Since the early access to Guild Wars 2 there have been a lot of phishing and hacking incidents. With Mists of Pandaria being released next month there was also a report that Blizzard has been hacked for account info. I also just received a phishing attempt on an email account that I seldom use that was never associated with any game or gaming site.
At first glance this phishing email looks quite convincing.
The first part looks great. It is when it reaches that 3rd paragraph that things sort of fall apart. Then we come to the link. The link itself is in proper format but when you mouse over it, it tells a different story.
I never click on any link in any unsolicited email. If a game company wants to reach anyone they usually direct you to go to there website and sing into you account. I always do this by going directly to the website and signing in, never from a link in the email. The only time I will click a link in an email is when the official website sends a verification email. You will usually get that email within moments of the site sending it.
I have had friends and guildies hacked before, had guild banks emptied and am constantly being bombarded by phishing attempt email, usually on accounts that have never been associate with any games. I feel it is better to safe than sorry.
I have a specific email account for WoW, one for Rift/Aion, one for TSW, one for SWTOR and one for ArenaNet. All have different password and WoW, SWTOR and Trion have authenticators. I still change the passwords every now and then. I use a website to generate a list of random 15 character passwords that I use only once and then genereate a new list when those are used up. It appears ArenaNet has got the email authentication working now and I recommend using iot until them come out with an authenticator, hopefully soon.