Popular scams and how to avoid them

Updated Fri, Jun 12, 2009, 5:00 PM·7 min read

We have a lot of reports of scams coming in to our tip line and many of us are receiving the same phishing emails you are. Even Scott Kurtz from PvPOnline was tweeting about getting one the other day. These scams can be initiated via email to any one of your email addresses. Or they may start in game. Regardless of where they attack you, most of the scams require some form of social engineering to get your info and therefore access to your in-game valuables.

What is social engineering? Social engineering is manipulating victims to volunteer personal information about themselves in order to perpetrate a con, scam, fraud, etc. If you have seen the movie Groundhog Day, then you have seen a very good example of it. Phil, a television weatherman, is living the same day over and over. One iteration of his morning, he asks an attractive woman her name, where she went to highschool and her English teacher. The next iteration of his morning, he "accidentally" runs into her and pretends to know her from highschool, resulting in her going to bed with him.

His con works for 3 reasons:

He seems respectable. He is a well-dressed, articulate, minor celebrity. With this veneer of respectability, he is able to get the initial information and subsequently convince the victim, Nancy, that the forgotten nerd sitting next to her at school has sprouted into a catch.
The victim sees value in what the con artist is offering. Nancy wants to date a celebrity or at least a successful man and is therefore both available as a victim and incautious with her information and actions.
The victim is unaware that the information has been stolen. In the case of this movie, she cannot remember any previous iterations of the day.

The WoW related scams work for the same reasons. Here are the most popular ones right now:

Your WoW account is under investigation
An email gets sent to one of your email addresses (not necessarily the one you have attached to your WoW account) that says something like: "An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded." The email either asks you to email them your account information or it includes a link to an official looking phishing site designed to steal your info. This is essentially the same scam that has been going on for a while. It comes from what looks like a respectable source, though the only valid email would be wowaccountadmin@blizzard.com without any double "v"s or misspellings. You value protecting your account, so you give your info to this supposedly trusted source. They then use your info to steal your account.
Avoid by: Calling Blizzard directly. If your account is really under investigation, Blizzard will tell you on the phone. For more details, please see this post from Blizzard about fake emails.

In-game mail from a misspelled guildie
You receive mail from a player whose name is spelled very similarly to a guildie or friend -- perhaps with a special character or off by one letter. The mail includes a website to go to for a special deal or to look at a picture or something similar. The site either contains a keylogger or it is a phishing site. Again, when this con works, it is because it is from a source you trust (a guildie), it contains value for you (guildies often send you to interesting websites) and, if you are incautious, you are unaware that your information has been stolen until after it is. This one grabs a lot of active guildmembers because guildies often have hard to spell character names or even alts that are just misspelled versions of their mains.
Avoid by: Verify any in-game mail you get that contain external links by checking your guild roster. Also, you should have an in-guild policy that limits external links to the member restricted area of your guild forums only. In all cases, don't enter your account information unless you go to the Blizzard website directly and scan your computer daily/nightly using any of the freely available virus/malware scans.

Invite/promote request from a misspelled guildie
This one targets your guildbank and not your account. You receive a whisper, from someone who is again spelled very similar to a guildie, to have his alt invited and promoted. The imposter then cleans out your guildbank. You are basically being punished for being a considerate guildie in this situation.
Avoid by: Make sure that all invite requests come from someone in your guild roster. A quick look at your online list will show you if that person is online and will allow you to compare the names. Also, keep a category in your guild hierarchy specifically for alts that does not have access to the valuable tabs in your guildbank. It is only a mild inconvenience for main members to mail their alts anything they need.

Spectral Tiger Mount for sale in tradechat
A high level, server-known player offers up a Spectral Tiger Mount (or any other highly valuable, tradeable in-game loot) for sale at a price that is high enough to be believable, but low enough to be tempting. When contacted, the seller only asks to verify you have the gold before agreeing to send you the code via out of game email. The email contains a code and a link to a phishing site. Your account is then hacked, cleaned out and used to scam the next person. This scam gains a lot of credibility by using hacked accounts that are high level to conduct the transaction. A lot of otherwise careful players are taken in because the excitement of a great deal causes them to be incautious. For further information on this scam, read an interview with one of the actual scammers.
Avoid by: Always be extra careful when a deal seems too good. While there are legitimate sellers of these valuable items at good deals, they will usually conduct the transaction in-game. Again, only go to the Blizzard account sites directly -- never click a link in an email.

Helpful links in the comments and forums
Some of the links in the official forums and the comments here at WoW.com have been put there specifically by shady social engineers to lure unsuspecting readers into a trap. The links go to sites that contain keyloggers that download while you are loading the site. Or they are phishing sites designed to steal your information. We delete the comments that contain them when we catch them, but we don't always catch them.
Avoid by: It is safest to never click on a link in the comments or forums. But if you think it is to a trusted site, then type in the address manually, just to be safe.

Goldsellers and leveling services
Captain Obvious laughs at players who are surprised to learn that the underhanded companies offering services that are against the ToS are the same ones who are hacking accounts. Where else do you think the gold is coming from? The easiest marks for these companies are the people who use their own services, since they are voluntarily giving their information and Blizzard won't protect them.
Avoid by: Don't buy gold! Seriously. Earning gold and leveling your characters get easier with each patch. And if you think that goldbuying is a victimless activity, just scroll up and re-read. These scams wouldn't exist if there weren't a market for their stolen goods.

WoW scammers (and the most common real world criminals) need your cooperation to get your account info, so the biggest hole in your account security is you. Protect your personal data at all times. And use safety nets for when you make mistakes, like regular virus scanning and the Authenticator.

Play Safe!

