Quantcast
WowInterface.com email database has been compromised - Page 4 - WoWInterface
Thread Tools Display Modes
07-26-10, 01:08 PM   #61
Dolby
PPAP
 
Dolby's Avatar
WoWInterface Admin
Join Date: Feb 2004
Posts: 2,276
We aren't running that version of vbulletin and the version we are running is patched to the teeth. Thank you though.
  Reply With Quote
08-13-10, 11:51 AM   #62
aalnydara
A Murloc Raider
AddOn Author - Click to view addons
Join Date: Jun 2005
Posts: 7
WowInterface.com email database has been compromised

Let me start by saying I am very careful protecting my real email address. Every website I visit that wants my email address gets a randomly generated address at a different domain that gets forwarded to my real address until I choose to delete it. WowInterface.com is no exception. I just received a WoW phishing email to the address registered with this site. So it's safe to say this is the only place they could have gotten the address.

The phishing email wasn't terribly clever. Here's the contents:

From: "World of Warcraft - Account Action Notification" <[email protected]>
Subject: World of Warcraft Billing Account Services
To: [email protected]
Content-Type: text/plain;charset="GB2312"
Date: Fri, 13 Aug 2010 19:16:22 +0800
X-Priority: 3
X-Mailer: FoxMail 3.11 Release [cn]
X-SOURCE-IP: [38.113.6.65]

Greetings

World of Warcraft -> Legal -> End User License Agreement
and Section 8 of the Terms of Use:
Blizzard Entertainment -> Legal -> Terms of Use
A 3-hour probationary suspension is pending on this account, awaiting confirmation from a spe******t. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account.
Thank you for respecting our position on this matter.
==================================================================================================================
** We request that you verify your legitimate ownership of the account:
click Website <http://us.battele.info/login/login.xmlref=https=www.worldofwarcraft.com=accountapp=wamcir=true.htm> to proceed.

Blizzard staff will verify your account information submitted in two days, Please do not repeat to submit verify, please do not modify your account information during this time . It will not affect your game uptime.If you are unable to successfully verify your password . using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.


Regards

The World of Warcraft Support Team Blizzard Entertainment
  Reply With Quote
08-13-10, 12:16 PM   #63
yj589794
A Rage Talon Dragon Guard
AddOn Author - Click to view addons
Join Date: Mar 2009
Posts: 314
your email address is listed on your public profile page
  Reply With Quote
08-13-10, 12:22 PM   #64
Dolby
PPAP
 
Dolby's Avatar
WoWInterface Admin
Join Date: Feb 2004
Posts: 2,276
Yes aalnydara, per your options you have your email address public in your profile on our site.

Options > Edit Options > Uncheck "Receive Email from Other Members".
  Reply With Quote
08-13-10, 12:54 PM   #65
aalnydara
A Murloc Raider
AddOn Author - Click to view addons
Join Date: Jun 2005
Posts: 7
Apology

My apologies. I didn't realize how that vBullentin feature worked. I assumed that by saying I would "allow email from other members" that if a member wanted to email me, it would be funneled through some sort of web form rather than giving them my email address outright.

Not that you guys have control over the vBulletin code, but the explanation for that feature would be more appropriately named "Allow other members to view your email address".

In any case, I've unchecked the box. Sorry for the hassle.
  Reply With Quote
08-14-10, 12:26 PM   #66
Hangar
A Defias Bandit
Join Date: Oct 2005
Posts: 2
I just got one of these emails, sent to an address I only ever gave to this site when I registered. 'Receive email from other members' is not checked in my profile. I put spaces in the phishing link and replaced my domain name with 'mydomainname':

Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Sat, 14 Aug 2010 05:26:56 -0500
From: "World of Warcraft - Account Action Notification" <[email protected]>
Subject: World of Warcraft Billing Account Services
To: [email protected]
Content-Type: text/plain;charset="GB2312"
Date: Sat, 14 Aug 2010 18:30:54 +0800
X-Priority: 3
X-Mailer: Microsoft Outlook Express 6.00.2600.0000

Greetings

World of Warcraft -> Legal -> End User License Agreement
and Section 8 of the Terms of Use:
Blizzard Entertainment -> Legal -> Terms of Use
A 3-hour probationary suspension is pending on this account, awaiting confirmation from a spe******t. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account.
Thank you for respecting our position on this matter.
==================================================================================================================
** We request that you verify your legitimate ownership of the account:
click Website <h tt p://u s.battele.info/login/login.xmlref=https=www.worldofwarcraft.com=accountapp=wamcir=true.htm> to proceed.

