Originally posted by NightCloak I dont beleive that all of the users are at fault. If I was at fault, then I would not have gotten my account back.
My password also consisted of no dictionary words, contained 2 numbers and was 9 characters long. Not a very easy password to brute force. I sincerely believe there was a weakness in Blizzards authentication system.
Blizzard doesn't punish users that make mistakes and get their accounts hacked. They will restore them as long as there is no evidence the users are trying to defraud the restoration process. They would rather have people keep their information secure, but what is the point of not restoring someones account who wants to pay them a subscription fee?
As for brute forcing and the strength of your password, that has no real effect on how your account was compromised. It is so much easier to send out phishing emails, infected websites, fast redirects in google searches, hack email accounts that wow players have poster all over the internet and any number of other malicious attacks. There is zero reason for hackers to try to brute force blizzard accounts, because there are so many other easy ways into someones account.
I keep getting those fake e-mails from hackers. My question is, how did they get my e-mail. I don't share the e-mail I use for my WoW account anywhere. It looks to me like Blizzard's database has been severely compromised.
I have special email accounts setup just for WoW and haven't gotten any fake emails. So while you may not have shared your email anywhere, do you use that email address for anything else? Such as forum accounts? Perhaps an account setup on a site to download addons? Is your WoW email a new email account setup just for WoW, or have you used that email account for something else before?
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
Saying Blizzard is a Multinational Mega corporation that is immune to hacking is quite laughable. Along with if they were hacked the world would already know.
For the record here is a list of the hacked companies since 2005. Seems just a few are very large dare I say larger than Activision/Blizzard companies on the list
I had 3 wow accounts. 1 got hacked so I freaked out and transfered the other 2 to the new battlenet and used a new email and password for the new battlenet account. Guess what. I still had 1 of the 2 accounts banned for a charge back when I only pay with a game card. When I tried to get the accounts back i was confronted with having to find the original copies of the disks with the key I used 5 years ago. Well... Those got tossed. Why do i need the clutter with digital downloads? Doh!
Do as I have done. I won't go back to Blizzard. No Starcraft, No diablo 3 but atleast I have my freedom!
Besides all things being equal Guild Wars is the better deal when you compare the games PvP.
Saying Blizzard is a Multinational Mega corporation that is immune to hacking is quite laughable. Along with if they were hacked the world would already know. For the record here is a list of the hacked companies since 2005. Seems just a few are very large dare I say larger than Activision/Blizzard companies on the list www.privacyrights.org/ar/ChronDataBreaches.htm
I had 3 wow accounts. 1 got hacked so I freaked out and transfered the other 2 to the new battlenet and used a new email and password for the new battlenet account. Guess what. I still had 1 of the 2 accounts banned for a charge back when I only pay with a game card. When I tried to get the accounts back i was confronted with having to find the original copies of the disks with the key I used 5 years ago. Well... Those got tossed. Why do i need the clutter with digital downloads? Doh! Do as I have done. I won't go back to Blizzard. No Starcraft, No diablo 3 but atleast I have my freedom! Same happened to all of us... Besides all things being equal Guild Wars is the better deal when you compare the games PvP.
Saying Blizzard is a Multinational Mega corporation that is immune to hacking is quite laughable. Along with if they were hacked the world would already know. For the record here is a list of the hacked companies since 2005. Seems just a few are very large dare I say larger than Activision/Blizzard companies on the list www.privacyrights.org/ar/ChronDataBreaches.htm
I had 3 wow accounts. 1 got hacked so I freaked out and transfered the other 2 to the new battlenet and used a new email and password for the new battlenet account. Guess what. I still had 1 of the 2 accounts banned for a charge back when I only pay with a game card. When I tried to get the accounts back i was confronted with having to find the original copies of the disks with the key I used 5 years ago. Well... Those got tossed. Why do i need the clutter with digital downloads? Doh! Do as I have done. I won't go back to Blizzard. No Starcraft, No diablo 3 but atleast I have my freedom! Same happened to all of us... Besides all things being equal Guild Wars is the better deal when you compare the games PvP.
