Guild Wars 2

I decided to make this guide to help users with the overflow of phishing emails we are getting every now and then, I wil set the example with hotmail and will ask the comunity to help out with other mail systems since what I knew from them might be outdated.

First Step. Go to your junk mail folder or your inbox and locate the offeding email, and right click it and choose ‘View message source’.

A new tab will open in your browser which will look like a bunch of gibberish. Near the top, you’ll see some like this (but not exactly like this since i won’t copy paste the whole thing)

“Authentication-Results: hotmail.com; spf=none (sender IP is xxx.zzz.xxx.zzz)
X-SID-PRA: Horn Enhacement <manly-charr@charr-big-horns.com>
X-Message-Status: n:n
X-Message-Info: (bunch of giberrish)
Received: goodwar@manlycharr ([xxx.zzz.xxx.zzz])”
"

Something like these, I rather not use the actual message source for safety purpose, now for the important bit:
Find the (sender IP is xxx.zzz.xxx.zzz) section. The number may not always have two sets of two digits at the end but it will ALWAYS have four sets of numbers and ALWAYS have two sets of three numbers at the start. Each set will ALWAYS be separated by a period.

Highlight that number and copy it, being careful not to include any extra spaces at the start or at the end.

Click on ‘Manage blocked senders list’. A screen will open and paste the IP address from the message source tab into this slot and choose ‘Add to list’.

It is important to block the IP and not the REAL noreply@guildwars2.com email by clicking Sweep and then choose Block From, if you do so, you will never get an email from anet that uses this address while it is blocked.
But if you find a junky email that you don’t know on the message source, block it as well, something unusual that might look like the real thing but differs in one or letters, or plain obvious like “manly-charr@charr-big-horns.com”

Feel free to add to the post an how to on other mail systems.

The problem is that the IP-adress of the phishers will change all the time. This is cause they are actually using hacked computers. If they see that they don’t have enough fish to bait they move to a different spot.

So not really worth the trouble I’m afraid.

mercury ranique.2170:

The problem is that the IP-adress of the phishers will change all the time. This is cause they are actually using hacked computers. If they see that they don’t have enough fish to bait they move to a different spot.

So not really worth the trouble I’m afraid.

I agree. If spammers/scammers always used the same IP, it would be a simple matter to block them and put an end to it once and for all. The other issue here is that some of the scam emails go through actual legit mail servers, so by blocking one of them, you could very easily block email from a whole domain (like yahoo, Hotmail, Verizon, etc) without even knowing it as it can be displayed as only an IP. A much better solution is to use word filters as others have suggested in previous threads.