Does allakhazam sell our e-mail addresses? (was forum=21)Follow

I got a brand new (and quite sophisticated) phishing email directed at my allakhazam e-mail address (I use disposable and identifiable emails for every web acct). I haven't touched or used this account for like 4 years, so it was surprising it came out of nowhere.

If you don't sell e-mail addresses, then someone has scraped or hacked them from your system.

phishing content: "World of Warcraft -- Character Faction Change Notice" directing people to characterverify.com.

Just an FYI and beware to you all.

No, my username was anklebyter (I haven't visited this website in like 4 years) and my email was registered as allakhazam@_myuniquedomain_.com. That account is not associated with any battle.net account, only to this website.

Just thought I'd let people know in case its happening to many others.



Edited, Jul 28th 2010 3:51pm by anklebyter

Just wanted to post that I too just received this email as well.

Interestingly enough I also make site identifiable email addresses so I know who has either gotten hacked or sold my email address allowing me to block them at the mail server.



Edited, Jul 28th 2010 4:29pm by mearlus

Just got it a few minutes ago. My suspicions were confirmed when I found that it originated from a hotmail address.

I don't know the ins and outs on this stuff...I'd appreciate some official word on this, if possible.

http://forums.worldofwarcraft.com/thread.html?topicId=26262989118&sid=1

Got one too.

I am kinda excited... this was my very FIRST WoW Phishing email.

Considering I haven't played WOW in about 2 years, nor logged into ZAM since... And they are different email addresses, this phishing has nothing to do w/ the ads. On top of that I'm using Adblock Plus where those IP's are blocked anyways.

The only single place this email address was ever used on is Allakazam when I was checking it out years ago.

Why would you need 6 accounts?

Well yeah, i definitely see why you'd have 2, maybe three accounts, but 6? That just seems like overkill to me.

None of my four accounts have gotten it yet. (Darqflame is right: we do a lot of testing and the extras are handy.)

That's not the case. There's not even a single letter in common between my user name and e-mail address. There's no way to simply guess the e-mail address linked to my Alla account, so this isn't a case of phishers mass e-mailing Alla user names with @domains after them.

Again, I haven't posted to this forum until yesterday when I saw this other post with similar experiences. I also don't really care that much because I am just blocking inbound email to that address on my mail server. Considering the email was only used to register to this site, years ago and has not been used since by me it somehow leaked out of here. As with the original poster, I only mentioned I got the same thing in order to help bring awareness to a possible security hole in the sites server(s) and/or database(s).

Nothing would have scraped this email address from my client software. When originally created on the site any confirmation email goes to my catchall account on the server. The email client I used to read it is Evolution on my FreeBSD laptop. No malware there. I've only logged into this site with Opera or Firefox on the FreeBSD laptop or my Mac laptop. Again, no malware there either.

Anyways, I found the phishing email amusing and only poked back here to see if anyone else had it occur to them recently. I saw that someone had and decided to chime in to confirm I had it to my site specific email account (wowallakhazam@subdomain.domain.tld) address which I use to identify the originally targeted email so I can let sites know if spamming may be occurring from their databases. I do not use my forum username in any email addresses for the very reason of it possibly being scraped when/if I post.

I don't think anyone is blaming the server admins here, security holes/bugs crop up constantly. The best (worst) are ones that don't do any damage but grab user data and later do something with it. Its possible that this was gathered 2 years ago from a security hole then and not acted upon until now.

It definitely is a very specific WOW directed phishing attack. If any admin wants to see a copy I can send it with the source headers attached. It probably wont do any good other than for awareness as the originating source email server is indeed hotmail, I assume some other users account that was exploited to send from.

This all being said, I hope no other user info was gathered and that forum/user passwords are stored encrypted in the database unlike many other forum databases I've worked with are.

Nice, a second phishing email just came in. This is great stuff. This one is stating that some h***@hotmail.com email address has been now set as my battle.net address. If I didn't initiate the request click HERE (phishing link).

The Subject line for this one is: Battle.net -- Login Account Changed Confirm

Those who got the first phishing email yesterday, did you get this one now as well?

Yep, just got it today, exact same e-mail and to my Alla-registered address again. Although, this one was caught by my spam filter and sent to the spam folder. Obviously whoever happened upon Alla's user e-mail addresses isn't hitting up everybody, but it's clear they've got a decent amount. I'm sure there are a lot of people receiving those e-mails and shrugging it off because their e-mail address is registered to several gaming or MMORPG-specific sites, so they expect to receive WoW phishing e-mails, but it comes as a surprise for those of us that have e-mails only registered to Alla.