Recently, a surge of Battle.net users (and non-users) have been receiving emails indicating that their email address has been used to create a new account, and that they need to authenticate this account prior to use. Everything looks perfectly legit at this point, and the email even comes from what appears to be a legitimate Battle.net email address. Unfortunately, this is a phishing scam intended to trick you into revealing passwords you normally wouldn’t tell anyone at all.
By clicking the link to activate (confirm) or deny the account, you are taken to what looks like a normal Battle.net page where you can submit a request to reset your password before you can deactivate the account. While it may appear that you’re actually disabling an unauthorized account, you could actually be giving someone the data they need to serve their malicious purposes.
If you receive one of these emails, the best thing to do is independently go to the provider’s official site and use the proper customer service channels listed there. In this case, Blizzard’s support site. You may also want to do a quick Web search to see if the name mentioned in the email is a common occurrence. While there may actually be a gold farmer setting up accounts under other people’s email addresses, they do very little good if they aren’t verified. If you didn’t sign up for the account in the first place, your best plan of action would be simply not to validate it.
If you feel that your email address has actually been used to create someone’s account, you can contact Blizzard to have your email address cleared.
In recent days, being a recipient of one of these phishing emails has been referred to as being “Zhanged.” While it never feels good to get an email that appears to be a legitimate breach of privacy and/or identification theft, we are only going to continue to see more of these as gaming (and other cloud-based) platforms continue to become more and more popular.