WoW Security issues

[Lorini]

Apparently there is now an epidemic of hacked WoW accounts. On both the Tech Support and Customer Support WoW forums, there are many requests for help. What's happening is that accounts get hacked, they don't have an authenticator, and the hacker puts an authenticator on their account so that they can no longer access it. Then as usual the account gets banned for gold selling.

A couple of recurring themes I saw as I was perusing the messages. 1. Do not use the same password for your WoW account that you use for other places particularly guildlaunch. 2. Do not use google to find the correct website for the Armory because some of the links found will be phishing sites. If you aren't sure about the website for the Armory, go to worldofwarcraft.com and navigate to it there. Just so you know, it's wowarmory.com.

Please please don't think that if you don't go to 'those' sites you won't be hacked. Adobe products are attacked on what appears to be a daily basis, so if you go nearly anywhere on the web or read pdf's, you could now have a keylogger. Use a reliable anti-spyware, anti-malware product. I use Microsoft Security Essentials but there are others out there.

And naturally get an authenticator if you care about your account.

[Fugitive]

That happened to one of my guildmates recently, with an authenticator being put on the account after it was hacked. I'm guessing it's to slow down the recovery of the account, giving the hackers more time to loot it dry.

(Ironically enough, after a rash of hacked accounts and guild bank lootings, we'd put in place a policy that you only get promoted to a level with guild bank access if you can prove you have an authenticator by showing the core hound pet. And then this person goes and gets hacked and loots our bank and it turns out they don't have an authenticator, but they got promoted anyway because they happened to be...'close'...to a guild officer...)

[Mordrak]

[tinfoilhat]

Blizzard is hacking the accounts from their servers to sell more authenticators!

[/tinfoilhat]

Of course, support costs for hacked accounts make that unlikely... but you never know!

[razarok]

And don't click on any of those fake e-mails that I've been getting from "blizzard" since a couple of weeks or even months...

[RickH]

. . . or react an in-game tell from someone with an official-sounding name urging you to log onto a website.

[frank austin]

I am anxious about buying an authenticator, because I'm worried that I will lose it or switch phones and get locked out. How much of a pain in the ass is it if something like that happens?

[RickH]

I am anxious about buying an authenticator, because I'm worried that I will lose it or switch phones and get locked out. How much of a pain in the ass is it if something like that happens?

My understanding is that you should immediately write down the serial number of the authenticator so you can remove it from your WoW account if necessary.

[Marcus]

It can be a bit of a pain. You have to fill out a form and fax it along with a copy of your ID. Takes a few days to get resolved.

[Jag]

The itunes and Android versions are free. I highly doubt Blizz is happy about the resource drain resulting from hacked accounts.

[Marcus]

My understanding is that you should immediately write down the serial number of the authenticator so you can remove it from your WoW account if necessary.

Or this yes. If you don't do that then it's a real pain.

[charmtrap]

. . . or react an in-game tell from someone with an official-sounding name urging you to log onto a website.

...and stop buying gold, goddamnit. You're feeding these assholes.

[Craig O]

Happened to me back in October. My WoW account got hacked about a month after I canceled my subscription, but I still had a few weeks of paid time before it ran out. The hacker attached an authenticator too.

Blizzard was pretty good about the situation, and everything was back to normal within a couple weeks. I wouldn't have cared so much if I hadn't just linked WoW to my Bnet account.

I didn't pay anything for the authenticator since it's on my iPhone, but it's pretty annoying having to enter an extra code every time I want to log into the SC2 beta.

[Shellfishguy]

This happened to me sadly. I hadn't even had an active account since January, it was a message on facebook from a guildy of mine that let me know. Was a pain to get the authenticator removed, but over the course of a week I managed to get it all taken care of, and bought an authenticator of my own.

Not sure if/when i'll go back to WoW, but at least customer service said they should be able to replace most of my stuff, even after all this time. I was more worried about losing my Diablo 2 and Warcraft 3 keys I had attached to the Battle.net account.

[AndrewM]

Is there really more of an epidemic now than in the past? These things seem to come in waves. We haven't had many people hacked recently that I'm aware of, but one guy said his account was hacked into repeatedly over the course of a week, and is planning to quit WoW now. You'd think he'd do a virus scan or something, but yeah...

[Morberis]

Is there really more of an epidemic now than in the past? These things seem to come in waves. We haven't had many people hacked recently that I'm aware of, but one guy said his account was hacked into repeatedly over the course of a week, and is planning to quit WoW now. You'd think he'd do a virus scan or something, but yeah...

Does he even have antivirus software? I've met more than a few semi tech savy people who refuse to get any because they think their browsing habits are safe.

[AndrewM]

Does he even have antivirus software? I've met more than a few semi tech savy people who refuse to get any because they think their browsing habits are safe.

Yeah, we told him to do a scan. I don't know if he took us up on the advice or not.

