Forum Settings
       
« Previous 1 2 3
Reply To Thread

Does allakhazam sell our e-mail addresses? (was forum=21)Follow

#1 Jul 28 2010 at 1:43 PM Rating: Decent
I got a brand new (and quite sophisticated) phishing email directed at my allakhazam e-mail address (I use disposable and identifiable emails for every web acct). I haven't touched or used this account for like 4 years, so it was surprising it came out of nowhere.

If you don't sell e-mail addresses, then someone has scraped or hacked them from your system.

phishing content: "World of Warcraft -- Character Faction Change Notice" directing people to characterverify.com.

Just an FYI and beware to you all.

#2 Jul 28 2010 at 1:48 PM Rating: Excellent
*****
10,599 posts
Is your email similar to your username? I wouldn't be surprised if every poster in that thread wasn't generating username@hotmail, gmail etc emails just in case.

I pretty comfortable with ZAM, I highly doubt they sell email addresses.

Edited, Jul 28th 2010 2:49pm by Xsarus
____________________________
01001001 00100000 01001100 01001001 01001011 01000101 00100000 01000011 01000001 01001011 01000101
You'll always be stupid, you'll just be stupid with more information in your brain
Forum FAQ
#3 Jul 28 2010 at 1:50 PM Rating: Good
No, my username was anklebyter (I haven't visited this website in like 4 years) and my email was registered as allakhazam@_myuniquedomain_.com. That account is not associated with any battle.net account, only to this website.

Just thought I'd let people know in case its happening to many others.



Edited, Jul 28th 2010 3:51pm by anklebyter
#4 Jul 28 2010 at 2:17 PM Rating: Default
***
3,157 posts
Nope, I've never gotten a phishing mail at all for WoW, and I sometimes check my SPAM folder just to be sure.
Am I to assume you don't have an ad or flash blocking solution?
#5 Jul 28 2010 at 2:29 PM Rating: Good
Just wanted to post that I too just received this email as well.

Interestingly enough I also make site identifiable email addresses so I know who has either gotten hacked or sold my email address allowing me to block them at the mail server.



Edited, Jul 28th 2010 4:29pm by mearlus
#6 Jul 28 2010 at 2:37 PM Rating: Good
Great minds think alike mearlus.

This has nothing to do with flash blockers or whatnot jaysgsl, I think allakhazam needs to take a serious look at how someone may have obtained a listing of e-mail addresses from their site(s) or database(s), and using them for stealing WoW account logins.

Either that, or they need to cease selling e-mail account information to third parties, because one of them is using it for malicious purposes.

Any comment ZAM staff? Any other users getting this phishing email?

Edited, Jul 28th 2010 4:37pm by anklebyter
#7 Jul 28 2010 at 2:41 PM Rating: Good
Sage
****
6,471 posts
anklebyter wrote:
Great minds think alike mearlus.

This has nothing to do with flash blockers or whatnot jaysgsl, I think allakhazam needs to take a serious look at how someone may have obtained a listing of e-mail addresses from their site(s) or database(s), and using them for stealing WoW account logins.

Either that, or they need to cease selling e-mail account information to third parties, because one of them is using it for malicious purposes.

Any comment ZAM staff? Any other users getting this phishing email?

Edited, Jul 28th 2010 4:37pm by anklebyter


Just got it a few minutes ago. My suspicions were confirmed when I found that it originated from a hotmail address.

I don't know the ins and outs on this stuff...I'd appreciate some official word on this, if possible.
#8 Jul 28 2010 at 4:49 PM Rating: Default
***
3,157 posts
anklebyter wrote:

This has nothing to do with flash blockers or whatnot jaysgsl, I think allakhazam needs to take a serious look at how someone may have obtained a listing of e-mail addresses from their site(s) or database(s), and using them for stealing WoW account logins.


No, it has a lot to do with ad and flash blocking. You are visiting this site, an ad with a flyby installer uses an open gateway (the ad) to install itself.
It then uses simple ad-ware routines to look through your cookies and see that you have xxx@xxxxx.com registered to a World of Warcraft themed website. From there, it automatically sends a report to the process server that you're a prime candidate for the phishing mail.
#9 Jul 28 2010 at 5:12 PM Rating: Good
***
2,204 posts
http://forums.worldofwarcraft.com/thread.html?topicId=26262989118&sid=1

Got one too.

