Official "My account has been compromised..." Thread

245

Comments

  • unbound55unbound55 South Riding, VAMember UncommonPosts: 325

    Originally posted by Palebane


    [Mod Edit]

    Although I am completely with you that Activision-Blizzard is really only about money anymore, I am sorry to inform you that stopping hackers is actually quite a bit harder than simply throwing money at the problem.  The authenticators were actually a good idea, but the keylogger / auto login virus is really rather neatly done and effective.  The hack is considered a man-in-the-middle attack at the end-users computer...therein lies the primary problem with any of the security efforts (even the best companies that truly focus on security)...the end-users computer is not under Blizzard's control and can be compromised.

     

    To some of the more interesting posts claiming that no hacker will spend their time trying to hack into the authenticator, I have a rather simple question...why has it been done already?  The first confirmed report of the hack was back in March and it is still happening.  It is real because the hacker spent a few dozen hours to write something that hacks into a process most people think is so secure, they become lazy about the rest of their security.  Now the hacker sits back and waits for his program to tell him that he can log in (probably logs into the game for him...giving him plenty of time before the login times out).  Sell everything, send money to his toon, delete all characters in the matter of a few minutes.  Rinse and repeat.  Now he has plenty of gold to sell for real cash.  Total initial time was probably 40-80 hours, and he's probably getting an equivalent of $100-$200 an hour thereafter.  Probably spend 100 hours or so before Blizzard figures out how to interfere with his virus...time well spent on his part...

  • LogansanLogansan BrisbaneMember Posts: 45

    Originally posted by Dysanweb


    Originally posted by DLangley

    Please use this thread to discuss account compromise issues. This can include phishing emails, account hack stories, scams, ETC. This is being done in an effort to consolidate the new posts being created daily on the same topic. Thanks.
     
    Also, please remember our Rules of Conduct when posting.

     i receive like 3 email every 2 or 3 day's about my account of wow, they always use a different kind of email and they try to get my password...what is strange is that i get those email only after i "resub" to the game for 1 month...

     

     I stop playing WOW a couple of years back. I very rarely recieve any of these types of emails, let alone ones targetting WOW. However, about two months ago I started to play again and the day after I created my account on battle.net I started to recieve these emails. Since then I've been getting about two or three a day (99.9% of then targetting WoW).

    As such it's obivous to me that there may be way for people to see what email address are been used to sign into battle.net. I still cannot see any reason why they changed to signing in using your email address. To me, all it did was removed one level of security.

  • TalRashaTalRasha GroningenMember UncommonPosts: 827

    Originally posted by nAAtimus

    I get e-mails that are obviously phishing attempts, and out of curiosity and for grins, follow the links.  Then my browser goes HOLY SHIT WTF THIS IS SITE IS A FORGERY (paraphrasing of course).  Anyone else get this?

     You better have your compter very secury before you follow these links for grins.

    My co-worker also clicked such a link from email and closed the browser as soon as he got the forgery warning.

    However, his characters were stripped the next day. Aparently just visiting the site was enough for malware to be installed on his computer.

    Just remember that any leaks in browsers are usually fixed only some days after someone has fallen victem to them.

  • Gabby-airGabby-air surrey, BCMember UncommonPosts: 3,440

    Originally posted by ZenNature


    Originally posted by Gabby-air



     

    Yes, I log into my battle.net account from the official website when I get a E-mail that seems real just to make sure and this time i did exactly this when i indeed was hacked as once I changed my password as suggested i went to the armory to see what had changed ot find out my leatherworking was exachanged with mining and already at lvl 409. Also as you said, the official e-mail did indeed have no hyperlinks but actual link so i followed that.

     

    Not entirely sure you understood me right. I'm not making any distinction between a 'hyperlink' or an 'actual link' in an email from Blizzard. Don't use either one. Never go to a website by clicking on something in an email. I don't care if you think it's the US government saying you will be shot dead if you don't click on the 'actual' link to the white house. Don't believe it. That's how people get hacked by believing it's an 'actual' link because of how it looks. The only way to check your account is search for (google, yahoo, etc.) "world of warcraft" and go to the main webpage, or use a bookmark in your browser directly pointing to http://www.worldofwarcraft.com or http://www.blizzard.com. Never go to it any other way, or use any other website address, because anything within an email or alternate website can appear to be one of those two main websites but it will send you somewhere else instead i.e. an exact replica of the main website asking you for your account name and password. I keep getting the feeling this is what people keep doing and thinking they aren't doing anything wrong, when it's the #1 reason accounts get hacked.

