Warning: WoWhead may be a bit dangerous for now

[TheramoreIsTheBomb]

Lets just say a certain someone's account was compromised by a goldseller. You know the only way they can get into someones account is by phishing websites and what not. Rest assured, the issue has been taken care of but in result, friends and guilds were compromised and unrestorable. WoWhead is known for having ads with malware and viruses on them, but it seems not even adblock can stop it. This is a warning to Curse, WoW and everyone in general. Be careful with logging in sites like WoWhead with your battle.net account stuff because just because their website is supported by Blizzard, doesnt mean their website is safe. Please check the ads and your site. I won't be using WoWhead for awhile now. [Only website I connected B.net with].

[Speedlance]

wowhead seems to be down aswell, at least I cant load it up.

[Justpassing]

Lets just say a certain someone's account was compromised by a goldseller. You know the only way they can get into someones account is by phishing websites and what not. Rest assured, the issue has been taken care of but in result, friends and guilds were compromised and unrestorable. WoWhead is known for having ads with malware and viruses on them, but it seems not even adblock can stop it. This is a warning to Curse, WoW and everyone in general. Be careful with logging in sites like WoWhead with your battle.net account stuff because just because their website is supported by Blizzard, doesnt mean their website is safe. Please check the ads and your site. I won't be using WoWhead for awhile now. [Only website I connected B.net with].

Come on man, that's a huge rookie mistake; why would you log in a site that's not b.net with your acc. info?

Especially if you don't have an authenticator attached.

[Relapses]

Come on man, that's a huge rookie mistake; why would you log in a site that's not b.net with your acc. info?

Especially if you don't have an authenticator attached.

I think you'd be surprised how many people use the same password for everything. It's exactly why phishing remains such an effective tool for identity theft.

[Justpassing]

I think you'd be surprised how many people use the same password for everything. It's exactly why phishing remains such an effective tool for identity theft.

It's not about the same password, you can log-in wowhead and now MMO-C with your account information and post with your character or w/e (I've never done it for obvious reasons so I'm not sure why you'd even want to do that).

I'm not going to deface this whole practice beacuse MMO-C started doing it too and I don't want to be infracted, let's just say these sites don't want your account information for nothing.

1. Get an authenticator
2. Don't put in your account info even if it's bnet integrated.
3. ????
4. PROFIT

[philefluxx]

, but it seems not even adblock can stop it.

You should also run with NoScript in conjunction with Adblock to increase security.

[Deleted]

They all laughed at me when I used thottbot. Who is laughing now!

[Justpassing]

You should also run with NoScript in conjunction with Adblock to increase security.

Add Ghostery to that.

There isn't something like being "too secure", esp. if you don't have an authenticator attached.

[Damax]

People logged in with their battle.net accounts on wowhead because it was the only way of participating to drawings and contest. It is lame but shit happen

[Justpassing]

People logged in with their battle.net accounts on wowhead because it was the only way of participating to drawings and contest. It is lame but shit happen

Lol, "shit happen"? Yeah I'm sure this all happened completely randomly and for no reason at all.

Never wonder why you get ENLARGE UR PEN0R spam? Never wonder where these companies get your email and/or information to begin with? Datamining. It's large money to sell your users' info.

[ShiyoKozuki]

Reminder that adblock was bought out by an advertisement company and to use ublock instead.

[effs]

They all laughed at me when I used thottbot. Who is laughing now!

Thottbot...never forget.

[Leyre]

>using addblock

No wonder they got shit, uBlock Origin FTW

[Deleted]

i didnt even know you can log in with bnet stuff, but boy must one be stupid to do that, or, not valuing his account all too much : D

[Leyre]

It's not about the same password, you can log-in wowhead and now MMO-C with your account information and post with your character or w/e (I've never done it for obvious reasons so I'm not sure why you'd even want to do that).

I'm not going to deface this whole practice beacuse MMO-C started doing it too and I don't want to be infracted, let's just say these sites don't want your account information for nothing.

1. Get an authenticator
2. Don't put in your account info even if it's bnet integrated.
3. ????
4. PROFIT

But MUH... MUH... PRIZES

[DarkAmbient]

i didnt even know you can log in with bnet stuff, but boy must one be stupid to do that, or, not valuing his account all too much : D

Nor me. Why would someone log into any third party site with their Battlenet details? That's just asking to be screwed over.

[Deleted]

Good to know. Time to change my password, change my adblock and cancel the connection between wowhead and my bnet account. *shrug*

Thanks for the people who informed me about the adblock change. Running uBlock now.

Nor me. Why would someone log into any third party site with their Battlenet details? That's just asking to be screwed over.

Because it is easy access if you are searching for shit you haven't completed yet. For example. But yeah, the risk seems to be too high so I shall change my ways!

[Rixis]

They all laughed at me when I used thottbot. Who is laughing now!

Thottbot is just a different Wowhead front end.

Also, isn't the logging in with battle.net api controlled by Blizzard (much as you can do it with steam), so the only information visible is what Blizzard allows, which is/should be limited?

When you say adblock doesn't block it, does that count for all browsers? I know Chrome used function adblock differently so it just hid the shit that still loaded, so is it safe on Firefox?

[chaud]

I'm not going to address the issue of safety of other sites, but I will touch on the Battle.Net login.

I guess people don't understand how it works, so I'll try and explain:

• You visit http://bna.mmo-champion.com/login and hit the Log In button
• You arrive at https://us.battle.net/login/en/?ref=...XXXX&app=oauth
• The site above is the official Battle.Net site with some extra details in the URL so they know what site the user came from.
• You enter your username and password on the Battle.Net site and log in.
• Once logged in, they use the information from earlier to send you back to us with a token.
• This token allows us to see your BattleTag and list of WoW characters.

At no time do we have access to your Battle.Net username or password. If you log in to Battle.Net and have your account compromised right afterwards, the most likely explanation is that malware on your computer logged your information when you were logging in to the official site. It has nothing to do with the sites using Battle.Net login.

You can read about this on the Battle.Net developer site: https://dev.battle.net/docs/read/log_in_with_bnet

[TheWorkingTitle]

They all laughed at me when I used thottbot. Who is laughing now!

Thottbot and Allakhazam ftw.