Trending Games | World of Warcraft | Overwatch | The Division 2 | Anthem

    Facebook Twitter YouTube Twitch.tv YouTube.Gaming Discord
Register
Quick Game Jump
Members:3,839,976 Users Online:0
Games:949 

Show Blog

Link to this blogs RSS feed

Battling the MMO Mass Market

I play, I test, I enjoy MMO's, but there is a dark side to Games, Players, and cheaters. I will expose them all in a no holds barred style....

Author: Chronis

Proof of Gold Selling from China

Posted by Chronis Saturday November 13 2010 at 1:25PM
Login or Register to rate this blog post!

Got my newest entry in the phishing-steal-your-account sapm in my inbox.  Well, actually its been a few days, I really got two of the beta invites, one password reset notice and an account banned notice.  I wont list them here, as each of them have the same host domain and each of them are being channeled through an austrailain mail server.  Well, here is the domain lookup for them:

 

Domain Name ..................... blizzard-password-us-eu.com
Name Server ..................... dns23.hichina.com
                                  dns24.hichina.com
Registrant ID ................... hc587716510-cn
Registrant Name ................. yang yao
Registrant Organization ......... rongweiw angluo
Registrant Address .............. jiefang lu mingzu
Registrant City ................. zhengzhou
Registrant Province/State ....... HA
Registrant Postal Code .......... 532648
Registrant Country Code ......... CN
Registrant Phone Number ......... +86.07316543289 -
Registrant Fax .................. +86.07316543289 -
Registrant Email ................ @qq.com
Administrative ID ............... hc587716510-cn
Administrative Name ............. yang yao
Administrative Organization ..... rongweiw angluo
Administrative Address .......... jiefang lu mingzu
Administrative City ............. zhengzhou
Administrative Province/State ... HA
Administrative Postal Code ...... 532648
Administrative Country Code ..... CN
Administrative Phone Number ..... +86.07316543289 -
Administrative Fax .............. +86.07316543289 -
Administrative Email ............ @qq.com
Billing ID ...................... hc587716510-cn
Billing Name .................... yang yao
Billing Organization ............ rongweiw angluo
Billing Address ................. jiefang lu mingzu
Billing City .................... zhengzhou
Billing Province/State .......... HA
Billing Postal Code ............. 532648
Billing Country Code ............ CN
Billing Phone Number ............ +86.07316543289 -
Billing Fax ..................... +86.07316543289 -
Billing Email ................... @qq.com
Technical ID .................... hc587716510-cn
Technical Name .................. yang yao
Technical Organization .......... rongweiw angluo
Technical Address ............... jiefang lu mingzu
Technical City .................. zhengzhou
Technical Province/State ........ HA
Technical Postal Code ........... 532648
Technical Country Code .......... CN
Technical Phone Number .......... +86.07316543289 -
Technical Fax ................... +86.07316543289 -
Technical Email ................. @qq.com
Expiration Date ................. 2011-11-12 10:39:00

Information Updated: Fri, 12 Nov 2010 20:26:39 UTC

 

The part I love is that these filthy chinese hackers have a sense of humor, listing their return address on the domain as 'qq.com' :)

If I can educate only one person, then I am happy.  Here are the rules for safe dealings with blizzard:

1. Don't trust any emails you get from blizzard ever! Hackers are copying real emails from blizzard and what you get usually IS an actual letter, just not sent to you.  It will look and feel like a real blizzard communication.  If the letter instructs you do do something, NEVER click on a link in the letter, instead, you should open your browser and go to battle.net yourself.  You will then notice your account is not banned, hacked and your password is still intact.

2. Never go to anything else but battle.net or blizzard.com!  Phishers links in emails show the correct address, but the hidden link goes elsewhere.  Simply hover over the questionable link and look at the bottom of your IE to see where it is really going.  Again, never click it (See rule #1)

3. If you accidentally click such a link and realize it, well your screwed.  Some phishing sites merely get you to input your login information, others will also include a piece of malware to keylog future passwords as well.  There is no sure way of telling if your virus scanner or spyware detector has removed the latest bit of crap they just installed on your machine.  My personal opinion is to wipe, format and reload your machine from scratch.  Oh, and if your on a network at home, you may have just allowed the virus access to everyone elses machine as well.

Well, next blog I'll delve into more of the mechanics of how these guys operate, and with any luck, possibly an interview with an ex- gold farmer.

Radno writes:

I quit WOW over 2 years ago, but I still  get 6 or 8 of these phishing emails per day. I always mark them as "phishing scam" but that is probably useless in Hotmail.

Tue Nov 16 2010 2:31PM Report
minix2poo writes:

Well, I never played wow, still getting these mails every day. Just lucky that my Norton AV fishes out like 90%+ of it. Yesterday I had 1 going through Norton, so I just followed the link and logged in with username: fuckyou and password:fuckyou

Wed Nov 17 2010 9:05PM Report
xBludx writes:

Yes, the hackers are filthy.

But equally nasty are the scum who purchase from them, thus driving their business.

Why do we let them off the hook?

Fri Nov 19 2010 2:52AM Report
Phlegethon writes:

Same, here. I never played WoW and I get these scams. They are automatically forwarded to my trashcan.

Sat Nov 20 2010 3:16PM Report

MMORPG.com writes:
Login or Register to post a comment