Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Protecting yourself in WoW.

HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

This thread should be a place to post things to do and or look for.  Save the discussion about why's and how's for other threads.


1. Don’t give your Warcraft username/password to anyone.

Including WoW power-leveling services. This seems like common sense, but many have fallen victim to the allure of having a level 80 toon. If you want to level quickly, buy a legitimate WoW leveling guide or WoW class guide to teach you how. Giving your account information to a WoW leveling service just gives your account away.

2. Use a different username/password for WoW-related websites.

Does anyone remember the GuildPortal hack of 2007? Many users found their accounts stolen after hackers exploited the site and gained access to many usernames and passwords. Unfortunately for many users, they used the same username/password for WoW and GuildPortal. Guess which GuildPortal users got their accounts stolen?

3. Never buy Warcraft accounts.

Yeah, the allure of being a level 80 immediately is there, but you can use Zygor’s Guide and be there in less than seven days. You may get the account banned (especially if you bought the account from someone who plays on a different continent), or more likely stolen back along with whatever you paid for the account.

Remember where I pointed out you can use your ID (drivers license, passport, etc.) to get your account back? Well so can whoever sold you the account. And who are you going to complain to?

4. Don’t buy WoW gold.

Ooohh! A shiny!

Well, that shiny that costs a few hundred (thousand?) gold can be had for about $15 per 1000 Warcraft gold pieces. And Blizzard can notice continuous deposits into your account of 1000 or 2000 gold. Bye bye account! Gold is not terribly difficult to come by, and there are several WoW gold guides that can show you how to master the Auction House, great farming locations, and tips the best gatherers and professionals use

and all legit.

5. Never share your WoW account with a friend.

Even if your best friend since third grade wants to play on your account, do not share your information. Your best friend may be completely reliable, but if he goes home and plays your account on his own computer, you have no control over Windows updates, virus scans, malware checks, etc. His computer keystrokes could be hijacked, and with them your Warcraft account. This leads me to my next point …

6. Don’t log onto WoW on computers you cam’t trust.

Your computer is the only computer you can trust. It’s your WoW account on the line.

7. Update your computer.

I really do not understand why this is a hard one for people. Turn on Windows Automatic Updates. Let your anti-virus program auto-update. Enable your firewall. Run malware scans. Some of these things used to be hard, but no longer.

Free programs include AVG for anti-virus, Zone Alarm for your firewall, and SpyBot for malware. Accept that people are trying to hack you and steal your account. You lock the door to your car and house, right? So do the same to your computer.

8. Stop using Internet Explorer.

Most Internet exploits are written to take advantage of IE, so using Firefox, Opera, Safari or Chrome makes you less susceptible to browser-based attacks. Firefox is becoming more and more of a target, though, so consider one of the other major browsers for your web surfing needs. At the very least, you should use Firefox’s NoScript extension to stop third-party scripts from running on websites.

9. Never use a WoW add-on that comes in an .exe file.

The .exe means it is an executable file instead of a file that works with the Warcraft interface. This means a program will be run upon installation of the add-on. Typically safe extensions end with a .lua, .tga, .txt, or .xml extension. Other extensions may exist, just watch out for .exe. You may need to open up the .zip file and browse through the add-ons files to find this type of file. A pain, but well worth it.

10. Don’t use WoW hacks you find online.

This one could get you banned, have your account stolen, or both. Many of these hacks (not in-game exploits) play on your greedy desires to get access to accounts, gold, items, whatever in an attempt to rule WoW. The people that publicize these hacks in many cases are not publicizing hacks at all, but rather getting you to infect your own computer through your own greed. They are smarter and more talented at stealing WoW accounts that you could ever be. They will happily own your dumb ass, and if you try and pull this crap off you deserve to have your account stolen or banned.

11. Don’t try to recover your WoW account via hacks.

First of all, your computer may already be compromised and you do not even know it. Looking around the Internet for more hacks is just an open invitation for hackers to further corrupt your machine. Second, Blizzard has mechanisms in place to recover your account including sending in a copy of your valid ID. Check your machine out, update it, run multiple virus scans and malware checks, possibly even completely reinstall your system. Then go through the process with the Warcraft customer service reps.

12. Use the Blizzard Authenticator for two-factor authentication.

Two-factor authentication is a techie term for using two different methods to validate your login. You still use your username and password, but this keychain fob displays a six-digit number each time you log in, and is linked to your WoW account via the Account Management screen on the Warcraft website.

Each time you log in you press the button on the key chain, type in the code where prompted, and you are in. Even if a keylogger is installed on your computer and your username and password have been stolen, the authenticator makes it significantly more difficult for hackers to steal your WoW account. And Blizzard sells it for cheap $6.50 for U.S. customers.


  • SanguinelustSanguinelust Plainfield, NJPosts: 802Member Uncommon

    You could have easily just have said "use common sense" and saved yourself the fingertip blisters image

  • HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

    Another note for those that use Curse.  Curse does allow some .exe add-ons.  While they say they check and recheck these.  If you do not have the skill to check these yourself you are placing your faith in someone else.  I am not saying that Curse is out to get you, but things can slip by or be hidden well in the code. 


