Guest

Why you shouldn't use your real email on fan sites

Recommended Posts

Villayna    0

from

http://forums.worldofwarcraft.com/thread.html?sid=1&topicId=25026405755

I apologize if this would be the wrong forum, but I thought this might help illustrate to hacking victims how important it is to protect your email address for WoW.

Over the last 3 weeks I did an email experiment with wow fansites, guild sites, etc, to see how many "fake" blizzard emails I'd get that were phishing and social engineering attempts to get my wow info. What I did was create a fresh gmail address for each site that I simply signed up for and used to create an account on the site. The email addresses were random jarbles of letters and numbers to try and eliminate "guessing" an email address. The addresses were shared or posted nowhere, and were used solely for the one site each was created for. I then checked the inbox and spam folders of each address after 3 weeks to see what I'd find. The results might surprise you.

I'm not sure if I'm allowed to post the site URL, so I will instead refer to the site "name". (if this must be removed as well, a blue can certainly do it or inform me) Below is a list of the sites, along with the number of "fake" phishing/scam emails I received in a 3 week period with the above fresh email addresses and sign ups. What's surprising is that several of these sites supposedly "hide" your email address.

guild portal - 16 phishing emails

guild o matic - 16 phishing emails

guild launch - 23 phishing emails

curse - 1 phishing email

wow installer - 19 phishing emails

mmo-champion - 0 phishing emails

wow insider - 4 phishing emails

world of raids - 7 phishing emails

battle.net - 0 phishing emails

I hope this illustrates the importance of NOT using your battle.net email at any other fansites or guild sites! (or anywhere for that matter)

I do not claim my methods are perfect or infallible. Take this for what you feel it's worth, be it nothing at all, or an interesting test.

Some interesting numbers there. I wonder if anyone would get anything off of a TNG only email address.

Share this post


Link to post
Share on other sites
Emmons    1

I'm not gonna bring up that I mentioned previously that hackers were probably skimming emails off of fan sites...

...but I mentioned previously that hackers were probably skimming emails off of fan sites.

Share this post


Link to post
Share on other sites
Saphiara    11

Receiving an email means nothing. I receive idiot emails all the time. The important part is to recognize them and not click on any links within them. Consider any email from Blizzard suspect until you can prove otherwise.

Then go and buy an Authenticator. Best investment you can make.

Share this post


Link to post
Share on other sites
Marroc    0

The point was that the email addresses used to sign up during that test were brand new... and they received targeted wow-related spam. That means that some of those sites either a: sold that email, or b: are not properly protecting your email.

Proper handling of any potential phishing email is important, but that's not what this is about.

Share this post


Link to post
Share on other sites
Agnarr    10
I wonder if anyone would get anything off of a TNG only email address.

Nope.

I don't think I've ever received a WoW-phishing e-mail. A couple of in-game messages, but that's it.

Of course, I also don't use most of those listed sites. Guild portal I admit to, though, so maybe this person got unlucky there, or I've been lucky.

And there's a website called WoW Installers? Yeah that sounds safe.

Share this post


Link to post
Share on other sites
Lurile    10
from

http://forums.worldofwarcraft.com/thread.html?sid=1&topicId=25026405755

Some interesting numbers there. I wonder if anyone would get anything off of a TNG only email address.

Only you would know!

No seriously, anyone who has their email that's not viewed, unless one of the admins are SELLING OUR INFO!!!!!! then we wouldn't receive them

On another note, I get phishing emails all the time on my old email (the battle.net one)

Share this post


Link to post
Share on other sites
Agnarr    10

Funny. A few days ago I got my first phishing e-mail, and the next day I got a second one. Not identical ones, either. Telling me that my battle.net account email was being changed.

Except of course it wasn't sent to my battle.net email account. And the owner of the first website linked was some guy in China (didn't bother researching the second one).

Also haven't signed up to any new WoW-based websites in, well, years. The email address used hasn't been associated with WoW since the battle.net accounts were first added as an optional thing.

Share this post


Link to post
Share on other sites
Zarja    13
Receiving an email means nothing. I receive idiot emails all the time. The important part is to recognize them and not click on any links within them. Consider any email from Blizzard suspect until you can prove otherwise.

Then go and buy an Authenticator. Best investment you can make.

Only paid $6.50 and liek $2.00 shipping handling. And only one can work on all your accounts, for those of you who have more then 1 account :P

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now