Blizzard is blameless...they aren't seeking profits! They r just seeking our fun! World of Warcraft is ever expanding in fun and flavor...:) And I hope that noone will ever play it again!!!
And any lvl 80 that actually made it to lvl 80 on this game without(paid) aid will find out that the time u put on this game was useless...Unless u pay extra...
And any lvl 80 that actually made it to lvl 80 on this game without(paid) aid will find out that the time u put on this game was useless...Unless u pay extra...
And many of u "did' pay extra...I will hear from u first I assume...
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Just stay away from everything is my advice.
Sorry for my recent rants...but I do agree with u for the most part...except that I feel it's much easier to hack someones email address when it's listed on Battle.net or whatever... than the personal name someone gives to thier account on Wow before the changes...
Sadly, my account wasn't worth selling off the toons I had...only sending spam. But thankfully, I didn't use the same password for my email address and other things either!
The good things that came out of it is, I didn't comprimise my email password as it was different and
the current theory going around is Bliz is fucking with accounts to cause the scare they need to push their plans to force authenticators on all accounts....seems to be working too.
Highly unlikely, they could just simple conjure characters and post false stories on there forums if they were to do so, and plus what your describing is unprofessional and not likely to happen by a company of blizzards status.
Here is an example.. I just received an email saying that my password was recently changed. The link looks legit but mousing over shows the true website as wor1dofwarcraft.com. Many many many people fall for emails like this and then go on a rant saying they were hacked when in reality they handed over everything on a silver platter.
The chances of being " hacked " are so close to nil that its way way down on the list of how people lose accounts.
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Just stay away from everything is my advice.
Sorry for my recent rants...but I do agree with u for the most part...except that I feel it's much easier to hack someones email address when it's listed on Battle.net or whatever... than the personal name someone gives to thier account on Wow before the changes...
Sadly, my account wasn't worth selling off the toons I had...only sending spam. But thankfully, I didn't use the same password for my email address and other things either!
The good things that came out of it is, I didn't comprimise my email password as it was different and
I havent looked at Bnet in forever so I dont know if it exposes peoples email addresses or not ( dont remember if it did before either ) but it may make it easier for the phishers to form a mailing list. That could also mean a larger pool of not so informed people falling for the phishing emails.
It doesnt seem like there is any more or less accounts be compromised than there was in the past. It always seems like there is a number of people at the same time and then a lull.
Its also hard to believe they go around hacking single email addresses when mass emailing phishing attempts is far more efficient and less time consuming.
Here is an example.. I just received an email saying that my password was recently changed. The link looks legit but mousing over shows the true website as wor1dofwarcraft.com. Many many many people fall for emails like this and then go on a rant saying they were hacked when in reality they handed over everything on a silver platter. The chances of being " hacked " are so close to nil that its way way down on the list of how people lose accounts.
Exactly,I've received 3 phishing emails on my email that I use here and all other forums,but yet have never received anything on my email used solely for WOW.Sure there are people that say they never click on ads at different sites,sure there are ones that say they never got a keylogger,but human nature is to not admit when one has made a mistake and put the fault on something else.
My question is this. Bank of America, Etrade, Gmail, etc... None of them use authenticators yet they secure very important data to me. 1. Why don't companies that rely on high security use authenticators if they are so awesome for security? 2. Why did the hacked accounts problem become so bad after blizzard started with the authenticators? 3. Why does everyone refuse to think there is something going wrong with blizzard's system?
I'm sorry but I just don't believe Blizzard. Period! I can't wait to find out it is internal or possibly an inside job.
Have you ever heard of the ongoing problem with identity theft and people getting their bank accounts drained, credit cards getting issued to thieves or any number of other illegal activities going on with banks?
Banks are having problems with identity theft, but you believe their systems are safe.
Blizzard is having a problem with identity theft, but you blame blizzard.
While it is possible there is a security problem at blizzard (or any bank), it would have to be something that is long standing considering how long identity theft has been ongoing. It is a convenient way to explain the unknown, but I see no reason to overlook the security issues of users. It is the one fact that has not changed and has only gotten worse since many users have changed their login name to something they freely post all over the internet.
