The e-mail was a real one from Blizzard unfortunately. All the links were to various Blizzard support pages but I still didn't click on them, not that it mattered at the time as it was just telling me the account was banned.
I wished I remembered to put this in the original post but I also have a second account that I accessed on this computer, different e-mail and was never converted to a BNet account. That one is still fine, I still have access to the account management through the WoW main page and there has been no activity since I canceled back in Sept. I'd like to say this narrows it down to problems with merging with BNet but who knows. Guess ill be getting an authenticator just so it doesn't happen again.
My account is active and I received emails last week saying it was compromised. Always check the address of the battle.net account before entering any info.
For example, this week the link sent me to something such as ttp://eu.batle.net/ (only 1 "t") and that's how they steal information from the users.
I suggest using something like Chrome as it is very good at detecting phishing sites.
Just clicking on the links in the email is dangerous. Most of these phishing sites are designed to exploit flaws in many web browsers and try to install keyloggers.
Most common hacks go something like this
Phishing: some hacker sends out a fake email saying your account got banned, is under investigation or needs verification. The hope is the user will be naive enough to enter their login information at the fake site or just reply to the email with their account information.
Keylogger: Similar to above, but the link will take the user to a website that tries to exploit common flaws in web browsers and install keyloggers.
Email hacks: I'm not to familiar with all the ways to hack an email account, but I know some people make it stupid easy by choosing secret questions that anyone in the world could guess or google the answer to. Once someone has access to your email account they can access your wow account.
Some things most people need to know
Antivirus software, spyware software, malware software, firewalls will not protect you. They will not protect you and most will not even detect the problem. There is no piece of software that is going to protect you, especially from your own actions.
No web browser is secure. If you are using internet explorer I personally feel you are giving hackers a free pass to your computer. Get mozilla and install the noscripts addon. That will close many common holes, but there is no web browsing software that is going to keep you safe.
Never ever ever click the links in an email. It doesn't matter who you think it is from. If you get an email that looks like it is from blizzard then open your browser manually and type in the blizzard website address. If you are suspicious about the email, just hover your mouse over the links and check the address that appears in the bottom bar of your browser. Most likely it will be some ridiculous URL or something designed to look similar to blizzard.com or worldofwarcraft.com. Look at it very closely and you can spot the fakes pretty easy. Just delete them, but still never click the link on one you think might be real.
Change your email secret question if it is easy to guess.
The complexity of your blizzard password does not make your account hack proof. Most hacks could care less what sequence of characters your password is made up from. While not a bad idea, it isn't going to keep you safe. No one is going to brute force the blizzard login to get your account.
WATCH OUT! It can be a phishing attempt. Mouse over the links, check if they are from really http://www.worldofwarcraft.com , http://www.blizzard.com or something REALLY OFFICIAL, NOTHING ELSE. When in doubt go to the official website and send any questions from the support navigating from there. These sites (and the e-mail) will either ask you for very personal information that can compromise your account like all the data needed to perform an account theft with your data, or, the websites themselves may infect your computer for that purpose (which is why I never access gold selling or phishing e-mail websites, NOT EVEN just for curiosity). I tell you that based on personal experience, I'm getting daily e-mails in that format, and they can be very realistic in order to trick you.
^ This.
It has gotten worse since the whole Bnet account merge thing. The scam-tards have been spamming any email address they can generate (friends of mine who have never even looked at WoW get these emails all the time now)
If you get this sort of email and are unsure of its authenticity, just manually go to your WoW account and check it out. DO NOT CLICK ANY LINKS on that email.
There are 3 types of people in the world. 1.) Those who make things happen 2.) Those who watch things happen 3.) And those who wonder "What the %#*& just happened?!"
It's a SCAM. I did never have a WoW account, yet I still recieve e-mails my WoW account has been compromised and have to log into some kind of blizzard-worldofwarcraft...whatever website. I doubt, Blizzard would officially send you an e-mail that your account has been banned even if it really was. Every e-mail like that is scam in my opinion.
Well you would be wrong. Blizzard did send me an e-mail saying that my account had been banned for violating the ToS. My account was hacked and then got banned for spamming gold chat messages. It happens. All the time as a matter of fact. It happens so often that as soon as it does Blizzard initiates an investigation. By the time I read the e-mail and responded to Blizzard it was already being looked at by the account team. All I had to do was say that I would like a recovery and they did recover my account. It was unbanned within a day or 2 and within 2 or 3 more days all my items had been recovered.
