This site makes extensive use of JavaScript.
Please enable JavaScript in your browser.
Live
PTR
10.2.7
PTR
10.2.6
Beta
How did this happen?
Post Reply
Return to board index
Post by
qwertydood
My account is completely secure with an authenticator and my computer malware-free (or as sure I can be) and I received an email from battle.net that the email address associated with it was being changed. At first, I thought "scam email", but I found that I could no longer log on to battle.net or WoW because it said my username or password were wrong. I went back to the email, and upon further inspection of the links and formatting of the message, it looks legit.
But how could a person change the email associated with my account without the authentication code?
Obviously I sent Blizzard an email about it, but I did not think this could even happen.
Post by
Hank
Did this happen close to a time when you logged into your account? If not how long had it been since you last logged in?
What kind of authenticator do you use? $5 Blizzard brick or iPhone/Android?
Do you use logmein.com or some other remote desktop application?
Post by
Tartonga
Are you sure that all the e-mails from Blizzard that you opened had a green shield with a tick (a check mark) next to it?
Post by
ExDementia
The return path can be spoofed, so you need to be careful with what you reply to. If it didn't ask for any account information it's most likely legit.
Does someone you know have access to the authenticator? Mean joke maybe?
That is strange though. I would be interested to see how this plays out.
Post by
Cambo
I find it surprising that your authenticated account has been compromised, however an authenticator is not 100% safe.
While there is a hackers market for WoW accounts and account items, you are most at risk of attracting these by surfing WoW-related online content. Have you visited any WoW blogs, or addon websites lately?
Post by
Maddroxx
ive gotten numerous emails from often legit looking blizzard sites. when i moused over the "noreply@blizzard.com" or whatever it was, a totally different and obvious forgery appeared. i never clicked on any of them and sometimes when i felt saucy, replied anyways and spewed a bunch of obsenities at them. i got an authenticator as well just to make sure. the other day i got one stating my account was under investigation from gold selling. looked legit as well, but i ignored and deleted anyways.
Post by
Varicelle
That is strange though. I would be interested to see how this plays out.
same here, I hope the OP tells us the end of the "story", i'm really curious about that.
Post by
Tauge
I have a feeling we're not getting the whole story. Perhaps when he said he went to battle.net, he really meant, "I clicked on the link and it wouldn't let me log in."
In any event, I'm interested in how this story ends as well.
Post by
126061
This post was from a user who has deleted their account.
Post by
rigel
Since IIRC the only way a hacker can get onto your acc if it has an authenticator is with a
man in the middle attack
If you had spyware or a keylogger on your PC at the time you attached your authenticator, it is very possible, it was able to log the code and derive the permutation that creates the
OTP
every 30 seconds. This is offcourse subject to the strength of the key security, as this will determine the time needed to extrapolate future codes.
If you however are the subject of a
man in the middle attack
, there is very little you can do, since the issue lies with your ISP. If you are certain you were secured at the time you attached your authenticator, it might not be a bad idea to contact your ISP and inquire about odd communications between your end and their end.
Post by
nuckingfutz
can anyone confirm wether or not you need an authenticator to log onto battle.net?
Yes.
I need my authenticator to log into the game, the forums, AND battle.net.
Post by
203406
This post was from a user who has deleted their account.
Post by
GravenTerenas
ive gotten numerous emails from often legit looking blizzard sites.... sometimes when i felt saucy, replied anyways and spewed a bunch of obsenities at them
/facepalm
Doesn't that just verify to them that the address they tried to phish is in use, and does indeed belong to a WoW player? If you don't reply they can never know that, unless you've used the same email to sign up to some WoW site that's been compromised.
Wouldn't be surprised if you saw an increase in phishing attempts after replying to a mail like that.
Post by
ExDementia
ive gotten numerous emails from often legit looking blizzard sites.... sometimes when i felt saucy, replied anyways and spewed a bunch of obsenities at them
/facepalm
Doesn't that just verify to them that the address they tried to phish is in use, and does indeed belong to a WoW player? If you don't reply they can never know that, unless you've used the same email to sign up to some WoW site that's been compromised.
Wouldn't be surprised if you saw an increase in phishing attempts after replying to a mail like that.
But at least he taught them a thing or two! :P
Post by
Maddroxx
i didnt think of that till after i did it, but oddly enough i havent gotten one since.
Post by
808962
This post was from a user who has deleted their account.
Post by
Eccentrica
I have noticed a definite uptick in the number of emails from "Blizzard" notifying me that my account is under investigation, or that I have attempted to log on too many times and that my account is therefore locked.
The significant problems with these email are that they never address me by name, and they are sent to the wrong email address.
I have a separate email address I use for WoW, and WoW only. The password to log on to the email account is not the same as the password to log on to WoW. Neither the email address, the WoW password, nor the email password are the same or similar to anything else I use anywhere. I change all 3 (the email address and the 2 passwords) at least once a month on a randomly selected day. No one but me knows the passwords.
When I receive these obvious phishing attempts, I delete them, and empty the trashbin without even opening them because they never come to the correct address. I also have had an authenticator since seemingly forever. Three years, no stupidity, no hacks.
Post by
ExDementia
Man, I don't use an authenticator and I've had my wow account on the exact same email with the exact same password since I started in BC, I haven't been hacked once. I never even get phishing emails, unless gmail just filters them out and I don't know it.
Post by
yukonjack
Man, I don't use an authenticator and I've had my wow account on the exact same email with the exact same password since I started in BC, I haven't been hacked once. I never even get phishing emails, unless gmail just filters them out and I don't know it.
famous last words
Post by
bwirum
Man, I don't use an authenticator and I've had my wow account on the exact same email with the exact same password since I started in BC, I haven't been hacked once. I never even get phishing emails, unless gmail just filters them out and I don't know it.
famous last words
Perhaps.
I don't quite do it as risky as this guy, but I have no authenticator and have never been hacked.
BUT, I have a separate e-mailacc for wow (which I have yet to receive ANY spam on), and change my password semi-regularly.
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.