Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Account locked due to suspcious activity.

Forum Avatar
Cia
#0 - Sept. 24, 2010, 5:37 p.m.
Blizzard Post
Hi,

A little background first. I'm Australian. I've been playing wow since release. For the past four years I've lived (and played wow) in Japan. I've had no issues with the game, logging in or otherwise in that time.

Until about two weeks ago that is.

Initially I thought my account had been compromised. I virus scanned, logged on with a secure device, changed passwords, etc. While logging on to check my characters my account was locked another three times. Odd.

I sent GM tickets and an email to customer support. One reply suggested changing my MAIN address associated with the battle.net account to my Japanese address. This was a successful solution for about a week. It has since started happening again.

I'm all for added account security, but locking my account five times a night because I have an Asian IP address is a bit much.

Forum Avatar
Zenlyth
#9 - Sept. 27, 2010, 7:05 p.m.
Blizzard Post
Heya Cia,

Unfortunately, this can happen when there are changes to where you are logging in from, you should be able to reset your password from the link that is sent to you in this email. Please always verify headers on emails sent from us, to verify that the email is legit.

    http://us.blizzard.com/support/article/25133

    What should I look for in the header?

    Email headers contain information about the sender (who sent the email message), the path the email took to reach your inbox, and things that may have happened to the email before arriving. This information is very important and can be used to determine whether or not an email is malicious.
    Once you've accessed an email's header information, you'll want to attempt to verify the sending address. To do this, look at the "Return-Path" or the "originating address" for the email. For most phishing emails, the email address displayed in this location will differ from the address displayed in the "From" field.

      A legitimate header from Blizzard Entertainment should look something like this:

      X-SID-PRA noreply@blizzard.com
      or
      Return-Path: < noreply@blizzard.com >
      Received: from smtp01.worldofwarcraft.com ([XX.XXX.XXX.XXX]) by…
      Received: from … by smtp01.worldofwarcraft.com …
      for <Your Email Address>; Tue, 29 Jan 2008 10:46:05 GMT
      From: noreply@blizzard.com
      To: You’re Email Address


    If you believe you've received a phishing email, please forward the email to hacks@blizzard.com , at your earliest convenience. When forwarding the email, copy and paste the entire email header into the message body to ensure that we are able to identify the source. This information will help us prevent future phishing emails of the same type.
For similar emails and what to look for when you receive emails from us, please visit this thread:
http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1