While there are a lot of scams going around and most likely an e-mail stating that your account has been compromised may indeed be a scam, it's not impossible to get an e-mail from Blizzard. Blizzard will notify you thru your e-mail if your account has been banned. It won't however ask you to log in with your user-id and password because in fact you won't be able to since it's been banned. All it will tell you is how to respond so that an account recovery can take place.
Just recently, I got an email saying that an account, not my account, was being banned for In-Game Spam/Third-Party Advertisement, which I have never done. The weird thing was, it wasn't my account. Immediately, I did three things. First, I went to the World of Warcraft website, and looked for the e-mail to send to if I believed my account had been compromised. I was unwilling to reply to the message I had gotten, for fear that it was a scam. Secondly, I ran both my CCleaner and AVG to make sure I was clean, no keyloggers, no viruses, no nothing. My computer was clean, dare I say, as a whistle.
And finally, I tried logging into my account, which had an authenticator code block on it. I do not, nor have I ever owned a Blizzard Authenticator, although I may in the near future because this has happened to me entirely too often. After I had discovered this fact, I sent an e-mail alerting Blizzard of this problem. That was yesterday, and I have yet to receive a reply.
theory #142, bliz is trying to push for mandatory authenticators, so they hack accounts to put the fear of hades into people so they agree to add an authenticator.
Grouping in Old school mmo's: meeting someone at the bar and chatting, getting to know them before jumping into bed. Current mmo's grouping: tinder. swipe, hookup, hope you don't get herpes, never see them again.
theory #142, bliz is trying to push for mandatory authenticators, so they hack accounts to put the fear of hades into people so they agree to add an authenticator.
To be completely honest, after everything was said and done and the email was sent, I literally sat back and thought about it and that was one of the thoughts that I got. And it would actually make a lot of sense, kinda.
I ran an Internet cafe for many years, have seen a lot of folks' browsing and Internet habits, and understand a good deal about how the Internet works and how to keep it from biting me in the ass. I haven't had a virus or anything for a long time, and I'm one of those folks who will pirate a triple-A game to give it a try before I commit to it, so it's not as though I never do anything questionable or dangerous on my machine. When I get a virus, I get off the internet At Speed and fix my shit in its entirety before I return to the World of Infecting Others.
That said, everyone fucking else does 100% of the time no matter how much they say about how safe they are.
Everyone I know has gotten keylogged or hacked or generally fucked-over, and it happens for a myriad of reasons, all of which involve folks not paying enough attention to what they're doing. This is how the Internet works.
You got hacked because you don't know well enough how -not- to get hacked; do more research, observe your browsing habits, check netstat when things are hitching in funny ways, take a look in msconfig's Startup tab for things you don't recognize, find a reliable registry sweeper, clear your cache a lot, disable System Restore, consistently run Malwarebytes or Avast or, if you happen to have six grand lying around, Symantec Corporate Edition.
All these things will improve your chances of discovering you've been hacked or infected so that you can clear your system and reset your passwords.
I've been using the same password nigh on fifteen years now. Never had to change it, never had an account stolen, not a single time. I also have a very strong password, which is helpful.
My friend came over yesterday (yes, literally a day ago) and asked me to run ICC. I was like "dude, I haven't been playing WoW for a month..last time I ran ICC nothing dropped so I quit". He said "Um...I just saw you online."
Him and I had a long staring contest because he couldn't believe I had gotten keylogged (I'm very..um..experienced with the underground scene).
Now, lets back track 3 weeks ago. I turned off my computer went to bed, only to come online on MSN with my friend saying "Um...what the fuck? You got keylogged?". He c&ped a message to me, which EVERYONE on my MSN list got. Now, obviously there wasn't a program in my computer because my computer was off. Then...I ran a giant scan on my computer (3 anti-virus programs, along with manually checking everything). I found NOTHING. No keyloggers, no viruses, no trojans, absolutely nothing.
The next logical course of action was of course to blame my girl because I had logged onto my MSN from her computer before. I ripped apart her computer, raged calling her stupid, only to find nothing.
