Alright, I felt obligated to inform the Wowhead community about the concepts of information security. I turned this paper in to my instructor in information security class. If you want to know more, click the link and read the paper. Let me know if you need it in .txt format and I'll upload again.Please note: the most important concept that I believe needs to be addressed is principle number one. There is no such thing as absolute security.I see some people saying "get an authenticator, problem solved." While the authenticator is an EXCELLENT way to protect your account, DO NOT think it's all you need. There is this little thing called social engineering that resulted in this.Be vigilant my fellow Azerothians, and remember this mantra:
Quite a few people use the same password for wow as they do in forums and other websites. While Blizzard may be investing thousands into securing their systems, small private forums don't have the staff, time or knowledge to monitor every new security breach. A lot of the software they use for the forums is freeware or open source, meaning hackers can see the code structure, database formats and encryption, and possible exploits. Private forums and websites are not likely to know if they've been hacked, and if they did, they're not likely to announce it publicly that they have. So, considering that, what username and password did you just use to get into this website?
Yeah.Even there would be absolutely secure operating system, there is still risk that user of it can be fooled to catch bait made for him.The direction into what scams are going is that more and more they try to win your trust to install some actually malware software which is only designated to steal what ever information make is after, from credit card information to online bank login information or just wow account information.People are way to ignorant of consequences of buying gold and falling into those honey tongue lies of evil people, it can be seen in increased number of spam we all see.So do your part and report all you know to buy gold or other forbidden services, no matter of relation, and if you care of them, point them here, so they should get idea what they are doing when buying gold.
I have been playing wow since it was released and have never been hacked....One tip from me.... use a long and complicated password.... an example(not one I do or have ever used but something random ^_^ ) "123!@#hello#@!321"Also....if you are truly paranoid you can always do what I do when I'm on a computer other than your own..Type your password into google then ctrl+c to copy it and ctrl+v to paste it into the password box in WoW...No it will not save you 100% of the time but if someone is using a junk keylogger then it will fool it and save your account....P.S. Lol I'm glad i read this....forgot that it was about time for me to think of a new password ;P
I just got hacked last Friday (and just got my account back today).My mistake? Logging in on a computer I didn't clean and maintain myself. I'm just glad I didn't check my bank or CC accounts on that box. Turns out the thing is badly infected, I've spent the weekend trying to clean the machine up, and there's still the little monsters running around free in the thing. /sighMain cause? Not porn, not phishing, not any of the things you immediately think of. Just IE. Stupid stupid IE.Regardless, I've ordered an Authenticator. I never want to go through this again... I have no idea what stuff I'll get back, or when. :(
I have never been hacked, on WoW, or any game or website for that matter. I usually use different passwords to keep myself safe. I don't use the WoW authenticator. I do use multiple emails for other things, but I do not change my password or email on my WoW account ever.I use Avast Anti-Virus Home Edition. I have used it for over 3 years now and it's probably the best anti-virus I have ever used. I have clicked pop ups before or gone to sites from google. Immediately if a trojan or malware is found, avast flashes on my screen. You can then send it to the chest or delete it. Chest is the best option.I also only use firefox or safari for windows. I haven't used IE in over 4 years but it usually gets you a lot of viruses. I heard "noscript" for firefox is good, never used it though.
Today I got hacked =O.Just happened earlier today I got a message from Blizz (Luckily) saying that someone is using my account and that it will be down for 24 hours. I'm gonna change the password as soon as it comes back up and try to get a authenticator soon too.I can't say much about what they did on the account since it only happened today and I can't log in. But about a week before I got hacked I got an email from a @sina.com email that said I was hacked, gave a link to get my account back, blah, blah, blah. I didn't click the link knowing it probably had some sort of keylogger or virus and just deleted it.And about a day before I got hacked I got the same email, from a @sina.com (Witch I've never even heard of) but a different actual e-mail.But yea, I'll see what happens when my account is unsuspended. =(Edit: They seemed to have made off with 700g, Deleting all my PvE gear but leaving PvP alone, spending all my honor on gems, selling all the non BoP content in my bags and bank. Now I'm waiting for blizzard to answer a ticket and get my gear back >=U
My friends account got hacked this week, I was lucky enough to have been on while his account WAS being hacked, so I was able to help him, luckily he got his stuff back yesterday, all that time raiding on his mage and getting geared, just to be hacked, sucked, but his account was used for gold farming, so it took a little longer.He was quite lucky.
When you have a friend who says that when they talked to a Blizzard rep on the phone and they say, yea your account was most likely hacked but we can't look into it because we have so many more to look at that have been on the list longer than yours..There is a cause for concern.
This is a good trick, that i personally practice when changing my account password (1 time every 2 months)Steps1Just go berserk with your keyboard writing a capped and uncapped nonsense word 16 characters long, like thisoiygIHIfufTxOFs2Grab the word, and change vowels to another leter. k t h p w q ... and onJwygIHIfbfTxKFs3Now, just change some leters to symbols and numbers Jw$g4H%fb!Tx7sFinal StepSave your password in a .txt file in your computer (with antivirus protection, of course) , and when you are going to play wow, control+c and paste ... simple as thatTry to figure out that pass, f.ing keylogger!:D
Your method does defeat simple keyloggers, Antherios, but please don't think that is the only layer of defense you need to protect your account. Too many people believe that copy-pasting your password into the password box is all they need to do to ensure their accounts aren't compromised. Sadly, that's pretty far from the truth.
Of course not, but is a good start for people like me that cant get the authenticator.. good habits like that one, and others such as having another mail account just for wow, a good antivirus, not clicking suspicious links, not giving information to anyone, and not playing in another pcIm just saying that things like "my" password method with obviously more tricks, can make an account not 100% sure, but at least really tricky to hack.Greets :D
So yeah earlier today my GLs account was hacked. They got like 30K gold in items and gold from the guild bank.
i been hacked 2 weeks before christmas and as upsetting as it was, it was more of a hassle trying to restore it and getting all my stuff back on all my characters. All i can say is getting authenticator would of saved me from all this.