I was also recently caught by one of these emails and I can tell you, some of them look really genuine. The one that caught me looked like this:
At the time I didn't suspect a thing. There were no grammatical errors common in the deperate spam, it actually suggests I maintain safe internet practices and provides a genuine link to the Authenticator FAQ and then suggests I safeguard my account information! I checked the links carefully for any sign of tampering (Edit: I missed the fact that the "http" on the second link was slightly off >.<). I was convinced it was the real deal and figured the someone who knew my account name tried to get my password reset. I decided to log into my account to see if I could find out more about this password resetting business. I clicked on the second link...
Days later I got hacked. My heart sank a bit, but I didn't see the need to get angry... after all, it was very likely my own fault. I checked through all of my emails (even the one above) and they all seemed clean. I did multiple virus scans on my pc, now certain that it was a sneaky trojan. Nothing.
I gave up in the end, stumped as to how they got my details. I'd submitted a report through Blizzard who told me they would likely be able to get everything back and that it should take about a week.
A week passed.
Two weeks passed.
Three... still no word from Blizzard. Then I stumbled across the answer to it all:
These were the genuine emails from Blizzard, informing me that (two weeks prior to my discovering them) everything had been restored. They had automatically gone in my spam folder.
At this stage I was thinking something like "Now why the frik did they get marked as spam?"
I checked my Gmail on the website to see if anything had been set to stop them coming through.
Nope, the genuine Blizzard mails had come through without a scratch - but even more intriguing was that the older email about the password request was nowhere to be seen. Eventually I found it in the webmail's spam folder with this big, red warning:
Gmail had spotted it, buried it in my spam folder, gave me a bloody-great big warning and made all of the links completely unclickable. The program I was using to deal with my emails at the time (it rhymes with Stoutcook) did not do anything of the sort. In fact, it not only let through the fake emails, but subsequently marked the following genuine emails as spam!
Needless to stay, I stopped using Loutrook and went back to my webmail.
There are a few lessons for everyone to learn here, the big one being be very careful what you do with your emails. No-one is immune (like I stupidly thought I was) and the more careful you are the safer your account will be. The absolute best advice I can give is to get an authenticator! Getting one will make your account more bulletproof than anything else. Sure, in Australia it'll cost you around $30 to have one shipped over, but it's a damn bargain for the kind of peace-of-mind it provides.
Anyway, we hope Rozie and the mammoth return soon - we're missing you already.
*shakes fist of sorrow*
-Ahz
No comments:
Post a Comment