1 week later, my girl goes to my ex's house (crazy ex, long story, won't explain) and finds that my logins were automatically selected when she was going to log onto her MSN. Now um...here's the thing: I've never been to her house. She does, however, know my password on my WoW account (I let her use one of them, I have 5. Used to 5 box shammies) which is the same one as my MSN. Of course, now I am raged as hell and want to murder her but she won't admit to logging on anything of mine. I checked her computer myself, to find my login's stored. It then also hit me that she told me her WoW account had been keylogged.
Sometimes you can do everything perfect, except something as stupid as what I did. In all my years of gaming (Ragnarok Online ALPHA was my first MMORPG), I have never been keylogged or hacked in my life. It really pisses me off that this occurred but there isn't anything I can do about it now. I'm just glad Blizzard banned my account and will get back to me asap.
My friend came over yesterday (yes, literally a day ago) and asked me to run ICC. I was like "dude, I haven't been playing WoW for a month..last time I ran ICC nothing dropped so I quit". He said "Um...I just saw you online."
Him and I had a long staring contest because he couldn't believe I had gotten keylogged (I'm very..um..experienced with the underground scene).
Now, lets back track 3 weeks ago. I turned off my computer went to bed, only to come online on MSN with my friend saying "Um...what the fuck? You got keylogged?". He c&ped a message to me, which EVERYONE on my MSN list got. Now, obviously there wasn't a program in my computer because my computer was off. Then...I ran a giant scan on my computer (3 anti-virus programs, along with manually checking everything). I found NOTHING. No keyloggers, no viruses, no trojans, absolutely nothing.
The next logical course of action was of course to blame my girl because I had logged onto my MSN from her computer before. I ripped apart her computer, raged calling her stupid, only to find nothing.
1 week later, my girl goes to my ex's house (crazy ex, long story, won't explain) and finds that my logins were automatically selected when she was going to log onto her MSN. Now um...here's the thing: I've never been to her house. She does, however, know my password on my WoW account (I let her use one of them, I have 5. Used to 5 box shammies) which is the same one as my MSN. Of course, now I am raged as hell and want to murder her but she won't admit to logging on anything of mine. I checked her computer myself, to find my login's stored. It then also hit me that she told me her WoW account had been keylogged.
Sometimes you can do everything perfect, except something as stupid as what I did. In all my years of gaming (Ragnarok Online ALPHA was my first MMORPG), I have never been keylogged or hacked in my life. It really pisses me off that this occurred but there isn't anything I can do about it now. I'm just glad Blizzard banned my account and will get back to me asap.
Peace.
Indeed, sharing any personal information with anyone else is very dangerous, not that they want to betray you, but then again they might not know.
To the OP: if browsing is your habit try this. I use a mobile WAN deal and link a "stand alone" notebook to my mobile WAN connection for browsing. For browsing I only browse, I do not log onto anything serious, never log onto my b.net or something. I do log on here, I am not worried if someone hack it and post some genius ideas on my behalf.
That notebook will always be standing alone, it will never in anyway be linked to my network of PCs, never ever. Not even a USB drive or whatever. No file or whatever sharing with my main networked bunch of PCs whatever. Never.
As for my networked PCs, they only visit a few websites, like b.net, and only when I need to change something there. Otherwise, the networked PCs are used to go online for games or linking up to my office VPN for business.
Just because someone does not understand how they were hacked, does not mean it was the results of someone elses mistakes or some conspiracy.
Honestly the best thing anyone who gets hacked can do is figure out how they were compromised and fix the behavior that is creating the vulnerability. If the best conclusion that can be reached is that there is some corporate conspiracy then the vulnerability is not going to get resolved and they are not being objective about where the problem is.
Simply put, it is a million times easier for a hacker to get account information from end users that have no idea what they are doing than it is to o anything else.
A buddy of mine whom I have known for 15 years and the guild leader of my guild just told me that his account was hacked over the weekend. The guy had 10 lvl 80 toons. The guild bank was cleaned out which had 3 tabs worth of stuff in it. He's had his account since beta, it's been acitve all that time and he's never had a problem before this. I just went and bought an authenticator from Blizzard for $7. I'm telling you, if you think you are safe, you are fooling yourself. I don't know what is the root cause, but I'm telling you that hacked accounts are becoming a huge problem. Whether we (gamers in general) have always been this vulnerable and it just hadn't bit us in the ass up till now I can't tell you, all I know is that hacked accounts are happening at an alarming rate. Personally I don't think this is just a matter of people being careless. That's just my opinion, I could be wrong.
