Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

WoW Account hacking, exceptionally much?

MMO.MaverickMMO.Maverick Member CommonPosts: 7,619

I have to say, I find it worrying the number of posts and tales of people having their account hacked, and them knowing of other people in their guild or who're friends of having been hacked.

I haven't heard sortlike tales regarding other MMO's.

 

What I'm trying to figure out, are these tales many because WoW has the largest playerbase so naturally there would be more of these kinds of stories, or is a disturbing rising  trend happening at the moment?

These tales of people's account getting hacked are only so many lately, something of the last few months. I can't recall it being a large thing and so frequently mentioned a year ago.

 

About my own experiences: since the last month or two I've been getting mails about WoW that look official, but when you see the link that's added and check the email address it's coming from they're both phoney, not from Blizzard itself. So I never clicked the link.

I do wonder though how they got my email address since that email address is known only on a few places. I've never used any of the mods available.

 

The only thing that I can think of is that one of these places I left my email address has gotten compromised, or a (ex-)Blizzard employee had a good time selling off email address listings, or my PC has gotten hacked. But if the last situation was the case, then I would have larger problems and they wouldn't go for a simple email phishing scheme.

 

So my question: is the frequent account hacking a recent thing or does it only look like it's happening much, and is there anything more concrete known besides rumors what are the causes behind it?

The ACTUAL size of MMORPG worlds: a comparison list between MMO's

The ease with which predictions are made on these forums:
Fratman: "I'm saying Spring 2012 at the earliest [for TOR release]. Anyone still clinging to 2011 is deluding themself at this point."

«1345

Comments


  • Originally posted by cyphers

    I have to say, I find it worrying the number of posts and tales of people having their account hacked, and them knowing of other people in their guild or who're friends of having been hacked.

    I haven't heard sortlike tales regarding other MMO's.

     

    What I'm trying to figure out, are these tales many because WoW has the largest playerbase so naturally there would be more of these kinds of stories, or is a disturbing rising  trend happening at the moment?

    These tales of people's account getting hacked are only so many lately, something of the last few months. I can't recall it being a large thing and so frequently mentioned a year ago.

     

    About my own experiences: since the last month or two I've been getting mails about WoW that look official, but when you see the link that's added and check the email address it's coming from they're both phoney, not from Blizzard itself. So I never clicked the link.

    I do wonder though how they got my email address since that email address is known only on a few places. I've never used any of the mods available.

     

    The only thing that I can think of is that one of these places I left my email address has gotten compromised, or a (ex-)Blizzard employee had a good time selling off email address listings, or my PC has gotten hacked. But if the last situation was the case, then I would have larger problems and they wouldn't go for a simple email phishing scheme.

     

    So my question: is the frequent account hacking a recent thing or does it only look like it's happening much, and is there anything more concrete known besides rumors what are the causes behind it?

    GIven the huge sub base, it is natural that we see more cases of hacking.  Given the huge sub base and chance for profits, it is natural we see more efforts from hackers in this game.

    How did the hacker get your email?  Where you use your email address, apart from WoW registration.  I use my WoW related email only in WoW transactions, and never use it elsewhere.  Not once did I ever receive phish mail.  I use another account to register on forums, including this forum.  That other account has nothing to do with WoW, but phish mail arrives everyday.

  • MMO.MaverickMMO.Maverick Member CommonPosts: 7,619

    I haven't used that email address exclusively for WoW, so I agree: I have used it only on a few places but it could be any of those where my info got 'leaked' or spread around.

     

    About WoW being a victim of its own succes: I can imagine how that draws attention to the majority of hackers and account abusers, you see it elsewhere too. When Internet Explorer was used by the majority of websurfers and Firefox and Google Chrome only by a small part, the majority of the web exploits were happening with Internet Explorer.

    The ACTUAL size of MMORPG worlds: a comparison list between MMO's

    The ease with which predictions are made on these forums:
    Fratman: "I'm saying Spring 2012 at the earliest [for TOR release]. Anyone still clinging to 2011 is deluding themself at this point."