Blizzard staff will verify your account information submitted in two days, Please do not repeat to submit verify, please do not modify your account information during this time . It will not affect your game uptime.If you are unable to successfully verify your password . using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.


Regards

The World of Warcraft Support Team Blizzard Entertainment
  Reply With Quote
08-15-10, 10:30 AM   #67
Zasurus
A Cyclonian
AddOn Author - Click to view addons
Join Date: Feb 2007
Posts: 42
I got one to... Also do the same as a few of the users here and have my own domain with email address unique to the site and I have stated getting wow junk to this address. No other email address on the domain and that email address has only ever been entered into this site :-) Soz Oh and my email address has never been public! ;-)

Zas
  Reply With Quote
08-15-10, 05:50 PM   #68
Cralor
Mmm... cookies!!!
 
Cralor's Avatar
AddOn Author - Click to view addons
Join Date: Jun 2007
Posts: 772
Though I do not know the specific date when WoWInterface got compromised, both of you seem to have had an account for quite a while now, so that could be the reason.
__________________
Never be satisfied with satisfactory.
  Reply With Quote
09-08-10, 11:59 AM   #69
seebs
Premium Member
Premium Member
AddOn Author - Click to view addons
Join Date: Jun 2006
Posts: 155
Yup, they hit me too. It's basically the same as the phishes I get to the address I used to use at wow dot net some years back, I believe.

The timing was impressively good -- I cancelled over Real ID, but I had just sent email to Blizzard within a few hours of when they sent their phish. Which is itself sort of interesting, but probably just coincidence.
  Reply With Quote
10-02-10, 09:12 AM   #70
schmakk
A Murloc Raider
 
schmakk's Avatar
Join Date: Oct 2005
Posts: 4
Originally Posted by Dolby View Post
Yes aalnydara, per your options you have your email address public in your profile on our site.

Options > Edit Options > Uncheck "Receive Email from Other Members".
I have had an account for quite a while but this option isn't enabled and as far as i know, never have. I have within the last few weeks recieved two well crafted phising mails.
I'm using sneakemail.com, which means a randomly generated email address is used for every service i sign up for.
If there has been changes to default settings or anything like it, that might be why scammers got my address, but if not, something is very very wrong.

Edit: i do have "Receive Email from Administrators" enabled though...
__________________
pewpew

Last edited by schmakk : 10-02-10 at 09:17 AM.
  Reply With Quote
10-02-10, 11:47 AM   #71
Seerah
Fishing Trainer
 
Seerah's Avatar
WoWInterface Super Mod
Featured
Join Date: Oct 2006
Posts: 10,764
As mentioned earlier, the site was compromised a couple of years ago. Since your account is an old one, it is highly likely that this is where your emails stem from. Have you changed your email address for WoWI?
__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

  Reply With Quote
10-04-10, 01:58 AM   #72
Medlir
A Kobold Labourer
Join Date: Dec 2005
Posts: 1
Whoo

I just got one to to my WoWI-only email as well, but yes my account is old, and no I haven't changed the address. Amazing it took them this long.
  Reply With Quote
10-04-10, 01:29 PM   #73
schmakk
A Murloc Raider
 
schmakk's Avatar
Join Date: Oct 2005
Posts: 4
Originally Posted by Seerah View Post
As mentioned earlier, the site was compromised a couple of years ago. Since your account is an old one, it is highly likely that this is where your emails stem from. Have you changed your email address for WoWI?
I dont think i changed it since i created the account, but i sure have now, while also disabling the old one. Did you send out an email about your compromise back then? It has completely gone over my head.