He clearly said he is not playing WoW anymore, so I assumed his account is inactive. Do you think the hackers did stole his account, then paid for the subscription? That's just ridiculous.
That's not ridiculous at all as that happened to me too....
Not playing WoW for a few months (3 raid toons still max level though) then I got an email from Blizzard telling me one of my 2 account was banned for real money stuff.
Both accounts were reactivated with 30 days game cards. All toons were stripped and there was one additional toon, level 1 orc with a chinese name, on the non banned account.
After some mail to prove I was the original owner Blizzard unbanned the account, deleted the 2 game cards payments and after I reactivated the accounts, they restored all the gears and gold missing.
I then added their free keyring authentication system on my iphone and... just cancelled the accounts as I only wanted not to let pirates use my main non banned account and use my identity. I don't care about having paid for 2 months to fix that.
I tried to see how it was possible for them to hack the password. No keyloggers or such... Then I saw the day before Guild Wars player database was partially hacked and after checking, yes my username (e-mail) and password were the same than for my hacked B-Net account. That's the only possibility I see how to explain that. The other one would be an 'undetectable' key logger which I doubt.
First and last time I use the same pwd fro two different mmorpgs.
Do you remember when that partial GW account database hacking happened?
Update on my situation. Blizz is actually moving sorta fast, it's only been two business days and they've been asking me info. I was expecting this to take a month or something lol
I'm not in a rush to play (hence it was cancelled before) but I'm still fucking raged that some bitch logged onto my account. Does anyone know if Blizzard will hand all IPs out of those who logged onto the account? I want to confirm that it is who I think it is.
Update on my situation. Blizz is actually moving sorta fast, it's only been two business days and they've been asking me info. I was expecting this to take a month or something lol
I'm not in a rush to play (hence it was cancelled before) but I'm still fucking raged that some bitch logged onto my account. Does anyone know if Blizzard will hand all IPs out of those who logged onto the account? I want to confirm that it is who I think it is.
Reports on previous hacked account, experience of my roommate
Takes 3 days after they talked to you, to initate partial restoration, some gold (proportional to level of the character), most of the BoPs and practically everything you wear. Not ore or tradeables. Then a week later "final" restoration, with some more gold and most of the bank stuffs. The restoration is full on gear, but still fall short of a bit in cash and crafting materials.
Good luck with your restoration. Relax pal, Blizz service team is really prompt, and very polite.
I doubt blizzard will give you IPs of where your account was logged in.
Odds are blizzard can figure out who did it as they record the IP logged in during the transactions, but if you start pointing fingers at people you know, they just might figure out that you shared your info with someone.
If that is the case, you are just as likely to get yourself banned for trying to get revenge.
My advice is get your stuff back and consider it a lesson learned.
Update on my situation. Blizz is actually moving sorta fast, it's only been two business days and they've been asking me info. I was expecting this to take a month or something lol
I'm not in a rush to play (hence it was cancelled before) but I'm still fucking raged that some bitch logged onto my account. Does anyone know if Blizzard will hand all IPs out of those who logged onto the account? I want to confirm that it is who I think it is.
Reports on previous hacked account, experience of my roommate
Takes 3 days after they talked to you, to initate partial restoration, some gold (proportional to level of the character), most of the BoPs and practically everything you wear. Not ore or tradeables. Then a week later "final" restoration, with some more gold and most of the bank stuffs. The restoration is full on gear, but still fall short of a bit in cash and crafting materials.
Good luck with your restoration. Relax pal, Blizz service team is really prompt, and very polite.
Oh I'm not concerned about restoration (I play WoW on and off, I was in mostly ToGC gear before I quit casual raiding). I just want to be 100% sure on who it is (because I 'm pretty damn sure) and go break their computer. The issue isn't regarding my WoW account that is scaring me; my bank, and investment accounts have very similar info. While I've changed all passwords already, I'm still paranoid and need to haul that girl's ass off her building.
