Malicious WOW Armory Site

Customer Support
My account was just hacked and, while recovery is under way, I wanted to let the community know about a very nasty website. I'm fairly security savvy and even I (stupidly) fell for it.

When you google the term "wow armory," the very first hit will be MALICIOUS. At least it was for me. I won't post the link, but you can tell from the added ".cn" to the URL, a country code which should come as no surprise. The website will ask for your account information to log into the armory, don't be as dumb as me and give it to them. I was hacked within 24 hours and found my character goldless and botting around the Twilight Highlands with almost a full bag of Twilight Jasmine.

I was very surprised that Google returned the malicious website ahead of the legitimate one in their search results.

Don't fall for it.
02/24/2011 12:48 PMPosted by Saven
I was very surprised that Google returned the malicious website ahead of the legitimate one in their search results.


They're paid to. It's a sponsored link. I would imagine Blizzard and Google have had more than one conversation over this.
There is a valid WoW armory with .cn in it. It's the Chinese WoW Armory.

That being said, the US WoW Armory was merged into the battle.net site when the forums changed over.

I know there has been a bad WoW Armory link on Google. You can report bad links to Google and I know it's been reported (I've reported it multiple times myself), so I'm not sure why it's still showing up.
Well that explains why its missing people I know exist XD
Bad links should be reported to Blizzard, and to the search site in question. You can usually find a "report bad link" option inside their help files. Even if you can't, though, you can bet Blizzard will contact those folks and let them know they're supporting a phishing site. While some spoofing sites, like the fabled Microsoft Firefox 2007 release site, are merely parodies or harmless pranks, spoofing a legitimate company's website in order to defraud its customers is in fact a crime.
http://cn.wowarmory.com is a legitimate site. It's the Armory for the Chinese region. This was the first link (as opposed to ad) that I saw when I searched for wow armory.
You must be right. Yesterday I must have clicked on the ad, and improperly blamed the .cn address when I went back for a second look.

The ad immediately asks you for your account information when you try to search a character, and then directs you to the legitimate website no matter what information you enter (I just mashed about 30 random characters on my keyboard).

Not to be like "There's the witch!" again, but it must be the ad that is malicious. If that's truly the case, Blizzard should definitely know about it by now and should put out a warning of some sorts!
02/24/2011 2:05 PMPosted by Saven
Not to be like "There's the witch!" again, but it must be the ad that is malicious. If that's truly the case, Blizzard should definitely know about it by now and should put out a warning of some sorts!


Blizzard does not know about it. They also cannot do anything about it except request Google remove it.

If you want to see it removed you have to report it, reporting it to Blizzard means the ad is live longer, which isn't a good idea.

In other words reporting a phishing website to Blizzard just delays it being blocked/filtered by Microsoft/Google's safe website services.

Join the Conversation

Return to Forum