  • BallsoutBallsout Member UncommonPosts: 70

    I was with WoW for years, and then cancelled my subscription. 3-4 days after my subscription was up I got hacked. The reason I know this is cause I got an e-mail saying my account was banned for gold selling. I contacted blizzard and they looked into it, fixed it, and I was able to play the month the hacker had on my account. After that the e-mail said that they were wiping my account completely. So I guess to play again I either have to sweet talk blizzard or buy the whole game again, and yes buy an authenticator reguardless. Thanks Blizzard.

    image

  • Originally posted by Ballsout

    I was with WoW for years, and then cancelled my subscription. 3-4 days after my subscription was up I got hacked. The reason I know this is cause I got an e-mail saying my account was banned for gold selling. I contacted blizzard and they looked into it, fixed it, and I was able to play the month the hacker had on my account. After that the e-mail said that they were wiping my account completely. So I guess to play again I either have to sweet talk blizzard or buy the whole game again, and yes buy an authenticator reguardless. Thanks Blizzard.

    Hackers did not pay for the free month, most likely they use a stolen credit card to temporarily buy a month till the credit card bank refute the payment, later.  You, by playing that stolen month, borders on offense of stealing, yourself.

    Blizz is banning your account as a natural defence.  Technically, it is possible you are still a ghost copy of the hacker.  Blizzard cannot see you in person to verify that one way of other.  Upon receiving a bank charge refute, they have reasons to suspect you, since you are playing that free month.

  • BallsoutBallsout Member UncommonPosts: 70

    I had already proven it was me at the helm. I had to jump through the hoops and answer the secret question, and they sent all this to my yahoo e-mail which was secret and only blizzard knew. My login e-mail was my battle.net e-mail. Try again fanboy.

    image
  • MMO.MaverickMMO.Maverick Member CommonPosts: 7,619

    What I find puzzling is that some accounts are being hacked a mere few days after someone halts their sub as some people mentioned.

    How can they know that? Is it shown somewhere that your account is inactive?

    The ACTUAL size of MMORPG worlds: a comparison list between MMO's

    The ease with which predictions are made on these forums:
    Fratman: "I'm saying Spring 2012 at the earliest [for TOR release]. Anyone still clinging to 2011 is deluding themself at this point."

  • TrobonTrobon Member Posts: 300

    Originally posted by Ballsout

    I had already proven it was me at the helm. I had to jump through the hoops and answer the secret question, and they sent all this to my yahoo e-mail which was secret and only blizzard knew. My login e-mail was my battle.net e-mail. Try again fanboy.

    Let me say I have no horse in this race, but you do seem to be under the assumption that companies function as a whole. Most likely one person reactivated your account and closed whatever report they had. Then another person got a complaint and closed your account.

    I don't know if this is actually what happened, but since Blizzard is a big company this is exactly the sort of thing that could happen.

  • BallsoutBallsout Member UncommonPosts: 70

    Originally posted by cyphers

    What I find puzzling is that some accounts are being hacked a mere few days after someone halts their sub as some people mentioned.

    How can they know that? Is it shown somewhere that your account is inactive?

    Yes it is fishy.

    image
  • BeermanglerBeermangler Member UncommonPosts: 402

    There's no such thing as account hacking. 

    Instead, there's plenty of stupidity around. People clicking every single link they get via email / IM, not checking the redirection URL in the browser's address bar, not using safe passwords etc. And still they're the ones complaining. I wish so hard that stupidity would hurt as hell... 

    Just my two cents.

    Better to be crazy, provided you know what sane is...


  • Originally posted by Ballsout

    I had already proven it was me at the helm. I had to jump through the hoops and answer the secret question, and they sent all this to my yahoo e-mail which was secret and only blizzard knew. My login e-mail was my battle.net e-mail. Try again fanboy.

    Oh I am a fanboy because I point out normal company policies, so much so for your sense of reality.  People who have different views are fanboys, even though you have no idea what games I play.  All I said above, is that Blizzard might be worried about you, and they decided to temporarily ban your account, based on standard company policies. They have thousands of hacking incidences a day, and like all big companies, they use bureaucracy who work on company rules.  Neither me or they are directed against you as a person, if they know you face to face.

