Phishers, the devil’s in the details!

Phishing is presumably big business (although maybe not). Because email is very cheap to send, phishing has a low barrier for entry. Usually, Gmail’s spam filter is so accurate that I don’t see the phishing emails, however, recently some Blizzard themed messages have gotten through. I get the impression that the emails are crafted by foreigners who lack the finesse necessary to deceive people–a good thing, no doubt. As with most pursuits, the devil is in the details. Let me illustrate with the most recent email to pierce Gmail’s phishing armor:

Hello, thank you for shopping at the Blizzard Store!

StarCraft II®: Wings of Liberty™: 6129523855006794206159153

To use this key to activate the game, simply follow these instructions:
1. Log in to your Battle.n Account – Or Create a Battle.net Account

2. Verify your e-mail address. (If you have previously verified your address, skip this step.) From the main Account Management page, click the ‘verify this e-mail address’ link. Then, check your e-mail account for a verification e-mail. Click the link in this e-mail to verify your e-mail address.

3. Return to the Battle.net account management page, then click on ‘Code Redemption’.
4. Enter the above CDKey in the code field.

5. Once you have successfully redeemed this code, you will be able to play the game.

NOTE: If you have previously chosen to gift your digital purchase, attaching this key to their Battle.net account will prevent you from being able to redeem this key with your Battle.net account.

Order Date: 2010-8-10
Order #: 2573775

(1) StarCraft II®: Wings of Liberty™ – $59.99

Credit Card Number : ****-****-****-9527
Credit Card Type : Vista
Item Subtotal: $59.99
Tax: $0.00
Shipping & Handling: $0.00
Shipping Tax: $0.00
Grand Total: $59.99
===========================================

If you have any questions or concerns about your order, please contact us at:

Phone: Toll-free at (1-800-592-5499)
Website: http://us.blizzard.net/account

Live phone support is available seven days a week, 8:00AM – 8:00PM Pacific Time.

Thanks for shopping with us!
Blizzard Customer Service

I like the use of ® and ™! Those are definitely nice touches. However, Blizzard begins by greeting you with the name on the account. Moving on, the CD key should have dashes. Whoops. Next, we see “Battle.n Account – Or Create at Battle.net Account.” Within a few words, they misspell Battle.net and give you the proper spelling. Then there’s the gratuitous use of capitalization throughout. Seen here on “Account,” “Or,” and “Create.” Throughout, there are a few small, unprofessional and inconsistent bits, like the lack of carriage return between items 3 and 4. Then “CDKey” is lacking a space… Another awesome failure: the “Vista” credit card type! A couple lines lower, the “Shipping Tax” itemized seems off.

To be fair, if you were expecting a StarCraft email (sadly, the phishers are two weeks late) and gave only  a quick glance, the email could work. It is apparently sent by Blizzard Entertainment! However, digging deeper in the email header we see more incorrect details:

from Blizzard Entertainment
to seth@sethholloway.com
date Wed, Aug 11, 2010 at 8:46 PM
subject Battle.net Account Management
mailed-by hotmail.com

Mailed by hotmail? Phishy. Details, details!

Also, it’s important to hover over links before following them… This is probably my favorite part: “wowsuppor-check-blizzard.com.” I guess wowsupport-check-blizzard.com was already registered And, of course, official Blizzard emails direct you to us.battle.net instead of blizzard.com. Details!

Another detail that reeks of fraud is the use of “WoW”/”wow”, which refers to another Blizzard product, World of Warcraft. Account management, StarCraft II, and World of Warcraft blend into one weak attempt at phishing.

I believe that every critique should come with a suggestion, so here’s my suggestion: buy a legitimate copy of StarCraft II and copy the official email exactly, changing only the link (from official site to your faked site). Then, replicate their website and direct people to the fake. To Blizzard’s credit they do not make copying the page easy because they cleverly use dynamically rendered Ajax elements with obfuscated JavaScript and XSLT. They also have a lot of content and they update the pages regularly. Another idea: direct them to your domain, infect their computer with malware, and quickly forward them to battle.net so they’re none the wiser.

If you want to step up to the big leagues, you’ll have to concentrate on the details!

World of Warcraft customer service sucks

I play World of Warcraft (WoW). I have played off and on since the game was released four years ago. Now the folks at Blizzard have released a second expansion, Wrath of the Lich King (WotLK). Prior to WotLK’s release, Blizzard started a promotion called Recruit a Friend (RaF). RaF allows a veter to recruit a friend and play together with a number of benefits. The key benefit, in my opinion, was the ability for the friend to grant levels to the veteran essentially keeping both characters at the same level so they can continue to adventure together.

The deal hit after I had quit, so a friend of mine referred me and we played. You can see that I created the account on August 5th.

The official site shows the account was created August 5

On November 3, the last night of our account link (which ran through 11-4-08 as seen below), I had several levels to grant to Jason.

The official site shows accounts are linked until Nov 4

We met up and found that we were no longer linked. We both opened a help request in game. After four hours a game master (GM) showed up to Jason and was pretty professional. I got a sassy son of a bitch who closed the help ticket while I was talking to him. Eventually Jason was told to contact billing because there was nothing more the GM could do for him.

The next day Jason called billing and found out that our accounts were linked for exactly 90 days and the time displayed on the website was only an estimate.

To add insult to injury, the ultimate resolution was three free days of play-time. No level grants, no honoring the contract, just three days play-time and a lot of disingenuous apologetic hogwash. Bah!