How can I avoid being 'Hacked'?

-Vega-

Hello all,

started playing WoW a few months ago and since then my email inbox has filled up with links apparently from Blizzard with various messages.

From free competitions to account issues to claiming my free mount, it all sounds like nonsense but how can I spot a genuine Blizzard email from the fakes? Most of the emails end in blizzard.com

Also are there any other ways people can get access to my WoW account password ingame or out of game? I don't share my account details with anyone so it's just me. Any other tips? Thanks.

TheDoc

Get an authenticator

Free with an iphone,ipod touch or android phone


If you dont have the above, get the physical version from their store ( although it costs)

Generates a random number string every 60 seconds that gets inserted along with your password when you first login.

Touchwood ive never been hacked, but I dont think I ever will once having an authenticator.

Tbh if you play wow any decent amount and dont have one your a wally, plain and simple, it pretty much guarantees you dont get hacked.

Two guys in our guild dont have them, and they have been hacked , combined 12 times in the last 12 months..

12 times....

Thats unreal, and they are ****ing dopes.

Kiith

I've never been hacked. Never used an Authenticator, probably never will. I still think that the vast majority of time people are hacked is because their systems get infected with files that can easily be avoided. Keep your virus scanner/firewall up to date, change your pasword regularly, don't visit sites that will get you hacked, and dont open any emails from 'Blizzard'.

TheDoc

Kiith wrote: »

I've never been hacked. Never used an Authenticator, probably never will. I still think that the vast majority of time people are hacked is because their systems get infected with files that can easily be avoided. Keep your virus scanner/firewall up to date, change your pasword regularly, don't visit sites that will get you hacked, and dont open any emails from 'Blizzard'.

I'd agree with the above bar changing passwords.

With good browsing practice and using the safety tools in place like malware scanners etc, there is no excuse to get hacked

-Vega-

Hmmm thanks for the tips and advice so far. I notice when I google the Authenticator that there have been reported cases of that too being hacked although it still says its worth having. It says it was hacked via trojans and keyloggers on someones system.

So I get all that, heres my final question. Will I ever randomly get a trojan or keylogger on my system with the intent to steal my gamepass or can I only get the trojan if I click a dodgy wow link or download some dodgy wow app ?

At the moment, I click nothing. I log in and play and use curseclient with a different username and password for a few addons. So if I continue this, I presume I'm fairly safe and the authenticator is a bonus? Thanks again.

Nehaxak

TheDoc wrote: »

I'd agree with the above bar changing passwords.

With good browsing practice and using the safety tools in place like malware scanners etc, there is no excuse to get hacked

I had my account stolen via Chinese hackers hacking into my hosting account on godaddy.com - where I had an email server setup. They used my email there (which was tied to my Wow account) to change passwords.

It was only because I was still awake at the time (was early hours of the morning) that I happened to notice what was going on when I was seeing emails arriving from blizzard saying password was changed - then emails being deleted from my inbox on the server. I changed hosting, email and server passwords then Wow passwords. Logged into wow, sent a message to Blizzard in game, GM was on to me in less than ten minutes and everything was sorted within the hour. I also applied an authenticator to my account via the iphone and then via the dongle which I'd ordered when it arrived.

The hosting company sent me an email later the next day telling me my account was one of the thousands that had been targeted by hackers from China. GoDaddy pulled out of their operations in China not long after that, due to the amount of hacking being done against them and no action being taken by Chinese government to help combat the hackers.

My PC wasn't targeted, I had no viruses/malware or otherwise and my hosting/email/server passwords were 16 characters long with a mix of upper/lowercase, numbers and other characters.

So as much as you might think you're immune to being hacked, unless you've an authenticator attached to your account - you're not. If they really want your account, they'll get it.

Even then, the authenticators are made in China, which doesn't instil a great amount of confidence either.

TheDoc

Nehaxak wrote: »

Even then, the authenticators are made in China, which doesn't instil a great amount of confidence either.

Unbeleiveably difficult for anyone to get your Authenticator hacked, there is genuinely billions of combinations.
The only wya that is getting hacked is if someone gets your Authenticator number, and thats only happening if you have it stored online someone, or lose your authenticator.


