1. #1

    Weird Hack Story any idea how?

    Hello everyone long time no see!

    I was an avid WoW player for 4 years but quit about a year ago because of life and friends leaving the game/changing servers bla bla bla that sorta shit. ANYWAY a few weeks ago I get a bunch of emails from noreply@blizzard.com about my account security being compromised etc. I thought nothing of it until tonight when I checked in on it out of curiosity. The emails I had received were indeed legit emails from blizz I checked their source in the header etc. Now my account has been inactive for over a year so I haven't been able to view my toons anymore on armory. So I figured that if I was hacked my sub would be reactivated and my toons would be on armory stripped. Sure enough all my babies were back up on armory stripped horribly poor guys. Now what really confuses me is that after getting my account back into my hands resetting pw etc etc. I log on and view my payment history and there has not been a payment made since 10/09/09. So how did these hackers manage to strip my toons without resubbing?

  2. #2
    Brewmaster juzalol's Avatar
    10+ Year Old Account
    Join Date
    Dec 2009
    Location
    Finland
    Posts
    1,285
    Quote Originally Posted by z8472 View Post
    bunch of emails from noreply@blizzard.com about my account security being compromised etc.
    The emails I had received were indeed legit emails from blizz I checked their source in the header etc.
    Well i got a bunch of e-mails about the same thing from same address.

    The link provided goes to something like "battle.net-securityadmin-management.com/..." (rest of the link not given for obvious reasons and i don't recommend even trying this one out)

    Sounds legit?
    I don't think so.

    Never ever click any links in any e-mails you get. Go to battle.net manually and you will see if there is actually anything wrong with your account. If you can't log int your battle.net account you better call blizzard customer service.

    And how they got the stuff without resubbing, i have absolutely no clue.

  3. #3
    I never at any point followed links in these emails. And as I said before I used blizzs own posted methods to verify that these were blizz emails, but there are plenty of other ways my password could have been compromised what puzzles me is how I was looted without resubbing?

  4. #4
    If I were to guess, it would be one of these;

    Was the last payment you? (Could they of hacked you after you quit and you had a few days left?)
    Or, using a game-card doesn't add to the payment history(?) / Scroll of Resurrection / The random free week passes you can get.

  5. #5
    those are good suggestions I hadn't thought of but no. The last payment on my account was dated almost a year ago as well I have no scroll of resurrection referrals on my account (plus don't u have to have an active account for that?). It is possible that in the last two days or so when I wasn't logged on I was cleaned out but than why all the emails from blizz a year later? Also I remember getting nostalgic a few weeks or a month later and checking armory to see my toon and he had all his gear.

  6. #6
    They couldve activated an xpac free trial

  7. #7
    game cards do add to payment history in the transaction page. this is just a possibility but since the xpac they might have been going over toon database and noticed yours looked like they were hacked even if it was taken that long ago.

  8. #8
    awww I thought you had it rob I actually logged on and I just activated the free trial myself so they must not have.

  9. #9
    Quote Originally Posted by z8472 View Post
    those are good suggestions [...] I have no scroll of resurrection referrals on my account (plus don't u have to have an active account for that?). [...]
    I think they were saying that someone could have used a scroll of resurrection on YOU, which is entirely possible and wouldn't add any charges to your payment history.
    Protip: You don't need to add an apostrophe to make things plural.

  10. #10
    Check the IP address. I've been getting some emails from them, and they're tricky. They use proper grammar, they embed links that on the surface look legit, etc. They're good. I use hotmail for my blizzard stuff, if you have hotmail do this:

    Right click the message(not opening it), then click "view message source". There's a nice long list of code and what not, but this is what I got:

    Received: from xo.org ([94.76.238.72])
    That ain't blizzard, yo.

  11. #11
    a way to check is put in a ticket to get the gear back and if they can not help with getting gear back it means mostlikely they were taken longer than i think 3 months but might be longer. since they keep restore data for that long back.

  12. #12
    i did use the whole view source to check the message out and they look legit at least the one that said my account was locked I received 12 in one day from noreply@blizzard.com that said my pw had been changed and a bunch of other stuff but I didn't open any links in those emails or check them as thoroughly (also they went to my junk mail) But I did log on and change my pw. It was only today when I had an email come into my inbox that I did all this checking out and found out my toons were stripped.

    and I don't think I can submit a ticket on a unsubed account Serebii
    Last edited by z8472; 2010-12-23 at 04:13 AM.

  13. #13
    u'll find that blizzard removed the payment ive had a few friends with the same problem..stopped playing around a year ago, and recently hacked.

    Blizzard simply removes the payment for the 30days or watever of gameplay, cos it was probably done via stolen credit card, or otherwise.

  14. #14
    Quote Originally Posted by z8472 View Post
    i did use the whole view source to check the message out and they look legit at least the one that said my account was locked I received 12 in one day from noreply@blizzard.com that said my pw had been changed and a bunch of other stuff but I didn't open any links in those emails or check them as thoroughly (also they went to my junk mail) But I did log on and change my pw. It was only today when I had an email come into my inbox that I did all this checking out and found out my toons were stripped.

    and I don't think I can submit a ticket on a unsubed account Serebii
    Check my post. It's a phishing site.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •