Beta Invite for D3, MMO Champ email database compromised?

[glumlord]

So I just received an email to a personal email account on my domain which I only use for mmochampion. I create a seperate email for each site I register on so I know if they are giving my email address out, and so I can block it if I start getting unwanted spam.

The email was a beta invite to Diablo 3 as seen below:

---------------------------- Original Message ----------------------------
Subject: Diablo III beta test invitation!
From: "diablo3" (email address removed)
Date: Tue, September 27, 2011 3:17 pm
To: (email address removed)
--------------------------------------------------------------------------

Greetings from Blizzard Entertainment!
We’re gearing up for the forthcoming launch of Diablo III and would like to extend you an invitation to participate in the beta test. If you are interested in participating, you need to have a Battle net account, which you can create on our Battle net website.
We will flag you for access to the Diablo III beta test when we begin admitting press. You do not need to go through the opt-in process.
To secure your place among the first of Sanctuary’s heroes,Please use the following template below to verify your account and information via email.
* Name:
* Battle . account name:
* Password:
* Country:
* E-mail Address:
Thanks and see you all in the Burning Hells!

Now if I try to reply to that message it comes up with an email address of diablo3 at d3-blizzard dot com which is obviously not legit.

My concern at this point is one of the following:

1) MMO-Champion gave away my email address to a 3rd party
2) MMO-Champion was hacked and data was stolen, primarily my email address.

I don't have any personal info which would of been compromised but I really just wanted to make people aware of the email and the situation.

---------- Post added 2011-09-27 at 05:49 PM ----------

It appears the site was hacked in may of 2010:

www mmo-champion com /threads/720175-Oh-god-MMO-Champion-got-hacked

Perhaps that's when they got this email address. But the post above suggest they didn't get any information.

[3clipse]

Spammers will also just hit address randomly. I've gotten spam on a university account, and I know they're not giving my information away.

[glumlord]

Spammers will also just hit address randomly. I've gotten spam on a university account, and I know they're not giving my information away.

While that may be true, that is not the case.

I own this domain and I see all emails that come across to my domain, even ones to recipients that don't exist.

This was the only email I received regarding diablo 3 beta, so there was no phishing of multiple email addresses on my domain.

[Karteli]

It's a very old phishing attempt.

A bot program runs and sends millions of emails out (yes millions) .. a@gmail.com .. b@gmail.com .... aa@gmail.com .. ab@gmail.com etc

Depending on the email server, it could record the emails that bounce back and save every other email as "successful".

Modern email servers have since stopped providing bounced email info, so now malicious scumbags resort to other tactics to find a valid email.

EVERY time you get a junk email and you click some link within the email, you just provided validation to the sender that this is a good email. Clever tactics might be an email welcoming you to a new discount club .. at the bottom -- click here to unsubscribe -- which you click and vola! now they know it's a good email.

Then your email goes on the black-market with thousands of others. Someone buys it, and you get .. scams, spam, and utter crap in your inbox

edit:
ps: the link you click has a special code with it, like w ww.linkstealingcrud.com?id=73894272 (not a real address)

The number is unique to you so when you click it they know damn well who you are - they match it up with their mailing lists.

[Elysia]

And I have an e-mail that I ONLY use for this site, and I've never gotten spam to it once. Going to copy/paste some Bibi quotes from other threads on this topic:

Yeah, sometimes people get spammed and sometimes it's even on an email they only use here. However, it's not the case for everyone and if there was a way to dump the emails of our users it should affect everyone.

I don't have a good explanation for that, every time someone complains I forward to my lovely developers who poke some more at stuff and come back to me saying that it's clean. My guess is most likely random tracking cookies and stuff, which still doesn't make sense because I'm pretty sure we don't store email adresses in cookies either.

So basically, if someone can prove me wrong and finds a way to get the emails of our users we'll be very happy to fix it. It would be stupid to pretend that we can't be hacked especially with all the happy hacking funtimes in the news lately but as far as we know, there isn't any vulnerability to grab the emails of users on the site.

And no, we don't sell your emails either, people would notice it easily and even if we were pure evil, it just wouldn't be worth the money. Spammers already have billions of mails they can play with, and we don't have that many users registered on the forums. I'm pretty sure it wouldn't even pay our bandwidth costs just for a day.

Same thing as usual, no as far as I know the mails didn't go public, and I have a lot of people who never received any mail on the mail they only use for MMO-Champion.

I'm not saying we can't get hacked or even that we forgot to block emails from displaying on the site in a very obscure place that I've never seen, but as far as we know we're safe. Could be a spyware on your side, could be a random tracking cookie in an ad, etc ...

[glumlord]

I know how phishing works, and like I said I own a few domains.

I have this specific domain setup where any emails sent to any address on that domain are forwarded to me.

There were no other "phishing" attempts, they knew exactly which email address to go to. The email address was mmochampion at my domainname dot com so it's obvious.

[Heywes]

It appears the site was hacked in may of 2010:

www mmo-champion com /threads/720175-Oh-god-MMO-Champion-got-hacked

Perhaps that's when they got this email address. But the post above suggest they didn't get any information.

that conincides with when i started to receive spam emails. I always wondered why I never received any and then they just started to appear. cheers for pointing that out.

[glumlord]

You guys use the information as you want. I am telling you though it was not phished, I've seen that on my domain before as I get three emails to different email addresses but the exact same email.

