WoW, Totally Lame Phishing Attempt…


Do people actually fall for this shit?

Really?

world of warcraft: Cataclysm Beta Test Invitation!

Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don’t want to be left out in  the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you’re opted-in and eligible as a  potential candidate, you’ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded  to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.

Get the Installer – Log in to your Battle.net account:

http://www.wow-suppor-security-blizzard.com/{redacted}/{redacted}?ref=https://us.battle.net/account/management/beta-profile.xml&app=bam&rhtml=y&rhtml=true

** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date.

Enjoy the game!

?2010 Blizzard Entertainment, Inc.

I’ll pull the link and cut out some non-functional stuff.

Let’s break down why this is a phishing attempt.

1. note the http in front of the URL? If you’re going to be logging in, you want the site to use HTTPS. It’s not flawless, but it’s shitloads more secure than a basic http post.

2. the rest of the main url isn’t even close to worldofwarcraft.com. “wow-suppor-security-blizzard.com”. WTF is that? Honestly, they’d be better off doing the tail end of the link there as text hyperlinking to the URL they’re showing (though maybe that trips off the phishing schemes too easily).

3. They actually put a semi-actual looking URL in the link, but it’s not a direct URL to that at all.

4. If you do a WhoIs on that root URL, you’ll discover it’s in China. http://www.whois.net/whois/wow-suppor-security-blizzard.com Now maybe Blizzard is contracting out to China? Whatever. The company registering the site wasn’t Blizzard. That’s a big flag there.

This is total bullshit. Don’t buy it.

They get points for not having any spelling or severe grammar mistakes in the body of the email and I like how they add the IMPORTANT note to make it seem more legit.

I suppose this post is pointless because most of the people who are smart enough to read my blog wouldn’t be fooled by this because… well, you’re reading my blog!

Advertisements

3 thoughts on “WoW, Totally Lame Phishing Attempt…

  1. Isn’t trying to steal WoW accounts like so three years ago, guess people are still buying gold these days.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s