Hackers getting access to your WoW account is by no means a new venture, but while the majority of attempts (coming from a user downloading illegal 'cheat' mods or replying to an email that requests your log in and password; and if you have it, the CD key that came with your copy of the game) can be easily avoided, hackers are getting smarter.
Kind of an oxymoron there, because the people that steal WoW accounts aren't really hacking anything, they're just tricking you into providing the information they need to get into your account. Though some are obvious phishing attempts, some are not.
In the last few months alone, there have been at least 4 people in the Aurora, Illinois area alone that have fallen for a specific phishing site, and it's no wonder; it looks just like the real thing.
The World of Warcraft Armory is a great tool, used to lookup the characters of other players, see their armor, their specs, everything. This can be used to mimic them if they are God-like, or find their weakness if they are camping you. But what do you get if you go to a search engine and type in 'wow armory'?
The very first option on the list in Yahoo's search is the URL http://www-wowarmory.com/. For Google, it comes up as http://armory-worldofwarcart.com/wowarmory/. The actual website for the real WoW Armory is http://www.wowarmory.com/. It doesn't matter which one you go to, the initial screens are identical. So, how do you know you're at the right one?
The only clue, and the one that should truly alert you to the knowledge that this is a phishing site is that when you type in a character's name, the first two sites take you to a log in screen. The real site does not. You do NOT have to be logged into your WoW account in order to use the Armory, but many people think nothing of it and have entered their information into the screen; at which point they are connected to the true WoW Armory; never realizing they've just voluntarily given their log in and password away. Well, at least not until they try to log into WoW and find they've been locked out due their account having been compromised, and find their characters are penniless and naked. It's getting worse out there, and if you don't stay ahead of the 'hackers' you're bound to end up spending the next couple weeks trying to get your Warcraft life back.
Created by Author using Snag It
The embedded video, created using Snag It's screen capture shows the user logging in first to the correct site. Upon entering the toon's name, she is rewarded with a the options available. The user then goes to the sites provided at the top of the list for both Yahoo and Google. You will notice that once the character name is typed in, a login screen appears on both. Completing a 'who is' on the two false URLs show that they both belong to the same person in Bei jing. A search on the correct site lets you know it is a true Blizzard URL.
Do not get hacked. You have been warned.