Malicious WOW Armory Site

85 Night Elf Hunter
10495
My account was just hacked and, while recovery is under way, I wanted to let the community know about a very nasty website. I'm fairly security savvy and even I (stupidly) fell for it.

When you google the term "wow armory," the very first hit will be MALICIOUS. At least it was for me. I won't post the link, but you can tell from the added ".cn" to the URL, a country code which should come as no surprise. The website will ask for your account information to log into the armory, don't be as dumb as me and give it to them. I was hacked within 24 hours and found my character goldless and botting around the Twilight Highlands with almost a full bag of Twilight Jasmine.

I was very surprised that Google returned the malicious website ahead of the legitimate one in their search results.

Don't fall for it.
Reply Quote
85 Night Elf Rogue
9150
02/24/2011 12:48 PMPosted by Saven
I was very surprised that Google returned the malicious website ahead of the legitimate one in their search results.


They're paid to. It's a sponsored link. I would imagine Blizzard and Google have had more than one conversation over this.
Reply Quote
100 Undead Warlock
11360
There is a valid WoW armory with .cn in it. It's the Chinese WoW Armory.

That being said, the US WoW Armory was merged into the battle.net site when the forums changed over.

I know there has been a bad WoW Armory link on Google. You can report bad links to Google and I know it's been reported (I've reported it multiple times myself), so I'm not sure why it's still showing up.
Reply Quote
85 Tauren Druid
2995
Well that explains why its missing people I know exist XD
Reply Quote
85 Human Priest
5850
Bad links should be reported to Blizzard, and to the search site in question. You can usually find a "report bad link" option inside their help files. Even if you can't, though, you can bet Blizzard will contact those folks and let them know they're supporting a phishing site. While some spoofing sites, like the fabled Microsoft Firefox 2007 release site, are merely parodies or harmless pranks, spoofing a legitimate company's website in order to defraud its customers is in fact a crime.
Reply Quote
85 Gnome Warrior
2065
http://cn.wowarmory.com is a legitimate site. It's the Armory for the Chinese region. This was the first link (as opposed to ad) that I saw when I searched for wow armory.
Reply Quote
85 Night Elf Hunter
10495
You must be right. Yesterday I must have clicked on the ad, and improperly blamed the .cn address when I went back for a second look.

The ad immediately asks you for your account information when you try to search a character, and then directs you to the legitimate website no matter what information you enter (I just mashed about 30 random characters on my keyboard).

Not to be like "There's the witch!" again, but it must be the ad that is malicious. If that's truly the case, Blizzard should definitely know about it by now and should put out a warning of some sorts!
Reply Quote
86 Goblin Warlock
4380
02/24/2011 2:05 PMPosted by Saven
Not to be like "There's the witch!" again, but it must be the ad that is malicious. If that's truly the case, Blizzard should definitely know about it by now and should put out a warning of some sorts!


Blizzard does not know about it. They also cannot do anything about it except request Google remove it.

If you want to see it removed you have to report it, reporting it to Blizzard means the ad is live longer, which isn't a good idea.

In other words reporting a phishing website to Blizzard just delays it being blocked/filtered by Microsoft/Google's safe website services.
Reply Quote

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]