I was hacked this week.. and a friend last week as well.. Even the bliz employee I talked to on the phone was hacked that week was well..
Inside job? maybe, maybe not..
However, The blizz employee did confirm a keylogger bug on her internet exployer via "ADDONS"...... I too and my friend have used the addons as well.. ADDON'S are becoming the number 1 best way to get your info.. Blizzard is aware of this problem, but will NOT go public with it.. Too many people use addons from wowmatrix and curse, and Blizz wants to keep this a low profile event..
IF you go to the Customer Service forums you'll see more then 50% of their post are people yelling they got hacked.. This is becoming an epidemic that Blizz seems to be unsure how to handle it.. other then sell "authenticators"..
It is because of one thing usually if it's not 3rd party, and that is your secret question. If they can guess your secret question they basically have everything they need, and best of all Blizz won't let you change it so they can just keep using it to steal your account.
My brothers account was stolen repeatedly by his cousin because his cousin was a dick and knew his dads middle name. Both of us called Blizzard to tell them that it was his cousin so of course he knew the middle name, but they refused to let him change the secret question so it just kept happening and eventually Blizz locked his account for over a month and they said the only thing he could do was buy one of their sold out usb key things.
Really baffling... the only thing I can think is they are trying to promote their stupid keys.
I've gotten a few of those e-mails, even though I haven't player WoW since 2005. However, they want me to go to http://www.worldrofwarcraft.net/ <--spot the errors?
It is because of one thing usually if it's not 3rd party, and that is your secret question. If they can guess your secret question they basically have everything they need, and best of all Blizz won't let you change it so they can just keep using it to steal your account. My brothers account was stolen repeatedly by his cousin because his cousin was a dick and knew his dads middle name. Both of us called Blizzard to tell them that it was his cousin so of course he knew the middle name, but they refused to let him change the secret question so it just kept happening and eventually Blizz locked his account for over a month and they said the only thing he could do was buy one of their sold out usb key things. Really baffling... the only thing I can think is they are trying to promote their stupid keys.
Now that is a myth.
Addons being placed in the /addon subdirectory and opened by WoW only, cannot introduce a keylogger. If your addon has to be clicked and executed on its own, never fire it up.
I've gotten a few of those e-mails, even though I haven't player WoW since 2005. However, they want me to go to http://www.worldrofwarcraft.net/ <--spot the errors?
Even if the spelling on the link looks ok, the true webaddress might not match the typed link in the email. Now your link has one more r, that is not that subtle.
I just had this happen to me, i was in class checking my emails and i see a email from blizzard saying i have a 72 hour ban for exploiting economy. Real ban from blizzard, real blizzard info in the email. I go home and try to login to wow.com since i uninstalled the game a few months ago and have a authenticator key on my acct.
So im confused since i havent played in a while, could care less because i have no intent to go back, and im loving how when i called blizzard to try to get it back i just get a recording saying how they are busy and to call back later, wont even let me wait on hold.. gogo mmo(pretty much the same across any mmo) customer service, market leader in BLAH.
Comments
Here you go "evidence" I was jacked. Took out my real toons but these are the ones the jacker made to spam on my account.
Name Level Realm
Belaajadas 1 Thaurissan
Gammdsa 1 Kilrogg
Tinadsa 1 Nathrezim
Briarigityds 1 Nagrand
Galarir 2 Kael'thas
Taedrandas 1 Alexstrasza
Tabarndsa 1 Skullcrusher
Keiondsa 1 Sargeras
Daillincedda 1 Aman'Thul
Good times.
The e-mail was a real one from Blizzard unfortunately. All the links were to various Blizzard support pages but I still didn't click on them, not that it mattered at the time as it was just telling me the account was banned.
I wished I remembered to put this in the original post but I also have a second account that I accessed on this computer, different e-mail and was never converted to a BNet account. That one is still fine, I still have access to the account management through the WoW main page and there has been no activity since I canceled back in Sept. I'd like to say this narrows it down to problems with merging with BNet but who knows. Guess ill be getting an authenticator just so it doesn't happen again.
Just clicking on the links in the email is dangerous. Most of these phishing sites are designed to exploit flaws in many web browsers and try to install keyloggers.