Please remember that account safety and computer security is your responsibility! While WoW.com has provided you with resources to additional information, do your homework and make sure you know what you're doing before installing any antivirus or other software.

Engadget
Take-Two is shutting down the studios behind Rollerdrome and Kerbal Space Program 2
This one's a bummer.
4h ago
Engadget
Snapchat will finally let you edit your chats
Snapchat will finally join most of its messaging app peers and allow users to edit their chats.
6h ago
Engadget
A researcher is suing Meta for the right to ‘turn off’ Facebook’s news feed
The Knight First Amendment Institute at Columbia University is suing Meta on behalf of a researcher who wants to release a browser extension that would allow people to “effectively turn off” their algorithmic feeds.
7h ago
Engadget
Microsoft’s OpenAI partnership was born from Google envy
It turns out the lay of today’s AI landscape can be traced back to fear, jealousy and intense capitalist ambition. Emails revealed in the Department of Justice’s antitrust case against Google show Microsoft executives expressing alarm and envy over Google’s AI lead.
8h ago
Engadget
Explore Starfield's barren planets at 60 fps on Xbox Series X starting this month
Starfield's May update adds the option to target 30, 40, 60 fps or an uncapped frame rate on Xbox Series X.
10h ago
Engadget
PS5 update will let you invite people to multiplayer games through your smartphone's apps
Sony just announced a forthcoming feature for the PS5 that will let users invite friends into a game even when they aren’t at the console or near a keyboard. It works via a shareable link.
10h ago
Engadget
Block reportedly greenlit transactions involving terrorist groups and sanctioned nations
Block appears to be squarely in the government’s sights. Prosecutors from the Southern District of New York are reportedly probing extensive compliance lapses at the parent company of Square and Cash App.
10h ago
Engadget
May's PlayStation Plus games include Ghostrunner 2 and the modern classic Tunic
Sony just announced May’s PlayStation Plus lineup of games. They include Ghostrunner 2, Tunic and EA Sports FC 24.
11h ago
Engadget
Xbox Series X/S storage expansion cards from WD and Seagate are discounted right now
If you need more storage for your Xbox Series X/S, 1TB and 2TB expansion cards from WD and Seagate are currently on sale.
12h ago
Engadget
Batman: Arkham Shadow is the first big exclusive VR game for the Quest 3
Meta just dropped a trailer for Batman: Arkham Shadow, which is one of the first exclusive games for Quest 3. You play as the caped crusader in a story set in the franchise canon.
13h ago
Engadget
TikTok might be going around Apple's in-app purchase rules for its coins
TikTok has apparently added in-app coin purchase options for some users, going against Apple's policies.
15h ago
Engadget
LinkedIn now has Wordle-style games you can play every day
LinkedIn, the professional network known for job listings and unsolicited career advice, is jumping into gaming.
15h ago
Engadget
Ring's new indoor camera lets you pan and tilt for a better view
It's the first Ring to come with a motorized base.
16h ago
Engadget
Rabbit denies claims that its R1 virtual assistant is a glorified Android app
The $199 Rabbit R1, a pocket-sized AI virtual assistant device, runs Android under the hood and is powered by a single app, according to Android Authority.
16h ago
Engadget
The Morning After: Our verdict on the Beats Solo 4 headphones
The biggest news stories this morning: What to expect from Apple’s Let Loose iPad event, The excellent and customizable Arc Browser is now fully available on Windows, Binance founder Changpeng Zhao sentenced to four months in prison
17h ago
Engadget
The best apps and services for new graduates
Here's a list of the best apps and services for new graduates, as chosen by Engadget editors.
a year ago
Engadget
The best webcams for 2024
Here's a list of the best webcams you can buy for your laptop or desktop, plus advice on how to choose the right one for you.
5 months ago
Engadget
Microsoft and OpenAI sued yet again by Chicago Tribune and New York Daily News
A group of publications that include the Chicago Tribune, New York Daily News and the Orlando Sentinel are accusing OpenAI and Microsoft of stealing their copyrighted content to train generative AI products.
20h ago
Engadget
The best gaming accessories on a budget for 2024
Here's a list of the best budget gaming accessories you can buy, as chosen by Engadget editors.
8 months ago
Engadget
The Cheyenne Supercomputer is going for a fraction of its list price at auction right now
The US government is selling the Cheyenne Supercomputer at auction for a fraction of the list price right now.
1d ago

Popular scams and how to avoid them

Latest Stories

Take-Two is shutting down the studios behind Rollerdrome and Kerbal Space Program 2

Snapchat will finally let you edit your chats

A researcher is suing Meta for the right to ‘turn off’ Facebook’s news feed

Microsoft’s OpenAI partnership was born from Google envy

Explore Starfield's barren planets at 60 fps on Xbox Series X starting this month

PS5 update will let you invite people to multiplayer games through your smartphone's apps

Block reportedly greenlit transactions involving terrorist groups and sanctioned nations

May's PlayStation Plus games include Ghostrunner 2 and the modern classic Tunic

Xbox Series X/S storage expansion cards from WD and Seagate are discounted right now

Batman: Arkham Shadow is the first big exclusive VR game for the Quest 3

TikTok might be going around Apple's in-app purchase rules for its coins

LinkedIn now has Wordle-style games you can play every day

Ring's new indoor camera lets you pan and tilt for a better view

Rabbit denies claims that its R1 virtual assistant is a glorified Android app

The Morning After: Our verdict on the Beats Solo 4 headphones

The best apps and services for new graduates

The best webcams for 2024

Microsoft and OpenAI sued yet again by Chicago Tribune and New York Daily News

The best gaming accessories on a budget for 2024

The Cheyenne Supercomputer is going for a fraction of its list price at auction right now

About

Sections

Contribute

Buying Guides