I am kinda excited... this was my very FIRST WoW Phishing email.
#10 Jul 28 2010 at 5:28 PM Rating: Decent
**
892 posts
I got the exact same e-mail today, and I don't have that e-mail address subscribed to any other gaming or otherwise vaguely-related forums. I thought my e-mail address was concealed and protected here on Alla, but apparently not. Either they started selling e-mail addresses (unlikely) or someone's found a way to exploit Alla's security and gain access to the addresses in some way (more likely).
Also, I don't even play WoW and never have. I instantly knew that the e-mail had something to do with my Alla account as there's no other explanation for how a WoW phisher ended up with that particular e-mail address.
#11 Jul 28 2010 at 6:21 PM Rating: Decent
Considering I haven't played WOW in about 2 years, nor logged into ZAM since... And they are different email addresses, this phishing has nothing to do w/ the ads. On top of that I'm using Adblock Plus where those IP's are blocked anyways.

The only single place this email address was ever used on is Allakazam when I was checking it out years ago.
#12 Jul 28 2010 at 9:15 PM Rating: Excellent
Spankatorium Administratix
*****
1oooo posts
I have at least 6 accounts here, I haven't received one.

We've never sold email addresses, that's bad business.





Edited, Jul 28th 2010 10:22pm by Darqflame
____________________________

#13 Jul 28 2010 at 9:17 PM Rating: Good
Why would you need 6 accounts? Smiley: confused
#14 Jul 28 2010 at 9:22 PM Rating: Excellent
Spankatorium Administratix
*****
1oooo posts
ThePsychoticOne the Prohpet wrote:
Why would you need 6 accounts? Smiley: confused


We test things regularly, me more often then most. I need them, they all have unique emails.
____________________________

#15 Jul 28 2010 at 9:24 PM Rating: Good
Well yeah, i definitely see why you'd have 2, maybe three accounts, but 6? That just seems like overkill to me.
#16 Jul 29 2010 at 12:45 AM Rating: Decent
*
67 posts
I dont post very often (number 2 I think ^^), I have been on alla for a while though. The e-mail that I use for this site has not been targeted.

Perhaps the huge influx of posters recently has made the posters names targets. Especially when people are stating using site specific email adresses. It doesnt take a genius to guess 'username.allakhazamATsomewhere.com'

In fact, it can be used to spam very easily.
#17 Jul 29 2010 at 1:08 AM Rating: Excellent
Special Snowflake
Avatar
****
6,786 posts
None of my four accounts have gotten it yet. (Darqflame is right: we do a lot of testing and the extras are handy.)
____________________________
[img]http://i12.photobucket.com/albums/a230/calthine/EmptyMind-2.jpg[/img]
Community Manager | QA Lead
ZAM: Support FAQ | Forum FAQ | Forum Rules
Cook Ten Rats
#18 Jul 29 2010 at 2:17 AM Rating: Excellent
Spankatorium Administratix
*****
1oooo posts
ThePsychoticOne the Prohpet wrote:
Well yeah, i definitely see why you'd have 2, maybe three accounts, but 6? That just seems like overkill to me.


For example, I was just recently testing out linking up wowhead, mmoui and tankspot. For two of those sites I cannot unlink some since I don't have backend access and code hadn't been written at the time I was testing. I tested it going many directions, if I couldn't unlink some of them, I'd probably have more.
____________________________

#19 Jul 29 2010 at 4:27 AM Rating: Good
**
892 posts
Quote:
Perhaps the huge influx of posters recently has made the posters names targets. Especially when people are stating using site specific email adresses. It doesnt take a genius to guess 'username.allakhazamATsomewhere.com'

That's not the case. There's not even a single letter in common between my user name and e-mail address. There's no way to simply guess the e-mail address linked to my Alla account, so this isn't a case of phishers mass e-mailing Alla user names with @domains after them.
#20 Jul 29 2010 at 5:42 AM Rating: Good
FYI, your other emails can be picked up from your computer no matter which one you sign into depending on the sites you go through and whatnot. I get phising emails on my WORK email, and it isn't part of the Alla site or any other forum. It's just the way it is...


... so stop looking at ****
#21 Jul 29 2010 at 10:33 AM Rating: Good
Again, I haven't posted to this forum until yesterday when I saw this other post with similar experiences. I also don't really care that much because I am just blocking inbound email to that address on my mail server. Considering the email was only used to register to this site, years ago and has not been used since by me it somehow leaked out of here. As with the original poster, I only mentioned I got the same thing in order to help bring awareness to a possible security hole in the sites server(s) and/or database(s).