My bank does use an authenticator. I need my PIN number, my card, the little card device (authenticator) and my usual log in user name, customer number, password and secret question (1 of 5) before I can move money around outside of my own accounts.
It's time consuming but it's my money and worth as long as it takes to be on the safe side.
----- The person who is certain, and who claims divine warrant for his certainty, belongs now to the infancy of our species.
You realize that most of the time that email from 'Blizzard' informing you about account changes / ban / hacking IS ACTUALLY PHISHING email right? So you rushing in panic following the link in the email and login in, is usually what got you hacked in first place.
EDIT: I believe that is exactly what happened to OP, he got phishing email saying his account was baned, he followed the link to verify and then bam, hacked account.
---- Here is example of PHISHING email: Greetings! This is an automated notification regarding the recent change(s) A 3-hour probationary suspension is pending on this account, awaiting confirmation from a specialist. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account. Thank you for respecting our position on this matter. ** We request that you verify your legitimate ownership of the account here: (fake address removed for safety). Blizzard staff will verify your account information submitted in two days, please do not modify your account information during this time . It will not affect your game uptime. If you are unable to successfully verify your password . using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment
All I have to say if you cant afford $7 for an authenticator you have problems. That's lunch people. Get one and protect yourself. They are offering free shipping.
Edit - You know it works well when the hackers even start using them.
**Cross-posting from a closed thread that apparently was the same as this thread...
Don't be lazy and use automatic addon updaters like Wowmatrix and the Curse client. We have known for YEARS that these programs can and are exploited for the purposes of uploading virii and trojans to people's computers in order to hack their WoW accounts.
Go to the the addon site and update them manually. Only get your addons from trusted sites, and only use addons from well known and established authors. If a new addon is found to be malicious it will be found out buy the community and the people that run the addon sites and removed, but I wouldn't touch a new addon with a 10 foot pole.
The bottom line is though, this isn't anything new (old news), but it doesn't mean that you should never use addons. Just use your head and don't be dumb...
** Except this thread has nothing to do with getting hacked by using automatic addon updaters... hmmm.
I guess to keep my post more on topic, I get these emails both in and out of game all the time. Just don't be stupid and click on stuff or go to questionable websites... and pay the paltry $7 and get an Authenticator.
------------------------- "Searchers after horror haunt strange, far places..." ~ H.P.Lovecraft, "From Beyond"
Comments
Blizzard doesn't punish users that make mistakes and get their accounts hacked. They will restore them as long as there is no evidence the users are trying to defraud the restoration process. They would rather have people keep their information secure, but what is the point of not restoring someones account who wants to pay them a subscription fee?
As for brute forcing and the strength of your password, that has no real effect on how your account was compromised. It is so much easier to send out phishing emails, infected websites, fast redirects in google searches, hack email accounts that wow players have poster all over the internet and any number of other malicious attacks. There is zero reason for hackers to try to brute force blizzard accounts, because there are so many other easy ways into someones account.
I have special email accounts setup just for WoW and haven't gotten any fake emails. So while you may not have shared your email anywhere, do you use that email address for anything else? Such as forum accounts? Perhaps an account setup on a site to download addons? Is your WoW email a new email account setup just for WoW, or have you used that email account for something else before?
EQ1-AC1-DAOC-FFXI-L2-EQ2-WoW-DDO-GW-LoTR-VG-WAR-GW2-ESO
My account was hacked and taken over....
I felt sorry for the stupid son of a bitch.....
he had no idea this game has sucked ass for 5 years...
It's better to lurk in forums and be thought a fool...than to endlessly "Quote" and remove all doubts.
I can't agree more hardely!!!
but in my case it was an inside job...a bit later...a bit more deceptive...but it still happened and wasn't explained...
Same shit happened to me. Some how someone got my account info and locked it with that lame authenticator. If Blizzards security is that freaking bad the hackers can keep the account and blizzard can shove that authenticator up their ass. Only good thing that did was lock me out.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
Saying Blizzard is a Multinational Mega corporation that is immune to hacking is quite laughable. Along with if they were hacked the world would already know.
