NOTE: The scam I am showing here I got from this thread and all credit should be given to this thread:http://www.mmowned.com/forums/wow-scams/21171-best-scam-now.html
This is just something I did for the people on this site that may not have as much luck as others at being succesfull at pulling off some of these scams. Especially in certain situations where the victim might be weary to give out certain information. I will provide screenshots and explinations of everything here to help as much as I can. So here goes nothing.
Ok as stated above This scam is from that thread. If you didn't read it, then let me give you a VERY quick run down of the scam. The scam starts by finding an account you want(or maybe don't want but meh it's an account)on your favorite forum site. Wowtrade.org, markeedragon, mmosell, etc... You find threads with posted e-mail addresses as a form of contact. Next you simply make an e-mail address at hotmail.com (read the credited thread for more info) and fill out a short e-mail that makes you sound like blizzard account investigation team (again credited thread).
The next part is waiting, and it's best if you send out as many as but not limited to 15 of these e-mails at a time to different people as alot of people are not dumb and will send you funny replies back. You should get about 2-3 sucessful hits out of 20 or so e-mails. Trick is get a reply and hope it has everything you need in it.. Sometimes it won't so I will show some screenshots and then detail how to get some of the other info you will need.
NOTE: If you have any questions up to this point I am going to just refer you to the credited thread as it has a wealth of information more then enough to answer any questions: http://www.mmowned.com/forums/wow-scams/21171-best-scam-now.html
This is the basic send out "phish" e-mail. Generic in it's look and likeness to the other 20 or so I sent out for this particular sitting.
This is the response I recieved back from a victim. It's important to note that here I didn't get EXACTLY the information I wanted. I got very little information actually, but with a little social skill and knowledge of how alot of people react to certain circumstances I wrote him a reply to try and get a full information reply from him.
This is the e-mail I wrote back to him. Not at all generic as I made this up on the spot to try and coax more out of him. Note I am friendly but stern here as if I am only following the rules of a job. I circled some key wording in here that may trigger some peoples reaction to be more paniced then rational and therefore question the validity less and fork over the info more. Now note that I also say "sorry if you are the Original owner of this account blah blah blah" as a way to not make them think I am for sure crucifing them and they still have a chance to prove they are in fact the owner with full information
Payday! His response to my second e-mail could have only been better if he had given me his CURRENT password. But he gave me EVERYTHING else I needed to proceed to getting the account which I will detail below.
Next, with this information I have everything to take control of the account. With one slight problem. The password he listed was not the current password on the account as I am sure he changed it himself thinking in the back of his mind this whole thing might be a farce. But not to worry there are ways around this.
*First you could always call blizzard with the information you have minus the password and have them change your e-mail on the spot for you and reset your password, but this can take upto an hour on hold. I avoid this option if possible.
* Secondly it is important to remember that most humans are creatures of habbit. This being a flaw when it comes to account security. Most people will re-use the same PW for EVERYTHING and I mean EVERYTHING cause it's easy for them to remember 1 PW as opposed to 5 or 6. Makes sense but security wise very dumb.
I used the Second method here. I used the password he gave me with the hotmail e-mail he gave me and gained access to his hotmail account. Ahh, now it's all smooth sailing from here, I sent a change e-mail request to his account first. Approved it from his account. Deleted that e-mail from his inbox and deleted folders so that he had no idea what e-mail it was changed to.
From there I did a password reset with the SQ/A that got sent to my e-mail address so that I had access to his account. Then it was just a matter of logging in, changing a few more details, phone number, and the like. And Bam I had an account with a 70 a 49 twink and a 19 twink
I hope this has helped some of you figure out scams like this one. It's easy if you take the time to work around the road blocks. I am sorry if this offends someone or whatever, I am just trying to contribute to the community. I hope you all enjoy.. Thanks!