    No, I understand what you saying and like stated I only log on using the official website to see if my account is actually in jeopardy but when your hacked you HAVE to use the link blizzard sends you as its one of those specially made links like verification ones websites send you. Also, the link I went on was indeed Blizzard's as my account was restored after doing what that E-mail told me to. It's been a couple of days and I still haven't found how I was hacked aswell, but like other people said it seems when I clicked on the phising link that was enough to compromise my account. But how exactly it got my information without putting anything on my computer is beyond me.

  • RenoakuRenoaku Member RarePosts: 2,289

    How to keep your wow account from getting Hacked, Kelogged, OR Stolen.

    1. Buy a blizzard Authinticator, its like $5, or $10 dont remember but its cheap, and saves you trouble.

    2. Use a Registered account different from all games if you wish.

    3. Never Reply, or Click on any Links in wow suspension emails, You can tell if its a scam if you put mouse over, and the link has over codes in the link, or goes to another website, for example World OF Warcraft Scam Example This link takes you to msn, except theirs takes you to a fake website, most emails say you have been suspended,banned, or warned, ect.

    If you have questions about banned/suspension go to www.worldofwarcraft.com Dont click them, simply delete them.

    Also placing your mouse over these fake links will show the website at the bottom of your internet explorer page, and there are other ways to tell too.

    Also check the spelling of the weblink.

    Never type your password in on these sites, or user name.

    4. Dont login from public Computers.

    5. dont use Remember account name, and remember password. Why? MD5 Encryption sucks, and anyone can login to your account if they get your files.

    6. Dont use addons from curse gaming, without Blizzard Authinticator, this is the way my account was compromised twice from their addons, I am 100% sure of this because Until I got one I keep getting keylogged, none of my dozens of other games were compromised, and it was one of their addons not sure which, but once i got this my account compromise was over, or any addons on general, nothing is 100% safe if it did not come from blizzard.com

    7. Get a good Anti Virus, Over the years, I recommend AVG Internet Security, Vista, Windows 7, And or Zone Alarm for Firewall. McAfee, Norton I hate them, they also have NOD32/Eset Anti Virus never tried it but I hear its good.

    There are free programs called HiJack This, Comm View, and Adaware Free edition to check for spyware, and such. Comm View checks for spyware which is relaying data without consent but requires a little experience to use it, and monitor packets, although it costs for that one.

    8. Get a Router Seriously, Get one that Blocks pings from your Computer/Network, and DDOS attacks, Update its firm ware, turn off wireless mode unless your using it, and if you are enable encryption, and disable public.

    9. Clear your Cookies, Dont Disable UAC, Clear History, Clear Temporary Files, Run Disk Cleanup, Clean Registry.

    Spyware, and spyware sites can use Cookies, and simple Java Script, or Tool Bars to send Data, Keylogg passwords, and such. An experienced or some what experienced programmer can do this realy easy.

    10. programs like Bonzi Buddy, Commet, Smiley Central, Tool Bars, like MSN Tool Bar, yahoo ToolBar, ASK.com ToolBar, and such slow down your browsing, and some of these can compromise security MSN is good, it just slows down browser experience about 00.5 Seconds maybe a bit more, and If you dont mind that its fine, but all the toolbars are not needed, if you want to use a search engine just go to that site, and google is the best IMO.

    Watch what you install, Read the Agreements, TOS, EULA, Dont use Punk Buster, although people will say its okay it can lead to computer compromise, and there are alternatives like Steam, which I have used since 2005.

    Commands For Run Menu, to improve performance Windows Vista, some work with XP.

    Msconfig, Startup, disable what you dont use, Services as well hide all microsoft services, dont mess with what you dont know.

    %TEMP% Vista, might work on XP, delete all your Temporary Files, where spyware might hide often.