Most common hacks go something like this
Phishing: some hacker sends out a fake email saying your account got banned, is under investigation or needs verification. The hope is the user will be naive enough to enter their login information at the fake site or just reply to the email with their account information.
Keylogger: Similar to above, but the link will take the user to a website that tries to exploit common flaws in web browsers and install keyloggers.
Email hacks: I'm not to familiar with all the ways to hack an email account, but I know some people make it stupid easy by choosing secret questions that anyone in the world could guess or google the answer to. Once someone has access to your email account they can access your wow account.
Some things most people need to know
Antivirus software, spyware software, malware software, firewalls will not protect you. They will not protect you and most will not even detect the problem. There is no piece of software that is going to protect you, especially from your own actions.
No web browser is secure. If you are using internet explorer I personally feel you are giving hackers a free pass to your computer. Get mozilla and install the noscripts addon. That will close many common holes, but there is no web browsing software that is going to keep you safe.
Never ever ever click the links in an email. It doesn't matter who you think it is from. If you get an email that looks like it is from blizzard then open your browser manually and type in the blizzard website address. If you are suspicious about the email, just hover your mouse over the links and check the address that appears in the bottom bar of your browser. Most likely it will be some ridiculous URL or something designed to look similar to blizzard.com or worldofwarcraft.com. Look at it very closely and you can spot the fakes pretty easy. Just delete them, but still never click the link on one you think might be real.
Change your email secret question if it is easy to guess.
The complexity of your blizzard password does not make your account hack proof. Most hacks could care less what sequence of characters your password is made up from. While not a bad idea, it isn't going to keep you safe. No one is going to brute force the blizzard login to get your account.
^ This.
It has gotten worse since the whole Bnet account merge thing. The scam-tards have been spamming any email address they can generate (friends of mine who have never even looked at WoW get these emails all the time now)
If you get this sort of email and are unsure of its authenticity, just manually go to your WoW account and check it out. DO NOT CLICK ANY LINKS on that email.
There are 3 types of people in the world.
1.) Those who make things happen
2.) Those who watch things happen
3.) And those who wonder "What the %#*& just happened?!"
Well you would be wrong. Blizzard did send me an e-mail saying that my account had been banned for violating the ToS. My account was hacked and then got banned for spamming gold chat messages. It happens. All the time as a matter of fact. It happens so often that as soon as it does Blizzard initiates an investigation. By the time I read the e-mail and responded to Blizzard it was already being looked at by the account team. All I had to do was say that I would like a recovery and they did recover my account. It was unbanned within a day or 2 and within 2 or 3 more days all my items had been recovered.
While there are a lot of scams going around and most likely an e-mail stating that your account has been compromised may indeed be a scam, it's not impossible to get an e-mail from Blizzard. Blizzard will notify you thru your e-mail if your account has been banned. It won't however ask you to log in with your user-id and password because in fact you won't be able to since it's been banned. All it will tell you is how to respond so that an account recovery can take place.
Just recently, I got an email saying that an account, not my account, was being banned for In-Game Spam/Third-Party Advertisement, which I have never done. The weird thing was, it wasn't my account. Immediately, I did three things. First, I went to the World of Warcraft website, and looked for the e-mail to send to if I believed my account had been compromised. I was unwilling to reply to the message I had gotten, for fear that it was a scam. Secondly, I ran both my CCleaner and AVG to make sure I was clean, no keyloggers, no viruses, no nothing. My computer was clean, dare I say, as a whistle.
And finally, I tried logging into my account, which had an authenticator code block on it. I do not, nor have I ever owned a Blizzard Authenticator, although I may in the near future because this has happened to me entirely too often. After I had discovered this fact, I sent an e-mail alerting Blizzard of this problem. That was yesterday, and I have yet to receive a reply.
theory #142, bliz is trying to push for mandatory authenticators, so they hack accounts to put the fear of hades into people so they agree to add an authenticator.
To be completely honest, after everything was said and done and the email was sent, I literally sat back and thought about it and that was one of the thoughts that I got. And it would actually make a lot of sense, kinda.
I use an email account to create handles on these kinds of forums. Email Account A.
I use another email account to create my b.net account and immediately cancelled all email concerning wow. Email account B.
I never use email account B for anything at all, and whenever I do anything with my b.net account, I log onto Account B and deleted everything.
I always use email account A openly, let the stupid hackers hack it.
