I dont think you understand that this goes beyond “dont click on link”, do you?
read my post slowly. the hackers have abused the fact that no authentification is requested on purchases via linked in method of payment that are on a bnet account.
I do understand that, yes… the point still stands as this could have been avoided if the child in question was more aware of the risks involved with links on the internet in general, even in games.
Yes, children are unpredictable and do rash things, and it is very good you caught on so quickly as to what had happened.
I imagine it was quite a learning experience for this child with a healthy and proper talk about information regarding this event, and possibly occurring future events.
I do hope the child has learned to trust you from this, to be able to approach you calmly and have a conversation with you before doing anything on shady links.
I do hope a GM helps you quickly. Having lost my own account once before in WotLK, about a week with it locked before I got a response on the ticket… that wait was not fun at all.
But it is, you have to input your password to authorize purchase except for recurring subscriptions. So your son has clicked the link (which needs external software to do also) and then inputted his login details to an unverified website giving the hackers his password.
This can be easily avoided by
- teaching your child basic internet safety
- setting up the appropriate 2fa on all your accounts that he has anything to do with which includes your PayPal
- setting up parental controls on his blizzard account that stops any and all purchases on the account without your personal authorisation.
You can blame blizzard all you want but a vulnerable account in the hands of a child is responsibility of the parent first and foremost.
No. This was automated and used the paypal account linked. My son does not have access to it. I think this was a session stealing hack that attempted to purchased a number of gifted 3 months subs sent to an email address (that of the hacker).
No entry of credentials required.
Hope this clarifies.
- he knows
- already done, well before this incident.
- not required. all purchase options have been removed.
Links in chat? Default chat doesn’t post links.
Sorry but you have to be pretty special to click a random link on WoW. Everyone knows not to do that sort of thing.
I seriously doubt they have a click URL API. The OP’s son must have copied ans pasted it.
Yep, my bad.
Was just mentioning it to point out to the OP that asking Blizzard to deal with it isn’t really putting blame where blame’s due.
And despite that you run addons that make functional links in chat and don’t use an antiscript/popup blocker on your default browser? (especially so if your son has access to it) 
That’s pretty sus
And yes I have read the follow up replies. Point is the same.
you have not followed the conversation. This happened to my son, on his computer.
He is not using any addons.
The exploits seems to be a session being stolen to use payment methods linked to the battle.net account and bypassing any security in place such as passwords and authenticators.
Hope this clarifies, a lot of people seem to be jumping in without reading.
Then he manually wrote down the link, because the game doesn’t provide anything to click links from the chat normally.
Or he used the bnet app and someone wrote it to him in a bnet whisper.
The default game doesn’t have that function though, so your son probably lied to you about something.
Makes no sense. We ain’t talking about a script kiddie here, we’re talking about real magic.
He must have manually wrote the link since there are no addons installed. Why would he do that is a mistery.
Anyway, moral of the story: Never save your payiment methods and don’t make your son play games that have your credit card/PP attached on his unprotected PC.
in any case. his PC got wiped clean.
In any case, it’s not something Blizzard can do anything about. Your son should just learn to google links he gets in bnet whispers before clicking on them, and not use addons that allows for clickable links in chats. And most of all, he shouldn’t manually check links by typing them in just because he read it in a WoW chat.
Sorry but he did one of these things, and he clearly didn’t tell you the whole truth.
That’s scary, why would Blizzard allow that!
Ah damn it, I have to go back on that, apparently it’s not possible to do that in the API. Sorry, absolutely my bad. Apparently copying is all it can allow. Either way, that son did bad.
Then he copied and pasted it.
I wish they would allow copy-paste in the default UI. Then again OP demonstrates why that might be a bad idea.
1 Like
Outside of jokes of being a bad parent for getting your kid addicted to this game very sad to hear it happened to you. I’d advise your kid to leave /4 and /5 perma and never click leaves which make you leave wow cuz at the end of the day you getting your stuff taken for clicking a fishy 3rd party not verifted link is on you. But blizzard not helping you guys faster is on them
Yeah sure and pigs do fly
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.