Well, someone has to make a start with the new revamped scam section, so why not me ^^?
How to protect yourself from getting phished by phishing sites.
The "normal" phisher
This is the most used phisher, that every kiddo can set up. It simply means they copied the layout (or at least mimic'd it) of the official world of warcraft site.
They usually spread these via emails, mostly with:
* Cataclysm Alpha/Beta Signup
* A special action like winning mounts.
* Telling you youre suspected of buying/selling gold or hacking accounts.
If you wonder how they got your email, they usually use a program that scans world of warcraft websites on emails.
How to reconize these phisher mails:
They come from "[email protected]" or "[email protected]". Blizzard never uses this for these kind of emails, however people who try to phish use a fake mailer to be able to use that mail address.
Also, if they ask for your password, secret question/answer or stuff like your address, its a scam! Because Blizzard will never ask for your password/SQA.
When they link you to a site, no matter how it looks in your email, it can be a phisher. They do that easily by faking the link with html (<a href>). Hover over the link and check at the bottom of your browser what the real link is.
The advanced phisherYou will rarely see this one, but it still excist. The hacker injects you in any way and changes your hosts file with this. That way, if you go to the official world of warcraft site he can still phish you. I haven't got experience with this, but this can easily be checked at your hosts file. This can be found at system32\drivers\etc\ . Open it as Admin to edit this, and check if there is anything related to World of Warcraft in there that you didn't put in yourself. Delete this and youre safe. Ofcourse, if there was something there, also scan your computer.
More guides will follow against Keylogging, Social Engineering etc .
-Aldun