[Demolira]

I had my account nabbed a few months ago, despite not having played WoW for years. By the time I got the authenticator removed and added my own, I discovered that whoever got into it activated a WoLK trial to do who knows what with my account.

[mystery]

I took a look at my Gmail spam folder the other day (I occasionally drop in there to see if it's misidentifying anything). It turns out I'm getting at least 2 WoW phishing emails a day. I've used that email address on my guild's website, and when I registered for Wow.com and Curse.com. I, of course, use it for other things, but those are the only WoW related things.

So, either the email address was exposed somewhere on the guild site (which is unlikely, as Athryn and Loup keep that nailed down pretty tightly) or one of the other sites has some 'splaining to do. I'm betting on the latter.

[Wallapuctus]

I had my account nabbed a few months ago, despite not having played WoW for years. By the time I got the authenticator removed and added my own, I discovered that whoever got into it activated a WoLK trial to do who knows what with my account.

Same thing happened to me about a year ago. I assumed it was some guy I knew who didn't like me and was trying to be a dick.

Whoever it was took my character and put it in a guild called "ICritOnYourPizza" and activated a LK trial and started leveling up. Odd behavior; there wasn't really anything on the character to steal. Why would a gold farmer steal a character like that and begin leveling it up?

[rossm]

My brother's account was stolen while it was inactive. The new owner added both expansions and got a DK up to level 80. My brother then got the account back, and was happy it happened.

[AaronSofaer]

I took a look at my Gmail spam folder the other day (I occasionally drop in there to see if it's misidentifying anything). It turns out I'm getting at least 2 WoW phishing emails a day. I've used that email address on my guild's website, and when I registered for Wow.com and Curse.com. I, of course, use it for other things, but those are the only WoW related things.

So, either the email address was exposed somewhere on the guild site (which is unlikely, as Athryn and Loup keep that nailed down pretty tightly) or one of the other sites has some 'splaining to do. I'm betting on the latter.

Or spammers just spam everyone. But it's entirely possible that someone on wow.com / curse.com has some 'splaining to do. This is why we need capabilities-based email systems.

[AndrewM]

Why would a gold farmer steal a character like that and begin leveling it up?

Botted farming of herbs and minerals, I assume. It may eventually get banned, so they wouldn't want it to be on an account they paid for.

[markv]

Spammers just spam everyone, because I never use the email I use for my WoW account anywhere else other than with some close friends and anything that is work related. I've gotten a about 2 or 3 phishing emails to it that have made it through the spam filters in the past 5 years.

[Harkonis]

I had my account nabbed a few months ago, despite not having played WoW for years. By the time I got the authenticator removed and added my own, I discovered that whoever got into it activated a WoLK trial to do who knows what with my account.

I had this happen to me, they sold all my gear and changed my professions to mining and herbs. I hadn't played in almost two years. I noticed my password didn't work, did password recovery and logged on and noticed all the changes. I contacted Blizzard and told them what happened and a few days later they returned all my stuff to me.

Then comes the part that pissed me off... I logged on and started playing again and was debating restarting the subscription. I log on and then get logged off and it tells me my account is banned since I had two people using it. Well no shit, that's why I had called, since someone else had been using it. They didn't fix the ban and by the time it wore off my trial had expired so they don't get my money.

[Jason McCullough]

To the people who've gotten accounts stolen: how strong were you passwords?

[mystery]

Or spammers just spam everyone. But it's entirely possible that someone on wow.com / curse.com has some 'splaining to do. This is why we need capabilities-based email systems.

Of course spammers spam everyone, but they would rarely send out WoW-specific phising emails to a general list, as a matter of efficiency. I don't get the same WoW phishing emails at any of my other email addresses, and at this one, I get 2-3 per day. Not 2-3 in the last five years.

[Lorini]

To the people who've gotten accounts stolen: how strong were you passwords?

Keep in mind it doesn't matter with keyloggers, which apparently are far more popular than trying to brute force passwords. Brute forcing passwords takes actual knowledge and software, while phishing sites, installing trojans, etc means you can just look up this stuff on google and be good to go.

My password on WoW is not very strong but I use an authenticator, meaning even if they guess my password (which is unique to WoW) they still can't get in.

[Charlatan]

Authenticators are so cheap that I don't see why people don't get one. Yeah, having to enter two "passwords" to log in is a bit of a pain, but it makes your account 100x more secure. Seems like the trade off is worth it.

[AndrewM]

Authenticators are so cheap that I don't see why people don't get one. Yeah, having to enter two "passwords" to log in is a bit of a pain, but it makes your account 100x more secure. Seems like the trade off is worth it.

I'm going to wait until I get hacked to purchase one.

[Murbella]

I'm going to wait until I get hacked to purchase one.

Don't worry, if you do get hacked, the hackers will surely purchase one for you.