just got this in game message… I take it its a phishing scam?
< Malicious URL removed >
Yes scam don’t reply
1 Like
Definite phishing attempt. Edit out the website so that people will not go to it and it is against the rules. Also, Blizzard will NEVER message you in game to have you go to a website to verify anything nor will they message you about any possible sanctions against your account. They sanction first, then email you the reason and how to appeal. You can test any whispers like that by right clicking them. If you get the option to report them via right clicking, then it is not a GM. Report them and move on. A real GM whisper will have the blue Blizz logo next to the GMs name and will also pop up its very own chat window.
4 Likes
Just to touch on this if uve gone to the site and logged in scan your computer immediately this cant be stressed thats how accounts get stolen and hacked.
2 Likes
btw edit the link out of your post as well as the fake blizz name as spotlighting on forums is a no no and also to prevent people from being suckered into getting scammed.
fyi, blizz will never message you ingame if youre actioned theyll send you an email and ask questions later. not to mention have a blue blizz logo graphic next to their name and a seperate chat frame if a GM did need to reach you for anything
2 Likes
Yes, that is a phish.
First - we aren’t going to send you to a site like that. That is using a pretty common trick of hyphens between words to fool the eye into thinking it is a domain you are familiar with. The proper way to determine a domain is look for the .< whatever > The word in front of that is the domain - the WHOLE word, which if appended by a hyphen, extends it.
A real GMs text will also appear in a separate text box - in blue, with a Blizzard logo. Fun fact - you can’t actually report a GM whisper 
One way to research any domain you may be unsure of is to look it up.
www.whois.com can often offer great insight into who established a domain, and it’s age among other things - like who hosts it.
Google Safe Browsing: Report a Malware Page is also a way to report phishing and malicious sites straight to Google.
Every scam in the history of mankind depends on one of two very primal human instincts. Greed or fear. Enticement - or threat. Don’t ever let anyone rush you into doing something, that’s a red flag. If a message or email or text ever has a sense of urgency, take the time to examine it more closely.
Something that seems too good to be true is another.
Also we highly recommend everyone protect their account with an authenticator. It is absolutely not a replacement for good security habits - but it can add that extra layer of safety for your account.
Once upon a time, malware was what everyone worried about - and it is still a very real threat - but this is social engineering. The art of the con. Far more effective - and dangerous.
Why go to all the trouble of malware when you can just ask people for their information, and trick them out of it?
7 Likes