    In short be very very careful if you want to use an .exe add-on even if it is "safe".

  • SanguinelustSanguinelust Plainfield, NJPosts: 802Member Uncommon

    Actuallt the authenticator is the best piece of advice there and if you have an iPhone you can get the app for free, at least when I got it it was free. You may be able to use other smart phones, I'm not sure on that, but I know for sure the iPhone has it.

  • HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

    13.  Never click banners on guild sites and becareful of banner on gaming sites.

     Again this is not a statement that sites are out to get you, but once again things can slip through the cracks.  Always check where banners are sending you before clicking and never accept a download of a free beta trial, system scan, item, guide, anti-viral trial, etc.  If these are for real navigate yourself to the game/software's site and find it there.  Banners can be scams.  Remember in life it is always safe to assume nothing is free. 

  • HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

    14. Nothing is perfect.

    This is a thread about man-in-the-middle attacks.  Just because you get an authenticator does not mean you can relax and just let go.  In the computer world the best defense is the best defense.  If any part of your computer's security get lax because you do not keep it up then no random number generator is going to protect you.  Hacking WoW is money and where there is money there are people willing to invest time in getting it.

  • HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

    15. Adobe Flash

    Keep it updated.  /end of line

  • HorusraHorusra maryland, MDPosts: 2,607Member Uncommon

    16.  Don't get lazy.

    Make sure you are updating your add-on's and managers from the real sites.  Not from a site saying it is linked to the updates.  GO TO THE SITE YOURSELF.  Do not trust a link before you check the path.  A keylogger was reportedly delivered via a fake site for the Wowmatrix addon manager. The site was created to look and feel like but, instead of downloading and installing the addon manager, the keylogger was installed instead.

  • DinendaeDinendae Pekin, ILPosts: 1,264Member

    Originally posted by Sanguinelust

    You could have easily just have said "use common sense" and saved yourself the fingertip blisters image

     'Common' sense is ,uch like common courtesy, it's not common at all.

    "Oh my, how horrible, someone is criticizing a MMO. Oh yeah, that is what a forum is about, looking at both sides. You rather have to be critical of anything in this genre as of late because the track record of these major studios has just been appalling." -Ozmodan

  • windasmwindasm EREA, KYPosts: 87Member

    17. Read all of the ops post above and feel free to ask questions.


    18. To protect yourself from key loggers if you think you might have one: You can always type in extra chars in a pass word at specific locations. Then select with your mouse and cut them back out. I do this alot if I'm not on my own computer.

  • winterwinter El Paso, TXPosts: 2,277Member Uncommon

    19. Always wear a condom.


      Oh wait...

  • KyleranKyleran Paradise City, FLPosts: 20,164Member Uncommon

    Very sound advice Horusra, thanks for posting this up here.

    In my day MMORPG's were so hard we fought our way through dungeons in the snow, uphill both ways.
    "I don't have one life, I have many lives" - Grunty
    Still currently "subscribed" to EVE, and only EVE!!!
    "This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon

  • AzureProwerAzurePrower AustraliaPosts: 1,510Member Uncommon

    Then once people follow the above useful advice and their accounts still get compromised? What then?

  • KilorTheMeekKilorTheMeek Upland, CAPosts: 260Member

    Originally posted by AzurePrower

    Then once people follow the above useful advice and their accounts still get compromised? What then?

    If someone claims to follow the all advice above to the letter and still gets compromised... they didn't follow the advice to the letter... they missed something and got caught with their pants down.

    Never argue with an idiot. He will drag you down to his level, then beat you with experience.
  • AzureProwerAzurePrower AustraliaPosts: 1,510Member Uncommon

    Originally posted by KilorTheMeek

    If someone claims to follow the all advice above to the letter and still gets compromised... they didn't follow the advice to the letter... they missed something and got caught with their pants down.

    aaaaaand there's the obvious reply I was expecting.

    You are never safe, no matter how cautious you are.

  • Bama1267Bama1267 Waterloo, NYPosts: 1,847Member

     Sound advice, Ive been playing since beta as well as my fiance ... never been hacked. We have several accounts each, none have ever been hacked. Sometimes shti happens I suppose, Ive known numerous people who I would find competent have been hacked ... but not me.

  • KilorTheMeekKilorTheMeek Upland, CAPosts: 260Member

    I am safe because I know what I'm doing online.  In addition to already following all the advice above, my LAN is behind two very sophisticated firewalls.  Even if I do get spyware that compormises Windows (which would be a pretty amazing feat by itself), it can't compromise my hardware firewall.


    BTW... #20 for the list:  Stop using Internet Explorer and download Firefox or Chrome.  Both are far more secure than IE8, and they run faster.

    Never argue with an idiot. He will drag you down to his level, then beat you with experience.
Sign In or Register to comment.