a web site hacked
 

I was reading on their site that they had been hacked and they presumed that several email addresses were compromised.

Well I would like to confirm that this is true as I received a fake blizzard email today which was probably the most professional phishing attempt I've ever seen in my 5yrs of playing Wow.

All of the url was perfect and had no errors whatsoever from a normal blizz email!

I'm posting this for anyone who has an account with curse ..beware. Delete the email and go to the blizzard website thru your normal channels do not use the link in the email that says "click here".

The email stated that my password had been changed recently and to verify that it was me I needed to "click here" but everything else including the url was spot on perfect. Even the wording was an exact copy of the blizz support emails. Hope this helps someone.

*fyi I did not fall for it as I am well aware of how these things work and it had to be thru my curse email as I never download torrents or go to **** sites because I am a bible thumping christian. I have about 6 sites I go to daily and those are the only sites I go to, I have no kids and no one else uses this computer. Much love and peace

wowace wasn't compromised. warcraftrealms.com was. And they've already fixed it.

interesting ...as ive never been to wow.com and as I stated only go to about 6 sites ....ever.

No intent to dog wowace or curse (which did however register a virus on one of their ads once but I digress) I may have simply been mistaken as I read the article on wowace.

I cant imagine how anyone would have gotten my email address since I never email anyone and am somewhat antisocial when it comes to the internet.

Im registered here and at curse and at gamespot ...no where else. very curious indeed...

I had a fake email 3 days ago too it said-

When you receive this message when your World Of Warcraft Account means that there are serious security risks.
We have evidence to prove your account has been in different countries and regions, several attempts to login.
So we have to remind you to enter our web site as soon as possible http://www.************.com to account verification, otherwise, we will be lock your account.
In order to protect your interests.

Grammar lessons not found. Please try again.
That's some seriously bad grammar and I should know I have horrid grammar.

My spam filter is pretty advanced. I wrote my own BS filter.

Same with me. I got two "password changed" with no link and a "someone hacked your account, supply info to verify it's yours" with the "click here".

Red Flag 1 - asked for a password
Red Flag 2 - asked for CD key
Red Flag 3 - mouseover link showed the address with a "1" replacing a letter

Just be observant guys and look for one or all of these things and you'll be fine.

Yup, I got a, "You have changed your password" email and it was almost identical to the real ones .... or so I thought, the url that they gave at the bottom had one character different to the real wow website.

Sneaky.

It appears that there is currently a major phishing scam going on with WoW right now as I have received 3 attempts in the last 6 days.

The emails look fairly legit and the links appear to "look" real but when you mouse over them the links do not go to where they appear to. Usually a letter is replaced or added in the URL.

In todays day and age it really surprises me how many people still fall for this stuff. Especially the younger crowd that is typical to MMO's.

Mine just takes any email containing the word "verify" and dumps it in my spam box. Surprisingly effective. Another one would be the word "wow" (I've yet to see Blizzard refer to World of Warcraft as "wow" in any official correspondence).

I do find myself a bit curious as to how many failed attempts this site finds in the iptables logs, though.

**EDIT** Nevermind, this place is hosted by GoDaddy. /shrug

**EDIT #2** ...and someone owns wowinterface.org. Also, wowinterface.com, wowinterface.net, and wowinterface.org (again...wtf???) are registered under three different people.

Fear not, though...wowinterface.edu is available.

If someone wants to start the School of Addons, I will administrate your site for a "modest" fee.

This place is not hosted by godaddy. Our domain was registered by godaddy.

http://www.dnsstuff.com/tools/ipall/...p=67.228.49.65

I'm not going to say how many servers we have but its way more than 1. Some one with a lot of time could probably figure it out. We use fail2ban otherwise we would have many more attempts than we do.

We use google apps for our mail service since fighting spam was starting to be a full time job in it self.

You are, of course, correct. I should've taken a closer look at the tools I used...as inputting my own servers' information put me somewhere I've never heard of in Wisconsin (it's sitting right next to me almost 1,000 miles away) and also hosted by GoDaddy (who doesn't even handle my SSL certs, let alone my DNS). My apologies...I wasn't insulting the integrity of WoWInterface's hosting services.

And I can relate to the spam problem...mainly because people like to attempt to use my sendmail as a zombie. Sometimes it's entertaining though when I get up in the morning and have a warning email with "User blahblahblah failed to authenticate 975 times". :D

I have noticed the sudden surge in phishing attempts. Some of them are very well crafted. Others are, to be charitable, pathetic. However in each and every case, when I mouse over the "url" and look in Firefox's Status Bar, the URLs are never an actual Blizzard URL. Then again, I also know that Blizzard will never ask for my details via email or other means.

What's even funnier is I have also gotten a number of Aion phishing emails. I have never had an Aion account so I have to laugh. Thus far, all of the Aion phishing attempts have been very poorly translated attempts.

Just be careful folks, the phishers making an all out assault on our accounts.

Can the original poster change the thread title to "warcraftrealms site hacked".

The wowace site has not been hacked.

Also if you wow login and password is the same as your wowace credentials then ....

Well I won't call anyone a moron here so I'll just say you're really silly for doing so.

Saying the act is moronic would be more accurate.

just got another from the fake blizzard
 

Flag this messageWorld of Warcraft Account The Inspection Result NotificationFriday, January 22, 2010 7:28 PM
From: "[email protected]" <[email protected]>
To: t*********[email protected] <- ME
We are in the quarter a routine inspection found that your account has serious security risk so we had to send this message to inform you and ask you to note that account security and to ensure that you are not subject to the loss, we will lock your account, if you do not want us to take such action as soon as possible to verify your account login www.***war***.com

The World Of Warcraft Team.

I've also had a surge of emails like this recently. Sadly for them, they were using the wrong emails (I have a separate email for WoW then anything else that I don't use at all). So that was fail on their part.

And some of the messages were pretty funny. Riddled with spelling and grammatical errors. It's odd, though. It's only just recently started. I've never been a "target" for these before recently. Just seems odd to me.