Well I receive lots of emails from everywhere sent to email A, telling me my WoW account is compromised. No one send anything to my email B.
I am always amused when I got all sorts of doomsday email in email account A. Oh yeah, my WoW account is dead, dying, or being banned. Good grief.
I ran an Internet cafe for many years, have seen a lot of folks' browsing and Internet habits, and understand a good deal about how the Internet works and how to keep it from biting me in the ass. I haven't had a virus or anything for a long time, and I'm one of those folks who will pirate a triple-A game to give it a try before I commit to it, so it's not as though I never do anything questionable or dangerous on my machine. When I get a virus, I get off the internet At Speed and fix my shit in its entirety before I return to the World of Infecting Others.
That said, everyone fucking else does 100% of the time no matter how much they say about how safe they are.
Everyone I know has gotten keylogged or hacked or generally fucked-over, and it happens for a myriad of reasons, all of which involve folks not paying enough attention to what they're doing. This is how the Internet works.
You got hacked because you don't know well enough how -not- to get hacked; do more research, observe your browsing habits, check netstat when things are hitching in funny ways, take a look in msconfig's Startup tab for things you don't recognize, find a reliable registry sweeper, clear your cache a lot, disable System Restore, consistently run Malwarebytes or Avast or, if you happen to have six grand lying around, Symantec Corporate Edition.
All these things will improve your chances of discovering you've been hacked or infected so that you can clear your system and reset your passwords.
I've been using the same password nigh on fifteen years now. Never had to change it, never had an account stolen, not a single time. I also have a very strong password, which is helpful.
@OP.
I feel ya mate, here's my story.
My friend came over yesterday (yes, literally a day ago) and asked me to run ICC. I was like "dude, I haven't been playing WoW for a month..last time I ran ICC nothing dropped so I quit". He said "Um...I just saw you online."
Him and I had a long staring contest because he couldn't believe I had gotten keylogged (I'm very..um..experienced with the underground scene).
Now, lets back track 3 weeks ago. I turned off my computer went to bed, only to come online on MSN with my friend saying "Um...what the fuck? You got keylogged?". He c&ped a message to me, which EVERYONE on my MSN list got. Now, obviously there wasn't a program in my computer because my computer was off. Then...I ran a giant scan on my computer (3 anti-virus programs, along with manually checking everything). I found NOTHING. No keyloggers, no viruses, no trojans, absolutely nothing.
The next logical course of action was of course to blame my girl because I had logged onto my MSN from her computer before. I ripped apart her computer, raged calling her stupid, only to find nothing.
1 week later, my girl goes to my ex's house (crazy ex, long story, won't explain) and finds that my logins were automatically selected when she was going to log onto her MSN. Now um...here's the thing: I've never been to her house. She does, however, know my password on my WoW account (I let her use one of them, I have 5. Used to 5 box shammies) which is the same one as my MSN. Of course, now I am raged as hell and want to murder her but she won't admit to logging on anything of mine. I checked her computer myself, to find my login's stored. It then also hit me that she told me her WoW account had been keylogged.
Sometimes you can do everything perfect, except something as stupid as what I did. In all my years of gaming (Ragnarok Online ALPHA was my first MMORPG), I have never been keylogged or hacked in my life. It really pisses me off that this occurred but there isn't anything I can do about it now. I'm just glad Blizzard banned my account and will get back to me asap.
Peace.
Indeed, sharing any personal information with anyone else is very dangerous, not that they want to betray you, but then again they might not know.
To the OP: if browsing is your habit try this. I use a mobile WAN deal and link a "stand alone" notebook to my mobile WAN connection for browsing. For browsing I only browse, I do not log onto anything serious, never log onto my b.net or something. I do log on here, I am not worried if someone hack it and post some genius ideas on my behalf.
That notebook will always be standing alone, it will never in anyway be linked to my network of PCs, never ever. Not even a USB drive or whatever. No file or whatever sharing with my main networked bunch of PCs whatever. Never.
As for my networked PCs, they only visit a few websites, like b.net, and only when I need to change something there. Otherwise, the networked PCs are used to go online for games or linking up to my office VPN for business.
Just because someone does not understand how they were hacked, does not mean it was the results of someone elses mistakes or some conspiracy.