    For the sake of you education, or common sense, banks do not work like your parents.  A few secret questions and yahoo email is secret?  So much so for your sense of secret.  Learn this lesson, in the internet, no one is a true being.  Not even a password, not even an authenticator.  Its just a matter of probabilty.  With the method of autheticator giving a very high probability of true identity, with minimum cost of administering.

    Oh well, may be all my explanations are in vain, as all you command in terms of vocabulary is "fanboy".

  • BallsoutBallsout Member UncommonPosts: 70

    Originally posted by Beermangler

    There's no such thing as account hacking. 

    Instead, there's plenty of stupidity around. People clicking every single link they get via email / IM, not checking the redirection URL in the browser's address bar, not using safe passwords etc. And still they're the ones complaining. I wish so hard that stupidity would hurt as hell... 

    Just my two cents.

    No such thing as account hacking? well I'll be.

    image
  • BallsoutBallsout Member UncommonPosts: 70

    Originally posted by Li-Su

    Originally posted by Ballsout

    I had already proven it was me at the helm. I had to jump through the hoops and answer the secret question, and they sent all this to my yahoo e-mail which was secret and only blizzard knew. My login e-mail was my battle.net e-mail. Try again fanboy.

    Oh I am a fanboy because I point out normal company policies, so much so for your sense of reality.  People who have different views are fanboys, even though you have no idea what games I play.  All I said above, is that Blizzard might be worried about you, and they decided to temporarily ban your account, based on standard company policies. They have thousands of hacking incidences a day, and like all big companies, they use bureaucracy who work on company rules.  Neither me or they are directed against you as a person, if they know you face to face.

    For the sake of you education, or common sense, banks do not work like your parents.  A few secret questions and yahoo email is secret?  So much so for your sense of secret.  Learn this lesson, in the internet, no one is a true being.  Not even a password, not even an authenticator.  Its just a matter of probabilty.  With the method of autheticator giving a very high probability of true identity, with minimum cost of administering.

    Oh well, may be all my explanations are in vain, as all you command in terms of vocabulary is "fanboy".

    You see people that play WoW are connected to this thing called a server. When someone connects to the "server" it logs the IP address. This is what blizzard was checking in their "investigation". So why would they worry. 

    image
  • RednecksithRednecksith Member Posts: 1,238

    Originally posted by cyphers

    What I find puzzling is that some accounts are being hacked a mere few days after someone halts their sub as some people mentioned.

    How can they know that? Is it shown somewhere that your account is inactive?

    Mine was hacked 8 months after I quit, very fishy. I have/had no trojans on my PC, I clicked on no suspicious emails/links, and I didn't use mods. Plus, I use a keyscrambler. I'm sorry, but when you count all the stories of folks getting inactive accounts hacked only after the switch to Bnet ID, you can't help but wonder about Blizzard's security. It doesn't make sense for someone to log your ID/PW, wait 8 months, and then access the account and cause trouble.

    Besides, they obviously have some way of knowing when an account goes inactive, as those seem to be the ones getting hacked the most recently by far.


  • Originally posted by Ballsout

    Originally posted by Li-Su


    Originally posted by Ballsout

    I had already proven it was me at the helm. I had to jump through the hoops and answer the secret question, and they sent all this to my yahoo e-mail which was secret and only blizzard knew. My login e-mail was my battle.net e-mail. Try again fanboy.

    Oh I am a fanboy because I point out normal company policies, so much so for your sense of reality.  People who have different views are fanboys, even though you have no idea what games I play.  All I said above, is that Blizzard might be worried about you, and they decided to temporarily ban your account, based on standard company policies. They have thousands of hacking incidences a day, and like all big companies, they use bureaucracy who work on company rules.  Neither me or they are directed against you as a person, if they know you face to face.

    For the sake of you education, or common sense, banks do not work like your parents.  A few secret questions and yahoo email is secret?  So much so for your sense of secret.  Learn this lesson, in the internet, no one is a true being.  Not even a password, not even an authenticator.  Its just a matter of probabilty.  With the method of autheticator giving a very high probability of true identity, with minimum cost of administering.

    Oh well, may be all my explanations are in vain, as all you command in terms of vocabulary is "fanboy".

    You see people that play WoW are connected to this thing called a server. When someone connects to the "server" it logs the IP address. This is what blizzard was checking in their "investigation". So why would they worry. 