Nothing would have scraped this email address from my client software. When originally created on the site any confirmation email goes to my catchall account on the server. The email client I used to read it is Evolution on my FreeBSD laptop. No malware there. I've only logged into this site with Opera or Firefox on the FreeBSD laptop or my Mac laptop. Again, no malware there either.

Anyways, I found the phishing email amusing and only poked back here to see if anyone else had it occur to them recently. I saw that someone had and decided to chime in to confirm I had it to my site specific email account (wowallakhazam@subdomain.domain.tld) address which I use to identify the originally targeted email so I can let sites know if spamming may be occurring from their databases. I do not use my forum username in any email addresses for the very reason of it possibly being scraped when/if I post.

I don't think anyone is blaming the server admins here, security holes/bugs crop up constantly. The best (worst) are ones that don't do any damage but grab user data and later do something with it. Its possible that this was gathered 2 years ago from a security hole then and not acted upon until now.

It definitely is a very specific WOW directed phishing attack. If any admin wants to see a copy I can send it with the source headers attached. It probably wont do any good other than for awareness as the originating source email server is indeed hotmail, I assume some other users account that was exploited to send from.

This all being said, I hope no other user info was gathered and that forum/user passwords are stored encrypted in the database unlike many other forum databases I've worked with are.
#22 Jul 29 2010 at 11:01 AM Rating: Excellent
**
432 posts
I have several of my own domain names with just a few valid email names each of them. But there is a catch-all setup that allows me to use AnyNameIWant@mydomain.com, and email sent to those names will be forwarded to a specific email (eg: catchall@mydomain.com). For every site I register at, I might use a different email name in mydomain, but most often something associated with the site, eg:
allakhazam@mydomain.com
sony@mydomain.com
starbucks@mydomain.com
amazon@mydomain.com
etc.
So if I see an incoming email to a particular name coming from some other unrelated sender, then I could assume that my email was sold/stolen/scraped somehow. However, what I do with email addresses is not uncommon, so I would imagine that spam artists are already generating email addresses of this form using common company/organization names.

#23 Jul 29 2010 at 1:50 PM Rating: Good
Nice, a second phishing email just came in. This is great stuff. This one is stating that some h***@hotmail.com email address has been now set as my battle.net address. If I didn't initiate the request click HERE (phishing link).

The Subject line for this one is: Battle.net -- Login Account Changed Confirm

Those who got the first phishing email yesterday, did you get this one now as well?
#24 Jul 29 2010 at 1:52 PM Rating: Decent
Very true about others doing the catchall account. That's why I use a subdomain so it's not easily 'guessed' as that subdomain is not used for anything else. Still possible, but I doubt a randomly generated WOW phishing email going to my account that is "wowallakhazam@subdomain.domain.tld" address would be so exact. Possible I suppose, but I highly doubt it.
#25 Jul 29 2010 at 5:04 PM Rating: Good
**
892 posts
Quote:
The Subject line for this one is: Battle.net -- Login Account Changed Confirm

Those who got the first phishing email yesterday, did you get this one now as well?


Yep, just got it today, exact same e-mail and to my Alla-registered address again. Although, this one was caught by my spam filter and sent to the spam folder. Obviously whoever happened upon Alla's user e-mail addresses isn't hitting up everybody, but it's clear they've got a decent amount. I'm sure there are a lot of people receiving those e-mails and shrugging it off because their e-mail address is registered to several gaming or MMORPG-specific sites, so they expect to receive WoW phishing e-mails, but it comes as a surprise for those of us that have e-mails only registered to Alla.
#26 Jul 29 2010 at 5:18 PM Rating: Excellent
Spankatorium Administratix
*****
1oooo posts
There is nothing in this end. We do not sell email addresses and we have not been hacked, as someone so graciously put it.

I find it surprising there isn't more. Also, that there's a thread on wow gen forums that other people, who don't frequent our site are getting it as well, with only 8 non blue posts.

I apologize you are getting this crap, but you are not receiving it because of us. Thankfully, by now, you know what an phishing email looks like and know better than to click a link in it. However, there are those that don't and we appreciate that you are trying to warn your fellow player.
____________________________

« Previous 1 2 3
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 2 All times are in CST
Anonymous Guests (2)