This is the first time I've received an email addressed to this specific address, ever.

[Greevir]

I currently have 12 email addresses through the same domain and I just recieved that same exact email on my MMO-Champ email address. Not gonna put too much thought into it, it may just be coincidence but figured I'd post it anyways in case.

[Karteli]

I know how phishing works, and like I said I own a few domains.

I have this specific domain setup where any emails sent to any address on that domain are forwarded to me.

There were no other "phishing" attempts, they knew exactly which email address to go to. The email address was mmochampion at my domainname dot com so it's obvious.

If you are using email forwarding, then you negated separate email addresses right there.

You can't say MMO-Champion was the culprit, because all those forwarded emails show where they came from (to the recipient).

Any virus will see them, anyone spying on your email server (compromised?) can see them ..

Is your computer clean of viruses, using a good AV, with the latest AV definitions?

edit: I don't want to turn you off from this discussion. It has been top news lately in the hacker world that servers are getting compromised. I would keep emails entirely separate. Because one will eventually get hacked, and you don't want a trail to exist.

[glumlord]

I'll be honest, I hadn't been to your website in about 3 months. I rarely play wow anymore.

My virus def's are up to date, and I don't monitor that email account except from my android phone.

I've never used that email address, which specifically has the name mmochamp as part of the email address, for anything other than registering on your site. I haven't even logged in using that email for quite a long time.

Good luck..

[Karteli]

I'll be honest, I hadn't been to your website in about 3 months. I rarely play wow anymore.

My virus def's are up to date, and I don't monitor that email account except from my android phone.

I've never used that email address, which specifically has the name mmochamp as part of the email address, for anything other than registering on your site. I haven't even logged in using that email for quite a long time.

Good luck..

... but you forwarded the emails and essnetially linked email addresses.

For whatever reason you got hit. Change your email on MMO-C and don't forward emails in the future. Keep emails separate.

It's what you can do on your part.

BTW I wouldn't trust free email host sites with private information .. it's run by people - consider it compromised from the time of creation - because you have no idea who has access to anything on your account.

Could someone slip a flash drive into the server and rip account info?

[glumlord]

... but you forwarded the emails and essnetially linked email addresses.

For whatever reason you got hit. Change your email on MMO-C and don't forward emails in the future. Keep emails separate.

It's what you can do on your part.

BTW I wouldn't trust free email host sites with private information .. it's run by people - consider it compromised from the time of creation - because you have no idea who has access to anything on your account.

Could someone slip a flash drive into the server and rip account info?

It's not a free email host, it's a domain and a server I purchased for hosting which I manage myself.

I didn't set up a fixed email on the server, so no one could "Hack" and find that email address. Even if that was the case, which it isn't, I would expect spam on any of my "real" email addresses I have setup.

If you think someone could slip a flash drive in a server and rip account info, then I'm not sure why I'm even talking to you. Autorun is turned off on all versions of Windows Server, and has been turned off by default since Windows Vista. The fact that you think a server admin would pick up some random flash drive, plug it in and start running files on my particular server on a server farm with hundred of servers is quite funny.

If you look at this thread, there is another person who got the same email, at the same time.

---------- Post added 2011-09-28 at 08:10 AM ----------

oh and look another person got the same email yesterday..

mmo-champion dot com threads/986105-D3-Beta-scam-emails?p=13404743

[haxartus]

I haven't received a Diablo 3 beta scam email, but I've received a few fake WoW emails on an account that is used for mmo-champion only. The domain is not popular like gmail or yahoo and I don't have any other spam on the account. I have 3 more emails on the same domain with no WoW related fake emails at all.
It's pretty clear that there was an email leak here at some point.

[Deleted]

I also received that identical phishing attempt to my email I use for this site, but not to any other addresses which also do get spam, but not that particular message.

[Sunshine]

As mentioned above, there's no leak that we are aware of. There are plenty of people who use a single email for MMOC and have never gotten any scam mails.

If you have other information, you're welcome to PM one of us.

Pasting again for good measure:

Yeah, sometimes people get spammed and sometimes it's even on an email they only use here. However, it's not the case for everyone and if there was a way to dump the emails of our users it should affect everyone.

I don't have a good explanation for that, every time someone complains I forward to my lovely developers who poke some more at stuff and come back to me saying that it's clean. My guess is most likely random tracking cookies and stuff, which still doesn't make sense because I'm pretty sure we don't store email adresses in cookies either.

So basically, if someone can prove me wrong and finds a way to get the emails of our users we'll be very happy to fix it. It would be stupid to pretend that we can't be hacked especially with all the happy hacking funtimes in the news lately but as far as we know, there isn't any vulnerability to grab the emails of users on the site.

And no, we don't sell your emails either, people would notice it easily and even if we were pure evil, it just wouldn't be worth the money. Spammers already have billions of mails they can play with, and we don't have that many users registered on the forums. I'm pretty sure it wouldn't even pay our bandwidth costs just for a day.

Same thing as usual, no as far as I know the mails didn't go public, and I have a lot of people who never received any mail on the mail they only use for MMO-Champion.

I'm not saying we can't get hacked or even that we forgot to block emails from displaying on the site in a very obscure place that I've never seen, but as far as we know we're safe. Could be a spyware on your side, could be a random tracking cookie in an ad, etc ...