    Seriously that is all you know about internet, oh dear.

    IP address is just a bunch of numbers sent to the server.  If hacker is a possibility, how do you know the numbers sent are true?  Checking IP address is all Blizzard is doing?  Oh it is that simple.  Wise one, I wonder why there are companies providing system security solutions and such.

    Nevermind, your knowledge of ... I give up.

  • DameonkDameonk Member UncommonPosts: 1,914

    Originally posted by Rednecksith

    Besides, they obviously have some way of knowing when an account goes inactive, as those seem to be the ones getting hacked the most recently by far.

     

    My WoW account (inactive since before BC) hasn't been hacked.  But when the BNet switch over occured I went ahead and activated my WoW account on BNet because Blizzard recommended it (and hey, I might resub someday).  About 3 months later I started getting WoW fishing email about my [inactive] WoW account being hacked, or needing to change my password, or update my billing info, etc.

    The really weird part is the email I used to register WoW is ONLY registered to WoW.  I have never used it for anything else, except for signing up for the WoW beta test before it was released.

    "There is as yet insufficient data for a meaningful answer."


  • Originally posted by Rednecksith

    Originally posted by cyphers

    What I find puzzling is that some accounts are being hacked a mere few days after someone halts their sub as some people mentioned.

    How can they know that? Is it shown somewhere that your account is inactive?

    Mine was hacked 8 months after I quit, very fishy. I have/had no trojans on my PC, I clicked on no suspicious emails/links, and I didn't use mods. Plus, I use a keyscrambler. I'm sorry, but when you count all the stories of folks getting inactive accounts hacked only after the switch to Bnet ID, you can't help but wonder about Blizzard's security. It doesn't make sense for someone to log your ID/PW, wait 8 months, and then access the account and cause trouble.

    Besides, they obviously have some way of knowing when an account goes inactive, as those seem to be the ones getting hacked the most recently by far.

    It is legally not wise to talk specifically about a certain company or a certain product.  We can only talk in general terms.

    When an account is physically hacked, it means the time the hacker logs on, and do something so visible they got busted.

    Typically, that moment is not the moment the hacker gain access to the log on information.  An example will serve better.

    Hacker A throws out random phish mails, over the course of a year, he collects password information.  Will he log into them all immediately?

    Option A: he logs on and steal the money.  Now he has to put the money somewhere, unless he has a buying waiting in the wing, taking the gold will do him no good.  As soon as the owner complains, blizzard will verify where the money goes, and the hacker will lose control of the hacked account, as well as his own account where the stolen gold went.

    Option B: the hacker wait till he get a client buying gold, then he logs onto each "stolen" account in that server of his client, and try to pool enough gold to sell to his client, then he stops.  That way, he will not alert owners of other accounts he compromised, and hope that when he got the next client, he still have assess to those stolen accounts.

    So, the moment a lot of accounts were physically taken over, is more like the moment a lot of people are buying gold, or moments where the hacker need some accounts to spam trade channels.  Whether the hackers get the passwords from BNet or not, only Blizz knows, and Blizz is never going to address or talk about, which is wise..


  • Originally posted by Dameonk

    Originally posted by Rednecksith



    Besides, they obviously have some way of knowing when an account goes inactive, as those seem to be the ones getting hacked the most recently by far.

     

    My WoW account (inactive since before BC) hasn't been hacked.  But when the BNet switch over occured I went ahead and activated my WoW account on BNet because Blizzard recommended it (and hey, I might resub someday).  About 3 months later I started getting WoW fishing email about my [inactive] WoW account being hacked, or needing to change my password, or update my billing info, etc.

    The really weird part is the email I used to register WoW is ONLY registered to WoW.  I have never used it for anything else, except for signing up for the WoW beta test before it was released.

    I have no proof about anything.  Just a clue.  This is just a discussion, I am not drawing any conclusion.

    I got phish mail sent to me about signing up wow cata beta tests, regularly, now, sent to accounts that has nothing to do with WoW, unknown to blizzard.   Maybe your signing up was phoney.  Did you get into wow beta eventually?