Or your one of those dopes that runs the authenticator from your desktop through an Android or iphone app developement enviroment

Columc

TheDoc wrote: »

Unbeleiveably difficult for anyone to get your Authenticator hacked, there is genuinely billions of combinations.
The only wya that is getting hacked is if someone gets your Authenticator number, and thats only happening if you have it stored online someone, or lose your authenticator.


Or your one of those dopes that runs the authenticator from your desktop through an Android or iphone app developement enviroment

To secure your account, an Authenticator is the best bet. This will disallow your account to be brute forced.

The only way in which you account can be hacked via a authenticator is if you get a man in the middle attack. this is a straight attack on your computer via trojen.

Only way not to get hacked is run virus scans regulary, and keep them up to date. Dont click links from dodgy emails, always goto battle.net and log on manually. Even if the email looks legit.

Even if you do get hacked, it isnt the end of the world... just 2-4 days of you chars not accessable. Usualy when you do get hacked, create a ticket on the char explaining and giving details of when you got hacked(i loged of on xyz at time abc and i loged back on today to see i got hacked) then ring customer service(ring via skype since you can get it for free, since they have no irish telephone number)

KilOit

Was never hacked since WoW came out, i'm pretty good at keeping my pc safe, but i still got authenticator last year, a physical one, don't like the idea of having it on a iphone. peace of mind is bliss.

The stories of authenticators been hacked is mostly bull****, some of them probably coming from the hackers themselves to stop people getting them.

In reality lots of businesses use this type of protection cause it really works.

You're mad not to get one, they're cheap as chips.

Columc

KilOit wrote: »

Was never hacked since WoW came out, i'm pretty good at keeping my pc safe, but i still got authenticator last year, a physical one, don't like the idea of having it on a iphone. peace of mind is bliss.

The stories of authenticators been hacked is mostly bull****, some of them probably coming from the hackers themselves to stop people getting them.

In reality lots of businesses use this type of protection cause it really works.

You're mad not to get one, they're cheap as chips.

aye, a lot of business does use them. The only way in which you can get hacked with a authenticator on your account is a man in the middle attack, which requires the hacker to have a programe on your computer, him to be online, you to be online and you logging in the same time. and all of this i a 1 minute time frame were you type in your authenticator code as it changes every minute.

-Vega-

Just ordered my authenticator off the blizz site. Only 7euro ? Seems cheap, I was expecting more! Probably because its got some slighty gay Starcraft 2 design on it

Columc

Ther no warcraft design in stock?

make sure you dont lose it, cause once you have it on your account, and you lose it it is such a painful process trying to get your account back.

Dcully

Im using authenticator on my htc hero phone, being honest i always fear ill lose it while out and about, tempted to buy the blizz one tbh.

Columc

friend lost his a few months back, he needed his orginal and expansion cd-keys, his secret answer and question, then asked what payment he used(he used cc) then they asked for when he paid for his subscpition and when, he didnt have his cd keys so they asked him for a scaned copy of photo id.

Nehaxak

I'm wondering what happens if the battery runs out ? :eek:

Columc

with those type of devices, they generaly dont run out for 6+ years

Nehaxak

Strange one just now too, login server is down but only seems to be effecting those who have an authenticator attached to their account

Columc

Nehaxak wrote: »

Strange one just now too, login server is down but only seems to be effecting those who have an authenticator attached to their account

sometimes that happens, as from what i am aware its a diffrent server that you log into using auth(to make sure its correct) sometimes it goes up and down, but generally in a 5min period

Overheal

Get decent antivirus and an authenticator.

Email Spoofing is something I was barely aware of until I looked into my junk folder and saw all that crap. But yes hackers can digitally sign emails to make them appear from somewhere else. Fortunately Gmail has always spotted the difference. Not one has ever made it to my inbox.

Shougeki

Got hacked via email (they got access to my gmail account, probably since i hadnt change the password since i opened the account....)

I noticed the change passowrd emails, while at work, and also noticed a login to my gmail account from canada. Managed to change the passwords on my email then wow a couple of times, then changed the email account associated.

In regards to losing the Authenticator, if you keep the actual ID number of it, does that help maybe?

And it also works on BlackBerrys