small visual on how one forum scam works.

[[T]orus[B]east]

NOTE: The scam I am showing here I got from this thread and all credit should be given to this thread:http://www.mmowned.com/forums/wow-scams/21171-best-scam-now.html


This is just something I did for the people on this site that may not have as much luck as others at being succesfull at pulling off some of these scams. Especially in certain situations where the victim might be weary to give out certain information. I will provide screenshots and explinations of everything here to help as much as I can. So here goes nothing.

Ok as stated above This scam is from that thread. If you didn't read it, then let me give you a VERY quick run down of the scam. The scam starts by finding an account you want(or maybe don't want but meh it's an account)on your favorite forum site. Wowtrade.org, markeedragon, mmosell, etc... You find threads with posted e-mail addresses as a form of contact. Next you simply make an e-mail address at hotmail.com (read the credited thread for more info) and fill out a short e-mail that makes you sound like blizzard account investigation team (again credited thread).

The next part is waiting, and it's best if you send out as many as but not limited to 15 of these e-mails at a time to different people as alot of people are not dumb and will send you funny replies back. You should get about 2-3 sucessful hits out of 20 or so e-mails. Trick is get a reply and hope it has everything you need in it.. Sometimes it won't so I will show some screenshots and then detail how to get some of the other info you will need.

NOTE: If you have any questions up to this point I am going to just refer you to the credited thread as it has a wealth of information more then enough to answer any questions: http://www.mmowned.com/forums/wow-scams/21171-best-scam-now.html




This is the basic send out "phish" e-mail. Generic in it's look and likeness to the other 20 or so I sent out for this particular sitting.



This is the response I recieved back from a victim. It's important to note that here I didn't get EXACTLY the information I wanted. I got very little information actually, but with a little social skill and knowledge of how alot of people react to certain circumstances I wrote him a reply to try and get a full information reply from him.



This is the e-mail I wrote back to him. Not at all generic as I made this up on the spot to try and coax more out of him. Note I am friendly but stern here as if I am only following the rules of a job. I circled some key wording in here that may trigger some peoples reaction to be more paniced then rational and therefore question the validity less and fork over the info more. Now note that I also say "sorry if you are the Original owner of this account blah blah blah" as a way to not make them think I am for sure crucifing them and they still have a chance to prove they are in fact the owner with full information


Payday! His response to my second e-mail could have only been better if he had given me his CURRENT password. But he gave me EVERYTHING else I needed to proceed to getting the account which I will detail below.




Next, with this information I have everything to take control of the account. With one slight problem. The password he listed was not the current password on the account as I am sure he changed it himself thinking in the back of his mind this whole thing might be a farce. But not to worry there are ways around this.

*First you could always call blizzard with the information you have minus the password and have them change your e-mail on the spot for you and reset your password, but this can take upto an hour on hold. I avoid this option if possible.

* Secondly it is important to remember that most humans are creatures of habbit. This being a flaw when it comes to account security. Most people will re-use the same PW for EVERYTHING and I mean EVERYTHING cause it's easy for them to remember 1 PW as opposed to 5 or 6. Makes sense but security wise very dumb.

I used the Second method here. I used the password he gave me with the hotmail e-mail he gave me and gained access to his hotmail account. Ahh, now it's all smooth sailing from here, I sent a change e-mail request to his account first. Approved it from his account. Deleted that e-mail from his inbox and deleted folders so that he had no idea what e-mail it was changed to.

From there I did a password reset with the SQ/A that got sent to my e-mail address so that I had access to his account. Then it was just a matter of logging in, changing a few more details, phone number, and the like. And Bam I had an account with a 70 a 49 twink and a 19 twink

I hope this has helped some of you figure out scams like this one. It's easy if you take the time to work around the road blocks. I am sorry if this offends someone or whatever, I am just trying to contribute to the community. I hope you all enjoy.. Thanks!

[Dysteria]

I liked this. +rep for being well written.

[[T]orus[B]east]

Thanks, also if anyone needs help with scams. in Particular Forum based scams I am free to help you.

Note: I wil NOT do these scams FOR you as I beileve you will learn nothing if someone does the work for you. So do not PM me asking me to scam this or that account cause I will ignore it. But if you need help on a scam PM me and I will help you if I can. :P

[burnzy12]

This does not work with hotmail anymore

[[T]orus[B]east]

This does not work with hotmail anymore

yes it does I just did the one I posted like a day ago and I did another one today. i'm confused why you would say it doesn't work when I am still getting accounts with it.

Leechers ftw

[[T]orus[B]east]

Got a question through PM.

Someone asked how in one of the screenshots it says "Blizzard Entertainment Europe" and the others it doesn't yet the guy still was able to not catch it.

Answer: It's a small thing to catch for most people that buy an e-mail like this. They are more worried about their beloved account getting banned, locked or deleted. They generally won't notice that . But yeah that was my mistake.

I have 2 templates I use for scamming US and EU accounts. I accidently had part of the EU template on my US Template and so that mistake/oversight was made. You all might not want to make that same mistake. Heh, cause on the off chance they notice... It's all over.