  • DameonkDameonk Member UncommonPosts: 1,914

    Originally posted by Li-Su

    I have no proof about anything.  Just a clue.  This is just a discussion, I am not drawing any conclusion.

    I got phish mail sent to me about signing up wow cata beta tests, regularly, now, sent to accounts that has nothing to do with WoW, unknown to blizzard.   Maybe your signing up was phoney.  Did you get into wow beta eventually?

    Hehe... Well for one I'm not talking about Cata, I'm talking about the original WoW beta signup in 2003, and yes, it was real.  I didn't get an invite beforehand, I signed up for it, on the official WoW website.

    And yes, I did eventually get into the original WoW beta, and it was completely legitimate, trust me.

    Honestly, I don't even remember gaming related phishing emails/fake websites starting until a few years ago.  I'm almost positive they didn't exist before WoW came out, back then it was almost entirely AOL + financial institution phishing.

    "There is as yet insufficient data for a meaningful answer."

  • frostsmithfrostsmith Member Posts: 111
    I love how the fanboys blame the person that got hacked. Sure, some do it to themselves. However, there are times where it just happens. They disabled my account, and now they say I owe them 15 bucks because of the hacker reactivating my account. I told them how I couldn't even sign in to play the game, and they didn't want to hear it. They only listen to themselves, and I guess they are always right. pfft. WoW got too big, and it will happen to every MMO that gets to their size.

  • Originally posted by frostsmith

    I love how the fanboys blame the person that got hacked. Sure, some do it to themselves. However, there are times where it just happens. They disabled my account, and now they say I owe them 15 bucks because of the hacker reactivating my account. I told them how I couldn't even sign in to play the game, and they didn't want to hear it. They only listen to themselves, and I guess they are always right. pfft. WoW got too big, and it will happen to every MMO that gets to their size.

    I love how people call others fanboy totally indiscriminant and groundless.  I love how people always blame others for whatever misfortune or evils call home.  Look at the ToA.  Your sub buys you right to use an account based on certain conditions.  Protection of the password is not the responsibility of the game provider.  You lose it you lose it.  If you have proof that someone stole it or leaks it out, take it to the authority.

    Crying wolves here is no big man's deal.  There are 10+ million active subs,  If a few thousand got hacked, that is less than 1%.  Chances are, it is not a total hacking of the blizzard database.  There are many of us who never have been hacked, and we never come out to scream.

    If millions got hacked, that is another situation. Until then, all these conspiracy theories can go home.

  • majimaji Member UncommonPosts: 2,091

    Originally posted by cyphers

    I do wonder though how they got my email address since that email address is known only on a few places. I've never used any of the mods available.

     

    You registered on any forum that is not 100% secure, and BAM your email adress is swirling around randomly in the internet. Some robot picks it up, adds it to a list and then you get sent all kinds of crap. It doesn't have anything to do with you playing WoW or not or blizzard or whatever. I got mails about my Aion account beeing corrupted even though I never played Aion, not even the beta or anything.

    That by itself is no threat to your account, if you ignore those mails.

    If your account gets "hacked", then it's a security problem on your side. There is no "evil" hacker who says "ho ho ho today I hack some accounts" and hacks his way into the blizzard WoW database with the account data and gets all your information (not to mention no passwords are saved that way in databases, they get always encrypted, but I guess for the mysterious super-hacker that's no poroblem).

    In short:

    If you take care, your account won't get "hacked". If it get's hacked, then you did something wrong.

    Let's play Fallen Earth (blind, 300 episodes)

    Let's play Guild Wars 2 (blind, 45 episodes)


  • Originally posted by maji

    Originally posted by cyphers

    I do wonder though how they got my email address since that email address is known only on a few places. I've never used any of the mods available.

     

    You registered on any forum that is not 100% secure, and BAM your email adress is swirling around randomly in the internet. Some robot picks it up, adds it to a list and then you get sent all kinds of crap. It doesn't have anything to do with you playing WoW or not or blizzard or whatever. I got mails about my Aion account beeing corrupted even though I never played Aion, not even the beta or anything.

    That by itself is no threat to your account, if you ignore those mails.

