look like it's really from Blizzard, it isn't.
Note: Blizzard Entertainment representatives will never ask for your password.
A Game Master will have a blue Blizz tag next to their name. If the Blizz tag is missing, this is a phishing attempt and the player should be reported. Right-click the chat line and click the Report Player option. Report Player is very effective against these scammers, as it flags the reported account immediately. This process will ignore the player that is sending out the whispers without using space on your ignore list.
The video below will provide you with more information regarding scam attempts:
Occasionally, players may receive emails asking for account-specific information that appear to be from Blizzard Entertainment. These emails may threaten account suspension or closure if the information is not provided swiftly or claim that the information is needed to verify the account. These are phishing emails. They are not official correspondence from Blizzard Entertainment; their goal is to glean information that can be used to compromise an account.
How to Identify a Phishing Email
If you have received a suspicious email and are not sure if it was sent by Blizzard Entertainment, there are a few things to keep in mind:
- Emails from Blizzard Entertainment will originate from a @blizzard.com or @battle.net address.
- Blizzard employees will never ask you for your account password.
- Correspondence from Blizzard Entertainment will always use proper spelling and grammar.
- Phishing emails will often claim that an account has been found in violation of a specific policy and will be closed if the account owner does not verify ownership. The account owner is typically asked to verify ownership by replying directly to the email and providing detailed account information (name, password, email address, CD key, etc). This is not a standard practice of Blizzard Entertainment.
- In some cases, phishing emails will ask account owners to visit a malicious website. These websites may appear identical to Battle.net. Frequently, these mirror sites will ask you to enter an account name and password to log in, a process which records the information for later use and possible compromise. If you are ever asked to visit a website linked within an email, please be extremely cautious and always double-check the destination of the hyperlink.
"Spoofed" Email Addresses
Even if you receive an email from an @blizzard.com or @battle.net address, it's still important to remain cautious, as it is possible to change how a sending address appears in the "From" field of an email. The process is known as "spoofing" and may cause a phishing email to initially look like it's been sent by Blizzard Entertainment. To determine the actual sending address of an email, you will need to check the email's header information.
Most online email clients and applications will allow you to view an email's header. Please see your email provider's documentation to determine how to view email headers. A legitimate email header from Blizzard Entertainment should look something like this:
Return-Path: < firstname.lastname@example.org >
Received: from smtp01.worldofwarcraft.com ([XX.XXX.XXX.XXX]) by…
Received: from … by smtp01.worldofwarcraft.com …
for ; Tue, 29 Jan 2008 10:46:05 GMT
To: Your Email Address
Additional details regarding how to locate header information using some of the more common applications and web-based e-mail providers can also be found on Gmail's Message Headers page.
Report Phishing Emails
If you receive a phishing email, please forward the email to email@example.com at your earliest convenience. When forwarding the email, copy and paste the entire email header into the message body to ensure that we are able to identify the source. This information will help us prevent future phishing emails of the same type.
Article ID: 300737