Sunday, October 23, 2011

Ah...beta phishing...

For those of you who don't play MMORPG's, (massive multiplayer online role playing games) you'll likely not think this scam is such a big deal.  But trust me, for those of us who do, this is one of the most evil scams ever:  The invitation to beta.  See, Beta is awesome.  It's essentially you getting a chance to see parts of the game (or the entire game itself) before most everyone else.  You get to provide feedback to the programmers as to what works, what doesn't, where bugs are, and whether you like it or not.  It's awesome.
However, this scumbag isn't giving you/me access to the Diablo III beta, in this case.  He's just phishing for your Battle.net userid & password.  They want the general password because that will give them access to your World of Warcraft, Starcraft, and several other game accounts.  And then they access your account, sell all your stuff, transfer your gold to their character, and then sell your gold in the real world.  Yes, people guy WoW gold in real life...so you pay $100 bucks and get 10,000 gold (no, I don't know if that's accurate, but it's meant to be an example, not an accurate portrayal of the market).

So, here's the email I received this morning:
Greetings from Blizzard Entertainment!

We’re gearing up for the forthcoming launch of Diablo III and would like to extend you an invitation to participate in the beta test. If you are interested in participating, you need to have a Battle.net account, which you can create on our Battle.net website.

We will flag you for access to the Diablo III beta test when we begin admitting press. You do not need to go through the opt-in process.

To secure your place among the first of Sanctuary’s heroes,Please use the following template below to verify your account and information via email.

* Name:
* Battle.account name:
* Password:
* Country:
* E-mail Address:

Thanks and see you all in the Burning Hells!

In the address field it said it was from noreply@blizzard.com, which seems legitimate.  However, when you hit the 'reply' in your mail client, it populates the 'to' field with diablo3@d3-blizzard.com .  See the difference?  Not a blizzard.com email address.  Additionally, Blizzard would NEVER EVER EVER ask you to email your password.  I also did the research and found that d3-blizzard.com is registered to a Chinese gold farmer (are there any other kinds?):
Domain Name ..................... D3-BLIZZARD.COM
Name Server ..................... dns27.hichina.com
                                  dns28.hichina.com
Registrant ID ................... hc672638609-cn
Registrant Name ................. cheng cui
Registrant Organization ......... cheng cui e
Registrant Address .............. henansheng zhengzhoushi
Registrant City ................. zhengzhou
Registrant Province/State ....... HA
Registrant Postal Code .......... 002300
Registrant Country Code ......... CN
Registrant Phone Number ......... +86.037165862108 - 
Registrant Fax .................. +86.037165862108 - 
Registrant Email ................ uuu111222@qq.com
Administrative ID ............... hc672638609-cn
Administrative Name ............. cheng cui
Administrative Organization ..... cheng cui e
Administrative Address .......... henansheng zhengzhoushi
Administrative City ............. zhengzhou
Administrative Province/State ... HA
Administrative Postal Code ...... 002300
Administrative Country Code ..... CN
Administrative Phone Number ..... +86.037165862108 - 
Administrative Fax .............. +86.037165862108 - 
Administrative Email ............ uuu111222@qq.com
Billing ID ...................... hc672638609-cn
Billing Name .................... cheng cui
Billing Organization ............ cheng cui e
Billing Address ................. henansheng zhengzhoushi
Billing City .................... zhengzhou
Billing Province/State .......... HA
Billing Postal Code ............. 002300
Billing Country Code ............ CN
Billing Phone Number ............ +86.037165862108 - 
Billing Fax ..................... +86.037165862108 - 
Billing Email ................... uuu111222@qq.com
Technical ID .................... hc672638609-cn
Technical Name .................. cheng cui
Technical Organization .......... cheng cui e
Technical Address ............... henansheng zhengzhoushi
Technical City .................. zhengzhou
Technical Province/State ........ HA
Technical Postal Code ........... 002300
Technical Country Code .......... CN
Technical Phone Number .......... +86.037165862108 - 
Technical Fax ................... +86.037165862108 - 
Technical Email ................. uuu111222@qq.com
Expiration Date ................. 2012-08-29 10:02:28
So, while I truly do believe that stupidity should be painful and that people who fall for this shouldn't get their gear or gold back, this is a pretty low attack and this scumbag should have their testicles fed to them with a fork.  In the face.  Repeatedly.

Tuesday, October 18, 2011

Postal phishing attempt.

So, checking the email today, I get this message from the United States Postal Service (otherwise known as snail-mail):
Dear Customer,

We attempted to deliver your item at 10:17 am on October 15, 2011 and a notice was left. You may arrange redelivery by clicking the link below or pick up the item at the Post Office indicated on the notice. If this item is unclaimed after 15 days then it will be returned to the sender. The sender has requested that you receive a Track & Confirm update, as shown below.

Label Number: 7007 8392 8839 7312 4531
Weight: 1.1 LBS
Expected Delivery Date: October 15, 2011
Service Type: First-Class Certified Mail
Service(s): Delivery Confirmation
Status: Final Notice

To check on the delivery status of your mailing or arrange redelivery please visit our website: http://XXX.usps.com.ww047.com/shipping/trackandconfirm.php?navigation=1&respLang=Eng&resp=10172011

Please make sure to print out your invoice in order to collect your package at our Post Office: http://XXX.usps.com.ww047.com/shipping/invoice.php?navigation=1&respLang=Eng&resp=invoice_10172011

Future activity will continue to be emailed for up to 2 weeks from the date of request shown above.

For more information, or if you have additional questions on Track & Confirm services and features. We're here to help. Call 1-800-ASK-USPS!

Anyone notice the URL?  I changed it so noone would actually click on it and get the malware they attempt to get you to download.  But yep, another phishing attempt.  Good attempt, I have to say, but yet another reason to look at the link before you click on it.

Let's be careful out there.

Thursday, October 13, 2011

Barney Fwank, talks about the housing crisis, before & after

Man...the balls on Barney Frank....the fact that he continues to lie and screw the American people (especially the young gay males in the DC and Boston areas) without any consequences. If karma exists, one can hope that he goes to hell with the rest of his hypocritical jackhole friends.