    Vista, Command Prompt SFC/scannow This checks system for errors, and attempts to fix them.

    Defrag Often, and Use ScanDisk at least once a month most recommend some every week, but if your really careful you dont have to do any of this often. I recommend Perfect Disk for such, it costs money, but its a tiral, and its the best I have ever used personally.

     

    Keyloggers do not always show up on Anti Virus, or spyware scans, and if I still played wow, I could easily find out which addon did this to me, and I would have that person.

    While some people may disagree with some of these things, it is what I do, and the only time I have ever been compromised is by my own mistakes, such as installing addons, not having an authinticator, or being stupid with programs like Emerald Viewer which is spyware developed by Emerald Team/Skills Hak, and Second Life, which has hacking on a daily basis there. If you do what is said here to prevent your own compromise, you shouldn't have a problem, as never has a game account besides my wow account ever been compromised before due to addons, which work and send data when wow loads only.

    And Last, if your account has been compromised for sure follow the steps here.

    http://us.blizzard.com/support/article.xml?locale=en_US&articleId=20460

     

    image Here is an example of a scam email and what to look for.

    Also I forgot to say, dont Put your email public profiles, or on the internet, Spam bots will get your email, and you will get these type of spams as well. 10minutemail.com for temporary email accounts, and or create a new email you dont mind getting spam for myspace and such public sharing. To see if your email is on the spam bot list google.com search for your email there. Often people have done these type of things, also buying from gold sellers.

    image Here is an example of how gold farmers find you, and attempt to compromise your account. Also 1 compromised account can mean more than one banned account from  wow if someone buys that gold off a website, and Blizzard tracks it to them.

     

    Last Im not going to say its impossible to hack a wow account still even with all these steps, Knowing your basic RL Info, I could gain access with a simple phone call to Blizzard/Troll, and a dumb person on the other end. Also its not impossible that authinticators will work forever,  someone could crack the one time use codes some how, and that is one reason you never give out your Code for your authinticator in the back of it, but if someone working for them did some illegal stuff, or  gave the knowledge of how these worked out, or their database some how got hacked, this could still happen, although if no type of compromise happens at the players end, it is highly unlikely that this would happen from Blizzards Servers, but not 100% Impossible, as anything can be hacked. I have seen some really good troll calls to companies RL, and seen people get banned,suspended over such, or compromised in the past.

  • BeermanglerBeermangler Cluj NapocaMember UncommonPosts: 402

    This should be renamed to "I`m retarded and click each and every link I get in the mail without checking the actual URL" Thread.

    Better to be crazy, provided you know what sane is...

  • RobokappRobokapp Dublin, OHMember RarePosts: 5,898

    one addon from curse that I KNOW for sure is truble is called "Ignoremore".

     

    with an authenticator I had an attempted attack when I enabled it, a week later i enable it again, another attack within hours.

    image

  • Goonies1632Goonies1632 Astoria, ORMember Posts: 20

    I'm copying and pasting this from a locked thread since it will just get buried, but hopefully not this one.  I've browsed through most of this post and haven't seen anyone mention using a sandbox so I just wanted to let people who go through this type of inconvenience know what alternatives they have beyond a virus protection suite so I recopied my post in the locked thread here.

    Originally posted by Slovenc

    dont want to pay for a authenticator and the guy got my password because of a keylogger if u know what that is... so ye i scanned the comp found the keylogger yadayadayada and now im palying my free month yepi lol

     

    If you are going this route you better make sure to have better security on your end. I suggest running or even installing your pirated stuff,  if you're into that sort of thing... along with your browser in a sandbox via Sandboxie. And make sure you are running the NoScript Add-on through Firefox.  If you have an iPhone or an Android you can get the mobile authenticator software for free I believe I don't know for sure because I don't have an Android, an iPhone, or the Authenticator.  But beyond using an Authenticator, Sandboxie or sandboxing (chroot for unix/linux) in general will always be a very integral part of computer security and should be used even when not playing games.  Becoming exposed to any sort of keyloggers is a serious issue, and doesn't need to be taken lightly by just using an authenticator for a quick fix.  Once you get going with Sandboxie for awhile, and start to experiment with it you'll learn some very helpful tricks that you'll find are better than almost any other protection out their beyond CPU hogging live virus scan software (if you're on an older machine that's what it will do) or unplugging your line.