For the record here is a list of the hacked companies since 2005. Seems just a few are very large dare I say larger than Activision/Blizzard companies on the list
www.privacyrights.org/ar/ChronDataBreaches.htm
I had 3 wow accounts. 1 got hacked so I freaked out and transfered the other 2 to the new battlenet and used a new email and password for the new battlenet account. Guess what. I still had 1 of the 2 accounts banned for a charge back when I only pay with a game card. When I tried to get the accounts back i was confronted with having to find the original copies of the disks with the key I used 5 years ago. Well... Those got tossed. Why do i need the clutter with digital downloads? Doh!
Do as I have done. I won't go back to Blizzard. No Starcraft, No diablo 3 but atleast I have my freedom!
Besides all things being equal Guild Wars is the better deal when you compare the games PvP.
Where was my response???....
Blizzard is blameless...they aren't seeking profits! They r just seeking our fun! World of Warcraft is ever expanding in fun and flavor...:) And I hope that noone will ever play it again!!!
[Mod Edit]
And any lvl 80 that actually made it to lvl 80 on this game without(paid) aid will find out that the time u put on this game was useless...Unless u pay extra...
And many of u "did' pay extra...I will hear from u first I assume...
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Just stay away from everything is my advice.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Just stay away from everything is my advice.
Sorry for my recent rants...but I do agree with u for the most part...except that I feel it's much easier to hack someones email address when it's listed on Battle.net or whatever... than the personal name someone gives to thier account on Wow before the changes...
Sadly, my account wasn't worth selling off the toons I had...only sending spam. But thankfully, I didn't use the same password for my email address and other things either!
The good things that came out of it is, I didn't comprimise my email password as it was different and
Highly unlikely, they could just simple conjure characters and post false stories on there forums if they were to do so, and plus what your describing is unprofessional and not likely to happen by a company of blizzards status.
Here is an example.. I just received an email saying that my password was recently changed. The link looks legit but mousing over shows the true website as wor1dofwarcraft.com. Many many many people fall for emails like this and then go on a rant saying they were hacked when in reality they handed over everything on a silver platter.
The chances of being " hacked " are so close to nil that its way way down on the list of how people lose accounts.
The authenticator, I assume, is a way for a GM to "investigate" if u were at wrong or not and reevaluate your account. From what I've heard...that never happens...or if it happens, it will happen at a point where u could care less if u play again or not.
You assume wrong. The authenticator is pretty much a random password you assign to your account. It doesnt matter if you hand over username and password because they still wont know the authenticator #. Can probably play the game without the authenticator but they couldnt change any details or transfer characters without it. This is most likely why people log on and see equipment andor characters missing.
Hackers wanting to make a name for themselves target the large companies and such and I am sure Blizzards deals with DDOS attack daily among other things. If their account servers were hacked then it would have been reported from someone. The fact that a few people out of million lose their accounts tells me it isnt a hacker but they signed up on some forum site that they shouldnt have using the same email andor password they used for WoW.
Thats the only way people get emails about errors on their account and such.. I am sure I signed up somewhere that sold the emails to some gold selling website.. I know for a fact that people who run the non official servers do it and I wouldnt doubt if some of the large mod websites do it ( some people think that Curse seems to be in on it ).
Just stay away from everything is my advice.
Sorry for my recent rants...but I do agree with u for the most part...except that I feel it's much easier to hack someones email address when it's listed on Battle.net or whatever... than the personal name someone gives to thier account on Wow before the changes...
Sadly, my account wasn't worth selling off the toons I had...only sending spam. But thankfully, I didn't use the same password for my email address and other things either!
The good things that came out of it is, I didn't comprimise my email password as it was different and
I havent looked at Bnet in forever so I dont know if it exposes peoples email addresses or not ( dont remember if it did before either ) but it may make it easier for the phishers to form a mailing list. That could also mean a larger pool of not so informed people falling for the phishing emails.
It doesnt seem like there is any more or less accounts be compromised than there was in the past. It always seems like there is a number of people at the same time and then a lull.
