This is a guide to help fellow MMowned users avoid being scammed. If you do not browse the scam section constantly, or have a trained eye, you could fall victim to a scam. I have collected information on many various scams and listed them here, and I will teach you how to tell a scam apart from the real thing.
This guide is broken into sections:
1. Account scams
Section 1: Account Scams
This is the most common type of scam out there today. Everyone wants your account. Who doesn't want free characters or gold? The number one way your account can be scammed is through a phishing site.
I. Phishing Sites
II. E-mail scams
III. "Friends" -Social Engineering
IV. Viruses
I. Phishing sites ---------------------------------------------------------
When you get an e-mail from blizzard regarding "account verification" or some other info, and a link is provided, check the link in the status bar, found in the lower left corner of your Internet Explorer or Firefox browser window. (Haven't used Chrome) It should start off with exactly one of the following. No variations.
Wrath of the Lich King In Stores 11.13.08
https://beta.worldofwarcraft.com/ <-- Notice the https, not sure if http makes a difference
You get the idea. Also there is armory, etc. But, also be aware of sites like "Worldofwarcraft.googlepages.com" Since when does Blizzard, a company making 170 million dollars a month alone in WoW subscriptions, need to make a free googlepage or something of the sort? THEY DON'T!
II. E-mail scams ---------------------------------------------------------
"Hey guys! Guess what! I got my Lich King beta invite today! I can't wait to make a death knight! All I had to do was click the link in the e-mail and give them all of my...oh wait..."
These work in conjunction with phishing sites. I took a 2 month break from WoW once, and found an "Immediate Account Action Required" email from "[email protected]" (Yes, the exact e-mail. E-mail's SenderID can be faked.) The e-mail said I (the original owner by the way) had been caught trying to trade my account and I needed to verify all of my information or it would be banned. I HADN'T PLAYED IN SEVERAL WEEKS!!! NO ONE ELSE COULD ACCESS MY ACCOUNT!!! WTF?
So I didn't reply and sure enough nothing bad happened.
The MOST COMMON fake e-mails are beta invites. They can be identical. The link can say "https://beta.worldofwarcraft.com/wotlk231312" or whatever the real site is, but it most likely isn't to the real site. See if there is a different site in the status bar. ALSO BE CAREFUL OF ONES WITH THE REAL SITE BUT THEY SAY "refer=www%23yahoo%23com" or something of the sort. It shouldn't have a referer. I don't know how this works exactly, but it can somehow intercept data packets as a referer I believe.
There is ONE AMAZING WAY to avoid ALL E-MAIL SCAMS, AND MAKE YOURSELF ALMOST IMMUNE TO THEM!!!
Create a secret e-mail, register your WoW account to it and never use it for anything else. Store the e-mail login info for this account on a piece of paper in a desk drawer or something. If you never post that e-mail anywhere else, you can safely assume that 99.9% (repeating, of course) of the e-mails you get from blizzard on that account are AUTHENTIC and that ALL OTHERS ARE FAKE.
1. Create the email.
2. Register it to your WoW account
3. Keep the info safe, never type that e-mail in for any forums, ANYTHING!
People aren't perfect. Just look at all of my spelling errors in this post! (Ha,ha!) Many people send out these fake e-mails and don't test them first with multiple mail servers. I noticed this in one e-mail:
WarcraftŽ: The Burning CrusadeŽ
His HTML or something didn't process correctly. Blizzard makes enough cash to have multiple individuals proof-read public outgoing e-mails. Check for WEIRD spelling errors. (Blizzard CAN make a mistake, they aren't all robots) but beware constant spelling errors.
III. "Friends" ---------------------------------------------------------
Good friends adventure together, join a guild together, depending on their orientation and gender they...nevermind. But good friends DON'T NEED TO PLAY YOUR WoW account!!! Anyone you meet in a virtual world can make up ANY fact. Name. Age. Location. Thats a big one, location.
Social engineering is unfortunately a common way stuff is stolen. A great friend who you may have just met or have known for a while asks for account access, or asks to borrow a large amount of gold. You must decide for yourself, some friends ARE legit, but there are many shady characters out there.
They won't always ask for your account or gold straight out though. Getting your e-mail, location (City > Zipcode > secret question answer for hotmail possibly), favorite movie, etc. They will pretend to live near you, love Harry Potter too, know your mother from 10 years ago, whatever it takes.
Make sure you know your e-mail SQA and do not share it or any related information.
This doesn't mean to not trust anyone, I have good friends who go on my account, but judge your friends by their character. See if they steal from others, or laugh at others misfortunes. Also the whiners. They beg you and b*tch at you if you can't help them that instant, or let them borrow 1,000g right NOW. STAY AWAY FROM THESE PEOPLE.
IV. Keyloggers...Trojans...what iz datz?? ---------------------------------------------------------
These hackers are the hardest to defend against. They don't need you to go to worldofwarcraft.googlepages.com and fill in your info. They may just need you to click on their site (Yes. There are exploits to hide file downloads so a virus can run just from you visiting a site) or download this amazing speedhack that CLAIMS not to have a virus. You may download an autoit script meant to be an honor bot that can download a trojan AFTER its installed, thus causing a virus scanner to find nothing initially, and then it downloads and the virus is free to run.
A keylogger...logs your keys. It then sends a data file to a remote location. The hacker has your info and when you wake up in the morning he has your account as well.
The best way to defend against this is to be cautious, obviously.
1. Don't download hacks. Most don't work. MMOwned does have some safe hacks though, and I believe Glider is a safe bot. Still exercise extreme caution. By the way, THERE IS NO DUPE FOR WOW!!!
2. Be careful of e-mails that have links. If an email wants you to go to the WoW website, don't be lazy. Type the address in the address bar yourself.
3. Use good antivirus software with real-time protection. I use AVG Pro. Its worth the money, and AVG free isn't bad either. Update it daily. (Automatically even)
4. Use a firewall. Windows firewall is sh$@ty. I use Zonealarm Security Suite. I get an alert if a program wants to connect to the internet, log my keys, act as a server, edit a system file, or anything else dangerous. Worth the money 120%. Zonealarm free works too, just not all the protection.
=========================================================
TBC (To be continued, not The Burning Crusade!!)