Blizzard is claiming to have sent mail with this text:
https://forums.worldofwarcraft.com/thread.h...=62318827&sid=1
Although I'm pleased to discover it wasn't a phishing attack, I am disappointed in Blizzard. They should have smart internet-savvy people working there. If they're going to do something like this, they need to:
1. Not use big button-type links in emails. Doing so just helps followup phishing attacks appear legitimate.
2. Tell people to navigate via www.worldofwarcraft.com instead of directing them to the largely unmarked (and easily spoofed) account management page. Once again, the 'helpful' redirect just makes later phishing attacks appear legitimate.
3. Publicize the effort and note (for the nth time) that Blizzard will never ask for account or password information.
https://forums.worldofwarcraft.com/thread.h...=62318827&sid=1
Quote: Within the last 2 days, players may have been receiving an email from Blizzard titled: "Are you ready for the Burning Crusade?"
The letter is legitimate, and it's a reminder to inactive or trial account players who may have been looking to return to Azeroth with the Burning Crusade, that doing so in advance of the launch would offer more time to download and install patches, and any tech support or billing queries could be addressed prior to launch.
We're also looking into reports that subscribers who haven't cancelled their accounts are also getting the email. If this applies to you, please be aware that email addresses tied to trial accounts and multiple accounts where one account is inactive are also included in the mailing list.
For players for whom these parameters do not apply, we apologize for the confusion, and we are actively investigating the source of this incorrect distribution.
Although I'm pleased to discover it wasn't a phishing attack, I am disappointed in Blizzard. They should have smart internet-savvy people working there. If they're going to do something like this, they need to:
1. Not use big button-type links in emails. Doing so just helps followup phishing attacks appear legitimate.
2. Tell people to navigate via www.worldofwarcraft.com instead of directing them to the largely unmarked (and easily spoofed) account management page. Once again, the 'helpful' redirect just makes later phishing attacks appear legitimate.
3. Publicize the effort and note (for the nth time) that Blizzard will never ask for account or password information.