Unrelated: Did i just get a fullscreen popunder for partypoker when i clicked the text field on the reply page?
__________________
pewpew
  Reply With Quote
10-04-10, 02:20 PM   #74
Seerah
Fishing Trainer
 
Seerah's Avatar
WoWInterface Super Mod
Featured
Join Date: Oct 2006
Posts: 10,764
If I recall correctly, there was a news post. But it was a while ago, I admit, and my memories aren't always the clearest.
__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

  Reply With Quote
10-07-10, 05:44 AM   #75
schmakk
A Murloc Raider
 
schmakk's Avatar
Join Date: Oct 2005
Posts: 4
Originally Posted by Seerah View Post
If I recall correctly, there was a news post. But it was a while ago, I admit, and my memories aren't always the clearest.
Ah well, **** happens.

To anyone whos looking to avoid spam: sneakemail.com is 2$ a month and theres a free trial available. It works by giving you a new address every time you sign up for something, and forward mail from that address to your inbox. The mails are tagged so its clear where they come from and you can then delete or disable the address to stop the spam.

Sorry for the plug, but it's saved me from mishaps like this and untrustworthy services quite a few times now.
__________________
pewpew
  Reply With Quote
10-17-10, 04:04 PM   #76
Vuelhering
A Murloc Raider
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 5
I've been getting phishing spam to my wow interface email since the middle of august.

This is the first time I've logged in in ages, it's not available in my profile, and never has been since I created the account (unless it got changed against my permission). I came here simply to change that email address because all mail to that account is now being **canned.
__________________
http://www.knights-who-say-ni.com
MMO gaming since 2000

Last edited by Cairenn : 10-17-10 at 04:16 PM.
  Reply With Quote
10-17-10, 07:26 PM   #77
MidgetMage55
Grinch!
 
MidgetMage55's Avatar
AddOn Author - Click to view addons
Join Date: Feb 2007
Posts: 1,498
Originally Posted by Seerah View Post
As mentioned earlier, the site was compromised a couple of years ago. Since your account is an old one, it is highly likely that this is where your emails stem from...
For the limit!
__________________

I think Hong Kong Phooey was a ninja AND a pirate. That was just too much awesome. - Yhor
  Reply With Quote
10-19-10, 02:57 PM   #78
Mordaki987
A Fallenroot Satyr
Join Date: Oct 2006
Posts: 22
the thing with all of this is that keyloggers and things that can be used for hacking purposes can also be placed unknowingly into a user interface itself. be it through an addon, or whatever the case may be. I should know since my wow account itself has been compromised not once but 4 times. and from my understanding and by word of mouth as well as email wowinterface.com is known to be hacked quite consistantly. at least that is what i have heard.
  Reply With Quote
10-19-10, 03:00 PM   #79
Dolby
PPAP
 
Dolby's Avatar
WoWInterface Admin
Join Date: Feb 2004
Posts: 2,276
Our email database was only compromised once, thats why you see every one with old accounts alerting us.

AddOns CAN NOT contain key loggers unless there is an exe or some executable file packaged with them. We manually moderate every upload to verify each file is safe. We dont even allow authors to package addons with executable files so there is no mistake.
  Reply With Quote
10-19-10, 11:18 PM   #80
Vuelhering
A Murloc Raider
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 5
Originally Posted by Dolby View Post
Our email database was only compromised once, thats why you see every one with old accounts alerting us.
Yeah, I guess that old hack got resurrected by some jerk.

AddOns CAN NOT contain key loggers unless there is an exe or some executable file packaged with them. We manually moderate every upload to verify each file is safe. We dont even allow authors to package addons with executable files so there is no mistake.
As an addon author, this is 100% correct, minus some small epsilon such as an executable error in the Lua interpreter that's never been caught.

Your account was compromised 4 times because you ran unknown executable programs or were unfortunate enough to click on the wrong email link (sent by a goldseller site) or visit the wrong site. None of your issues were caused by wow addons.
__________________
http://www.knights-who-say-ni.com
MMO gaming since 2000
  Reply With Quote

WoWInterface » Site Forums » Site help, bugs, suggestions/questions » WowInterface.com email database has been compromised

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off