    Sandboxie 3 Part YouTube Review 1,2,3

    Mobile Authenticator Location

    Login to your account via Battle.net then you'll see this link click it, then it will bring you to another screen where you click this first.

    Then this second.

     

     

    You could also look into KeyScrambler:

    Taken from QFX Software Website


    How KeyScrambler works

    KeyScrambler encrypts your keystrokes deep in the kernel, as they enter the computer.

    It then decrypts the keystrokes in the destination application, so you see exactly the keys you've typed.

    Whatever keylogger might be waiting along the crucial path in the operating system has only the encrypted keys - "scrambled" and indecipherable - to record.

    http://www.qfxsoftware.com/

    But the fact is I've never tried it, and don't have a license for the more advanced portion of the software.  It almost sounds to good to be true, but again I don't have any experience with it.

  • vanderghastvanderghast cresco, IAMember UncommonPosts: 266

    first off it's BS the 2 threads accusing blizzard of being behind the hacking are locked.  They were different topics than this one.

     

    Secondly now that other people mention it, i tend to agree.  I had my account hacked last year.  I hadn't been playing the game in like 4 months and they had a come back free for 7 days thing so i installed wow and logged in.  It showed my account as active under some other promotion, i thin resurrect a friend or something and i didn't think anything of it till i logged in and my characters were all naked.  I hadn't played the game in 4 months and they had just gotten around to hacking in then?  I'm an IT professional, specializing in security for the last 15 years.  I know how to check for keyloggers and i've never had one, i don't get the stupid phishing emails to the email address i actually have my wow account and yet somehow i was hacked?

     

    Would love to have that one explained to me as to how they managed to hack my account 4 months after i had been playing when i had no keylogger and no virus.  I definately think blizzard is behind it to sell authenticators.

  • Panther2103Panther2103 Edmonds, WAMember RarePosts: 3,469

    Originally posted by vanderghast

    first off it's BS the 2 threads accusing blizzard of being behind the hacking are locked.  They were different topics than this one.
     
    Secondly now that other people mention it, i tend to agree.  I had my account hacked last year.  I hadn't been playing the game in like 4 months and they had a come back free for 7 days thing so i installed wow and logged in.  It showed my account as active under some other promotion, i thin resurrect a friend or something and i didn't think anything of it till i logged in and my characters were all naked.  I hadn't played the game in 4 months and they had just gotten around to hacking in then?  I'm an IT professional, specializing in security for the last 15 years.  I know how to check for keyloggers and i've never had one, i don't get the stupid phishing emails to the email address i actually have my wow account and yet somehow i was hacked?
     
    Would love to have that one explained to me as to how they managed to hack my account 4 months after i had been playing when i had no keylogger and no virus.  I definately think blizzard is behind it to sell authenticators.

    But the authenticators are free. Theres an application for the authenticator for smart phones that you can just download on there. So how does that statement work? Even then they do have to pay for shipping, so the amount they make off of them wouldn't be worth it. I really doubt a company that large would risk making a small amount of money by doing something like that. 

  • IselinIselin Vancouver, BCMember LegendaryPosts: 9,929



    Originally posted by vanderghast
     I definately think blizzard is behind it to sell authenticators.

    Nah... that's tinfoil hat territory: unreasonably paranoid. On the other hand, I consider it highly unlikely that the magnitude of this problem can be dismissed as "user error."

    Others have said it well (in the locked thread.) It is very likely that an underpaid and/or disgruntled or just plain greedy "insider" is feeding some info to spammers for profit.

    I recently reactivated my account after a one year absence. During the time I was away I received zero (0) WOW phishing emails but within 2 days of reactivating I started receiving the obvious "there has bean a complain about youse" scam emails at the email address I use for WOW... how did this happen so quickly? I use no add-ons, have never bought gold and am pretty careful with AV software, use a secure router, etc.

    The simplest explanation I can come up with is that someone at Blizz/Battlenet sold my email address and the fact I had just activated to the scammers and/or is responsible for the scams him/herself.