    If your account gets "hacked", then it's a security problem on your side. There is no "evil" hacker who says "ho ho ho today I hack some accounts" and hacks his way into the blizzard WoW database with the account data and gets all your information (not to mention no passwords are saved that way in databases, they get always encrypted, but I guess for the mysterious super-hacker that's no poroblem).

    In short:

    If you take care, your account won't get "hacked". If it get's hacked, then you did something wrong.

    So the easiest way to protect your account is never to use the associated email account anywhere else.

    No one knows your log in email address, no one can send you phish mail.  Use an authenticator.  That way your exposure to risks are reduced to minimal.

  • TealaTeala Member RarePosts: 7,627

    Funny this thread was created the same day my WoW account was hacked.   They emptied or guild bank of valuables, they stripped my other characters of valuables then transfered my character to another realm.     Oh and yes, I am still trying to get Blizzard to fix this mess.   My account was suspended first and then perma banned I guess because Blizzard suspected that either it was a gold farmer that had gained access t omy account and was trying to protect it or later they just thought I had gone nuts and decided to become a gold sller or whatever.

    After this happened one of my guildies started to ask other alliance guild mates if they ever had their accounts hacked and it amazed her to find out that all of them had had their accounts hacked!  Soon after they linked their WoW account to Battlenet.   I have never had issues with my accounts in any game up until the 21st of June 2010.   Then suddenly out of the blue - I get hacked.  I had not played my WoW account for a couple of months due to other obligations.  

    Tin foil hat time.   I am thinking that this account hacking could very well be a inside thing.   Blizzard accounts seem to be hacked on a regular basis - especially inactive accounts.   I wonder why that is?

     

    EDIT:  Oh and no trojans found in my computer.   I use a different e-mail for game accounts rather than the one I use to register for websites.   So you tell me how some one managed to get access to my account.

  • TreekodarTreekodar Member Posts: 524

    Originally posted by Teala

    Funny this thread was created the same day my WoW account was hacked.   They emptied or guild bank of valuables, they stripped my other characters of valuables then transfered my character to another realm.     Oh and yes, I am still trying to get Blizzard to fix this mess.   My account was suspended first and then perma banned I guess because Blizzard suspected that either it was a gold farmer that had gained access t omy account and was trying to protect it or later they just thought I had gone nuts and decided to become a gold sller or whatever.

    After this happened one of my guildies started to ask other alliance guild mates if they ever had their accounts hacked and it amazed her to find out that all of them had had their accounts hacked!  Soon after they linked their WoW account to Battlenet.   I have never had issues with my accounts in any game up until the 21st of June 2010.   Then suddenly out of the blue - I get hacked.  I had not played my WoW account for a couple of months due to other obligations.  

    Tin foil hat time.   I am thinking that this account hacking could very well be a inside thing.   Blizzard accounts seem to be hacked on a regular basis - especially inactive accounts.   I wonder why that is?

     

    EDIT:  Oh and no trojans found in my computer.   I use a different e-mail for game accounts rather than the one I use to register for websites.   So you tell me how some one managed to get access to my account.

    How do you know there aren't any trojans on your computer? Did you use HJT or some free scanner such as AVG?

    Eleanor Rigby.

  • majimaji Member UncommonPosts: 2,091

    Originally posted by Teala

    EDIT:  Oh and no trojans found in my computer.   I use a different e-mail for game accounts rather than the one I use to register for websites.   So you tell me how some one managed to get access to my account.

    Sure, in theory it can be a companys mistake. However, the whole account thing and making is secure is pretty standard and no wizardry in matters of programming. Take that and add Blizzards experience, and it becomes pretty unlikely they'd mess it up. That they let accounts get hacked on purpose doesn't make much sense either. Sure, it's not impossible, but if I can choose between "user screwed it up" and "company with a reputation to lose hacks their own users accounts for evil schemes", it's no brainer to know what to pick. :P

    There are hundreds or more youtube videos telling people stuff like "to apply for cataclysm beta, send me your account data". Or "double your game-card by sending me your unused legit one", and so on. If people wouldn't fall for these tricks then they wouldn't be that popular.

    Let's play Fallen Earth (blind, 300 episodes)

    Let's play Guild Wars 2 (blind, 45 episodes)

Sign In or Register to comment.