Thread Tools Display Modes
Prev Previous Post   Next Post Next
12-09-09, 11:57 AM   #1
swaldman
Guest
Posts: n/a
WowInterface.com email database has been compromised

Apologies for posting this on a forum - I couldn't find any other way of contacting the people who run wowinterface.

I've just received a fairly standard phishing email, with one notable point - it was sent to an email address that I have only ever used with WoWInterface. This suggests to me that somehow, spammers have gained access to the wowinterface email database.

Please would you investigate?

Email below, with some info anonymised. Note that it was sent as base64-encoded text, which means I can't easily paste the source in here - instead you get what gmail renders, plus the headers.

-----

Code:
Delivered-To: [email protected]
Received: by 10.204.118.145 with SMTP id v17cs348724bkq;
        Wed, 9 Dec 2009 08:43:34 -0800 (PST)
Received: by 10.115.38.32 with SMTP id q32mr18748121waj.8.1260377011997;
        Wed, 09 Dec 2009 08:43:31 -0800 (PST)
Return-Path: <[email protected]>
Received: from mail2-162.sinamail.sina.******* (mail2-162.sinamail.sina.******* [60.28.2.162])
        by mx.google.com with ESMTP id 13si18622189pzk.127.2009.12.09.08.43.30;
        Wed, 09 Dec 2009 08:43:31 -0800 (PST)
Received-SPF: pass (google.com: domain of [email protected] designates 60.28.2.162 as permitted sender) client-ip=60.28.2.162;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 60.28.2.162 as permitted sender) [email protected]
Received: from unknown (HELO login.mail.sina.*******) ([10.29.11.24])
  by mail2-160.sinamail.sina.******* with ESMTP; 10 Dec 2009 00:43:29 +0800
Received: by login.mail.sina.******* (Postfix, from userid 80)
	id 44F5E358C47; Thu, 10 Dec 2009 00:43:29 +0800 (CST)
Received: [email protected]([220.249.132.224]) by mail.sina.******* via HTTP;
 Thu, 10 Dec 2009 00:43:29 +0800 (CST)
Date: Thu, 10 Dec 2009 00:43:29 +0800 
From: Blizzard Entertainment <[email protected]>
To: [email protected]
Subject: =?GBK?B?QmF0dGxlLm5ldCBBY2NvdW50IKhDIFBhc3N3b3JkIENoYW5nZSBOb3RpY2U=?=
MIME-Version: 1.0
X-Priority: 0
X-MessageID: 1260377009.2617.44142
X-OriginaIP: 10.28.11.24
X-Mailer: Sina WebMail 4.0
Content-Type: multipart/alternative;
	 boundary="=-sinamail_alt_5fa618964e32e7282284018b85d011ad"
Message-Id: <[email protected].*******>

Hello

This is an automated notification regarding the recent change(s) made to your Battle.net account

Your password has recently been modified through the Account Management website.

*** If you made this password change, please disregard this notification.

However, if you did NOT make any changes to your password, we recommend you contact Blizzard Billing & Account Services for assistance keeping your account as secure as possible.

For more information, click here for answers to Frequently Asked Questions or to contact the Blizzard Billing & Account Services team.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Sincerely,
The Battle.net Account Team
Online Privacy Policy
  Reply With Quote
 

WoWInterface » Site Forums » Site help, bugs, suggestions/questions » WowInterface.com email database has been compromised

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off