    I'm not accusing Blizzard itself of doing a calculated money grab. I find that premise ridiculous if for no other reason than the potential rewards (a buck or 2) just don't justify the risks of permanent damage to their reputation.

    But every organization of any size--and Blizz is rather large--has liars, thieves and other scum....

    So summing it up, imho...

    Blizzard itself doing it: zero chance
    Nothing but user error: zero chance
    Some user error: yes
    Some insider selling info: yes

    When you come to a fork on the road, take it.
    You can observe a lot by just watching.
    No one goes there nowadays, it's too crowded.

    -- Yogi --
  • darkaxdarkax tulsa, OKMember Posts: 9

    my account got hacked, could not get ahold of blizzard by phone for a week, finally sent emails, they replied to me saying that the email address on the account does not match mine therefore there is nothing they can do for me.  So the hacker changed the email address, blizzard wouldn't do anything, so i am officially done with that company.

  • Goonies1632Goonies1632 Astoria, ORMember Posts: 20

    Originally posted by Panther2103



    But the authenticators are free. Theres an application for the authenticator for smart phones that you can just download on there. So how does that statement work? Even then they do have to pay for shipping, so the amount they make off of them wouldn't be worth it. I really doubt a company that large would risk making a small amount of money by doing something like that. 

    Not everyone has a smart phone.  So for those that don't the cheaper alternative OTP device looks much better on your bottom line.  And it is a waste of money when you could put that money to other software/device purchases that deal with security as a whole instead of just one program/game.

  • VyavaVyava Lauderdale, MNMember Posts: 893

    Originally posted by vanderghast
     
    Would love to have that one explained to me as to how they managed to hack my account 4 months after i had been playing when i had no keylogger and no virus.  I definately think blizzard is behind it to sell authenticators.

    Simple, most people use logins across multiple services and many services are not all that secure. Website databases are breached constantly just to acquire email address lists to sell for spamming and the login info is usually sold right along with it. Not to mention simple to aggregate information such as forums and such which list metric information for other users to see.

    An IT professional should realize how often people create their own security holes as well as the fact that people do not routinely update their passwords and such. Every month I have to force R&D employees to change their passwords and have it setup to reject previously used passwords to maintain a basic level of security maintenance. 

  • AmarandesAmarandes Millbury, MAMember Posts: 104

    FYI, for anyone who had their account compromised. Blizzard introduced a new auto-account recovery form last week. I'll link you to the forum post on it instead of directly to the website.

    http://forums.worldofwarcraft.com/thread.html?topicId=26859148968&sid=1

    Use that and you won't have to go through the pain of having to call or email customer support.

  • tepthtanistepthtanis Houghton, MIMember Posts: 545

    Took them how many years to implement something that has been around since Moses? Yeah wow.

    Played Wow, D and L, AOC, GW, Eve, Rift and many more insignificant games.

  • tepthtanistepthtanis Houghton, MIMember Posts: 545

    Oddly enough, u folks wouldn't have had these probs a couple of years ago if certain parties weren't so greedy... but cutting corners happens when you are making lot's of money and the average age player buying the product is 16. I feel a warning coming...:P   

    Played Wow, D and L, AOC, GW, Eve, Rift and many more insignificant games.

  • ScelesticScelestic Peoria, AZMember UncommonPosts: 14

    LOL. I seriously think WoW/Blizzard 'hacks' the accounts, does some stuff to them, So that you catch wind of it and your like pasmlkdmakosd wtf?! and go check your wow account, drawing you back into the game for atleast alittle while.

  • PhilbyPhilby Pottsville, ILMember Posts: 849

    Originally posted by tepthtanis

    Oddly enough, u folks wouldn't have had these probs a couple of years ago if certain parties weren't so greedy... but cutting corners happens when you are making lot's of money and the average age player buying the product is 16. I feel a warning coming...:P   

    I would like a link that states the average age of  a WOW player please.

    WOW isnt great because it has 12 million players. WOW has 12 million players because its great.

  • urthal22urthal22 Asbestos, QCMember UncommonPosts: 108

    Calling Blizzard's account support is anything but hard or complicated.

