Widespread wave of phishing emails reported

Over the past week WoW Insider has received an increasing number of reports of phishing emails. This means that some industrious folks have decided that now is a good time to try to steal accounts from unsuspecting players, and thus we're thinking this is a great time to remind people about the dangers of these evil emails!

Most of the current phishing emails have been telling people that their account is under investigation for account trading, and directing them to a website in which they need to fill in their complete account information along with a CD key. Obviously this website is a phishing site, and is illegitimate.

There are several things you should look for in a legitimate (or illegitimate) email from Blizzard. After the break we'll take a look at these, as well as provide some places you can go for further information.

How to spot a fake email

• Blizzard will never ask for your password. If the email is telling you to send it to them, then it's a fake.

• Account emails will only come from and accept replies to wowaccountadmin@blizzard.com. Anything else and it's a fake. A lot of these phishing emails are saying noreply@blizzard.com, but guess what, those are fake. Blizzard does use that email address for some things, but not when they're talking to you about your account.
  

• Links go to sites that are not Blizzard owned. The phishing emails that I've received recently have links pointing to sites that are clearly not Blizzard owned. Sites like zomgadamholiskyrocks.com is not a site you want to put your password into, and neither is blzard.com, wowinsidar.com, or saccovsziebart.tv. They're all fake!

I can't stress enough how important the simple task of checking the email address is. I've received a fair amount of communication from Blizzard folks directly for my job here at WoW Insider, and they all point back to blizzard.com. While email headers can and are faked, most of the account spammers are too lazy to fake them. Also just checking the site link before you click will save you loads of trouble as well. If it's not a link to blizzard.com or worldofwarcraft.com then don't click.

If you have discovered a phishing email, then forward it to hacks@blizzard.com. I've sent a lot there, and I'm sure Blizzard is happy to get as many phishing emails as possible.

There are two more important resources that you'll want to check out.

The first is the blue sticky post about fake emails from "Blizzard Entertainment" on the customer service forums, and the second is the antivirus program AVG. If you're not running an antivirus application you're just asking for trouble.

Oh, and there's this little thing called the authenticator you should get too.

Stay safe, and watch out for the phish!

Please remember that account safety and computer security is your responsibility! While WoW Insider has provided you with resources to additional information, do your homework and make sure you know what you're doing before installing any antivirus or other software.