Another reason to love Firefox

So I fell for a phishing attempt for the first time, today. It was a scheme to steal my Battle.net account information. I don't have WoW, but I do have Diablo II registered on there, so I suppose they wanted that?

Anyway, the phisher fooled hotmail into thinking the email came from [email protected] , which I know to be their email for sending me account notices. The actual email came from [email protected], which is clearly a spammer address, but you can only find this out if you look at the message source (thanks for that hotmail). The email was a pretty good replication of a Blizzard automated message telling me that my account settings had changed and that if I had changed them, ignore the email, but if I had not, go here to review my account settings.

I always always look at the url of links in email messages, but for whatever reason I didn't this time. Stupid of me, but I guess the combination of the known return address and legitimate looking message had my guard down. The link went to http://www.battle.net-supporsafety-management.com/ which is a phishing site where I assume I would have received a virus or would have given them my account info or whatever.

Except that Firefox saved me from myself.

Instead, I got a big red screen from Firefox telling me I did not want to go there and I woke up and looked again at the email and I figured all of this out.

So thanks, Firefox!

(and boo, hotmail, for obscuring key information that would have alerted me to a phishing scheme)

I get this same behaviour from Avast!.... though i would never fall for a scam like this.... never!

Why are you looking at me like that?!

This could also be called "another reason to not use hotmail".

I get these messages too, sometimes - gmail automatically marks them as spam for me. Go gmail!

The cool thing I've noticed about gmail, is that I've had no bad/scam blizzard related emails pass through the spam filtering, but every expected normal (newsletter, confirmation of changes to my account that I just did) blizzard email sails right through. I'd guess there's some agreement behind the scenes between bliz and google on how to identify their mail, or that all their mail will come from certain addresses.

Just wanted to pimp Thunderbird as a mail client, hotlinks are disabled by default. Many a butt can be saved by the copy-paste function.

I am getting spooked that the phishers are so good at spoofing legitimate e-mail addresses.

Scratched wrote:

The cool thing I've noticed about gmail, is that I've had no bad/scam blizzard related emails pass through the spam filtering, but every expected normal (newsletter, confirmation of changes to my account that I just did) blizzard email sails right through. I'd guess there's some agreement behind the scenes between bliz and google on how to identify their mail, or that all their mail will come from certain addresses.

Its not universal if so. In my case, plenty of fake blizzard emails made it through, but legitimate blizzard emails nearly always end up in the spam folder.

absurddoctor wrote:
Scratched wrote:

The cool thing I've noticed about gmail, is that I've had no bad/scam blizzard related emails pass through the spam filtering, but every expected normal (newsletter, confirmation of changes to my account that I just did) blizzard email sails right through. I'd guess there's some agreement behind the scenes between bliz and google on how to identify their mail, or that all their mail will come from certain addresses.

Its not universal if so. In my case, plenty of fake blizzard emails made it through, but legitimate blizzard emails nearly always end up in the spam folder.

Gmail isn't perfect, but it has by far the best spam filter I've seen. Certainly a whole lot better than the other big web mail providers.