    The longest it ever took me was 1hrs 40min wait time... Place the phone beside ya on Speakerphone .. and just do other stuff on your PC or around the house.

    They also dont waste time once you are awnsered to help you.

    Dont waste time with Emails , they take forever and will all the Email Forging Gold Sellers do. your more likely to Compromise your account a 2nd time while trying to get an awnser from Blizz themselves.

    And in game tickets ... if you can log in... is Pointless it takes even longuer than a Email, And usually they will refer you to the support website to call or email them.

     

    as for the new Form. Dunno.. Somehow i have a feeling it would take time after you file the report since they receive them in a form of Email once its sent.

     

    Phone Support Shall always win... for now at least.

  • jessianjessian glasgowMember Posts: 277

    Can i ask the mods why my thread and another thread accusing or stimpulating Blizzard is behind ALL these hacks in the first place?

    Those threads are totally different to this point, i find it laughable that Blizzard has now turned security to access their database into a cash cow!

    So i challenge blizzard here and now to prove i was subject to a keylogger hack !  that got "someone" access to my account answering all my questions perfectly yet at the same time requires and i qoute...

    "


    Attach ID Here


    Please provide a scanned scan or photo of a piece of government-issued photo identification, such as a passport or driving license matching the first and last name of the registered account owner. The file must be under 5MB and be in the jpg, gif, or bmp format.


     


     


    Okay now Blizzard are asking for Photographic proof of my passport ?   i dont bloody think so Blizzard.  This is totally against the data protection act here in the UK


     


    now when i opened or created a new account was i asked this VERY same QUESTION ?


     


    Did we all submit our passports? so how can you prove my ID is linked to my account?  MY CD key should be sufficent..


     


    This is Blizzard Scamming you for more Personal ID and DO NOT give it over here in the UK.


     


  • duomenoxduomenox Phoenix, AZMember Posts: 14

    Originally posted by jessian

    Can i ask the mods why my thread and another thread accusing or stimpulating Blizzard is behind ALL these hacks in the first place?
    Those threads are totally different to this point, i find it laughable that Blizzard has now turned security to access their database into a cash cow!
    So i challenge blizzard here and now to prove i was subject to a keylogger hack !  that got "someone" access to my account answering all my questions perfectly yet at the same time requires and i qoute...
    "


    Attach ID Here


    Please provide a scanned scan or photo of a piece of government-issued photo identification, such as a passport or driving license matching the first and last name of the registered account owner. The file must be under 5MB and be in the jpg, gif, or bmp format.

     

     

    Okay now Blizzard are asking for Photographic proof of my passport ?   i dont bloody think so Blizzard.  This is totally against the data protection act here in the UK

     

    now when i opened or created a new account was i asked this VERY same QUESTION ?

     

    Did we all submit our passports? so how can you prove my ID is linked to my account?  MY CD key should be sufficent..

     

    This is Blizzard Scamming you for more Personal ID and DO NOT give it over here in the UK.

     

    LOL, you have to stop reading those phishing emails.

    They are not really from Blizzard.

  • jessianjessian glasgowMember Posts: 277

    Dou,

     

    just shows how much YOU know

     

    https://eu.blizzard.com/support/webform.xml?locale=en_GB

    half way down this link you will find this part...

  • duomenoxduomenox Phoenix, AZMember Posts: 14

    Originally posted by jessian

    Dou,
     
    just shows how much YOU know
     
    https://eu.blizzard.com/support/webform.xml?locale=en_GB
    half way down this link you will find this part...

    LOL... again!

    If you didn't read (and take seriously) the phising email in the first place, you would not be in the position you are in right now.

  • jessianjessian glasgowMember Posts: 277

    Originally posted by duomenox


    Originally posted by jessian

    Dou,
     
    just shows how much YOU know
     
    https://eu.blizzard.com/support/webform.xml?locale=en_GB
    half way down this link you will find this part...

    LOL... again!

    If you didn't read (and take seriously) the phising email in the first place, you would not be in the position you are in right now.

     lol.. and you honestly know i opened and READ that email ???

    LOL you are one real troll

Sign In or Register to comment.