Its also hard to believe they go around hacking single email addresses when mass emailing phishing attempts is far more efficient and less time consuming.
Exactly,I've received 3 phishing emails on my email that I use here and all other forums,but yet have never received anything on my email used solely for WOW.Sure there are people that say they never click on ads at different sites,sure there are ones that say they never got a keylogger,but human nature is to not admit when one has made a mistake and put the fault on something else.
My question is this.
Bank of America, Etrade, Gmail, etc...
None of them use authenticators yet they secure very important data to me.
1. Why don't companies that rely on high security use authenticators if they are so awesome for security?
2. Why did the hacked accounts problem become so bad after blizzard started with the authenticators?
3. Why does everyone refuse to think there is something going wrong with blizzard's system?
I'm sorry but I just don't believe Blizzard. Period!
I can't wait to find out it is internal or possibly an inside job.
Have you ever heard of the ongoing problem with identity theft and people getting their bank accounts drained, credit cards getting issued to thieves or any number of other illegal activities going on with banks?
Banks are having problems with identity theft, but you believe their systems are safe.
Blizzard is having a problem with identity theft, but you blame blizzard.
While it is possible there is a security problem at blizzard (or any bank), it would have to be something that is long standing considering how long identity theft has been ongoing. It is a convenient way to explain the unknown, but I see no reason to overlook the security issues of users. It is the one fact that has not changed and has only gotten worse since many users have changed their login name to something they freely post all over the internet.
My bank does use an authenticator. I need my PIN number, my card, the little card device (authenticator) and my usual log in user name, customer number, password and secret question (1 of 5) before I can move money around outside of my own accounts.
It's time consuming but it's my money and worth as long as it takes to be on the safe side.
-----
The person who is certain, and who claims divine warrant for his certainty, belongs now to the infancy of our species.
You realize that most of the time that email from 'Blizzard' informing you about account changes / ban / hacking IS ACTUALLY PHISHING email right?
So you rushing in panic following the link in the email and login in, is usually what got you hacked in first place.
EDIT: I believe that is exactly what happened to OP, he got phishing email saying his account was baned, he followed the link to verify and then bam, hacked account.
----
Here is example of PHISHING email:
Greetings! This is an automated notification regarding the recent change(s) A 3-hour probationary suspension is pending on this account, awaiting confirmation from a specialist. A final warning has been issued. The investigation will be continued by the Account Administration team to determine the any further suspensions. If the account in question is found in violation of the EULA and Terms of Use, further action will be taken. Be aware that any additional inappropriate actions may result in the permanent closure of the account. Thank you for respecting our position on this matter. ** We request that you verify your legitimate ownership of the account here: (fake address removed for safety). Blizzard staff will verify your account information submitted in two days, please do not modify your account information during this time . It will not affect your game uptime. If you are unable to successfully verify your password . using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at [email protected]. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment
All I have to say if you cant afford $7 for an authenticator you have problems. That's lunch people. Get one and protect yourself. They are offering free shipping.
Edit - You know it works well when the hackers even start using them.
**Cross-posting from a closed thread that apparently was the same as this thread...
Don't be lazy and use automatic addon updaters like Wowmatrix and the Curse client. We have known for YEARS that these programs can and are exploited for the purposes of uploading virii and trojans to people's computers in order to hack their WoW accounts.
Go to the the addon site and update them manually. Only get your addons from trusted sites, and only use addons from well known and established authors. If a new addon is found to be malicious it will be found out buy the community and the people that run the addon sites and removed, but I wouldn't touch a new addon with a 10 foot pole.
The bottom line is though, this isn't anything new (old news), but it doesn't mean that you should never use addons. Just use your head and don't be dumb...
** Except this thread has nothing to do with getting hacked by using automatic addon updaters... hmmm.
I guess to keep my post more on topic, I get these emails both in and out of game all the time. Just don't be stupid and click on stuff or go to questionable websites... and pay the paltry $7 and get an Authenticator.
-------------------------
"Searchers after horror haunt strange, far places..." ~ H.P.Lovecraft, "From Beyond"
Member Since March 2004