Dec 302013

World of Warcraft Violates Our Policy Email Header

So a lot of phishing emails similar to this one come in regularly and most of them are for World of Warcraft.  So many are coming in that it should be pretty obvious that they are phishing emails and should be ignored.  But there are quite a few other ways that this email can be identified as a phishing email and then what can be done to report it.

The First indication that this email is not legitimate is the fact that it comes from a address.  Unfortunately, this is likely someone’s personal email address who had their account compromised by the person who is doing the phishing.

Second major indication of a phishing scheme should be the huge red notice at the top of the email saying that it contains content that is typically used to steal personal information.

If you missed those first two instance that it was likely spam then lets look at the rest of the wording in the email and see how bad the English is within the email:

World of Warcraft Violates Our Policy For - Email Body

Okay, going back to the title we are left with an unfinished sentence.  Not to mention the title seems to indicate that WoW is violating our policies and not that we are violating WoW’s policies.  That aside it leaves us wondering what we violated policies for.   This is however explained inside of the email body, using more horrible english.

So if the english wasn’t enough  then it should set an alarm go off that it was asking for your secret question and answer as well within the email.

If you still get to this point and have questions about the legitimacy of an email then it is best to dig deeper.  In this case you need to look at the original source of the email and find the actual URL it is using. In this case it didn’t take long to find the domain.

Source of WoW Phishing Email

Once the domain is found the next step is to look up the WHOIS information for the domain to see how owns it.

WoW Phishing Email Domain Information

As you can see in the screenshot about this domain is most certainly owned by someone else other than Blizzard Entertainment.

So by now it should be obvious that it is a domain that is likely phishing.  So without going to it we can go ahead and report phishing via Google

Report World of Warcraft Phishing Site

Then bask in the sweet glory

Phishing Report Successfully Sent message

It then only took an hour or two from reporting them before they blocked  that domai in Chrome and Firefox.


 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>