Honestly the best thing anyone who gets hacked can do is figure out how they were compromised and fix the behavior that is creating the vulnerability. If the best conclusion that can be reached is that there is some corporate conspiracy then the vulnerability is not going to get resolved and they are not being objective about where the problem is.
Simply put, it is a million times easier for a hacker to get account information from end users that have no idea what they are doing than it is to o anything else.
A buddy of mine whom I have known for 15 years and the guild leader of my guild just told me that his account was hacked over the weekend. The guy had 10 lvl 80 toons. The guild bank was cleaned out which had 3 tabs worth of stuff in it. He's had his account since beta, it's been acitve all that time and he's never had a problem before this. I just went and bought an authenticator from Blizzard for $7. I'm telling you, if you think you are safe, you are fooling yourself. I don't know what is the root cause, but I'm telling you that hacked accounts are becoming a huge problem. Whether we (gamers in general) have always been this vulnerable and it just hadn't bit us in the ass up till now I can't tell you, all I know is that hacked accounts are happening at an alarming rate. Personally I don't think this is just a matter of people being careless. That's just my opinion, I could be wrong.
That's not ridiculous at all as that happened to me too....
Not playing WoW for a few months (3 raid toons still max level though) then I got an email from Blizzard telling me one of my 2 account was banned for real money stuff.
Both accounts were reactivated with 30 days game cards. All toons were stripped and there was one additional toon, level 1 orc with a chinese name, on the non banned account.
After some mail to prove I was the original owner Blizzard unbanned the account, deleted the 2 game cards payments and after I reactivated the accounts, they restored all the gears and gold missing.
I then added their free keyring authentication system on my iphone and... just cancelled the accounts as I only wanted not to let pirates use my main non banned account and use my identity. I don't care about having paid for 2 months to fix that.
I tried to see how it was possible for them to hack the password. No keyloggers or such... Then I saw the day before Guild Wars player database was partially hacked and after checking, yes my username (e-mail) and password were the same than for my hacked B-Net account. That's the only possibility I see how to explain that. The other one would be an 'undetectable' key logger which I doubt.
First and last time I use the same pwd fro two different mmorpgs.
Do you remember when that partial GW account database hacking happened?
Update on my situation. Blizz is actually moving sorta fast, it's only been two business days and they've been asking me info. I was expecting this to take a month or something lol
I'm not in a rush to play (hence it was cancelled before) but I'm still fucking raged that some bitch logged onto my account. Does anyone know if Blizzard will hand all IPs out of those who logged onto the account? I want to confirm that it is who I think it is.
Reports on previous hacked account, experience of my roommate
Takes 3 days after they talked to you, to initate partial restoration, some gold (proportional to level of the character), most of the BoPs and practically everything you wear. Not ore or tradeables. Then a week later "final" restoration, with some more gold and most of the bank stuffs. The restoration is full on gear, but still fall short of a bit in cash and crafting materials.
Good luck with your restoration. Relax pal, Blizz service team is really prompt, and very polite.
I doubt blizzard will give you IPs of where your account was logged in.
Odds are blizzard can figure out who did it as they record the IP logged in during the transactions, but if you start pointing fingers at people you know, they just might figure out that you shared your info with someone.
If that is the case, you are just as likely to get yourself banned for trying to get revenge.
My advice is get your stuff back and consider it a lesson learned.
Reports on previous hacked account, experience of my roommate
Takes 3 days after they talked to you, to initate partial restoration, some gold (proportional to level of the character), most of the BoPs and practically everything you wear. Not ore or tradeables. Then a week later "final" restoration, with some more gold and most of the bank stuffs. The restoration is full on gear, but still fall short of a bit in cash and crafting materials.
Good luck with your restoration. Relax pal, Blizz service team is really prompt, and very polite.
Oh I'm not concerned about restoration (I play WoW on and off, I was in mostly ToGC gear before I quit casual raiding). I just want to be 100% sure on who it is (because I 'm pretty damn sure) and go break their computer. The issue isn't regarding my WoW account that is scaring me; my bank, and investment accounts have very similar info. While I've changed all passwords already, I'm still paranoid and need to haul that girl's ass off her building.
I was hacked this week.. and a friend last week as well.. Even the bliz employee I talked to on the phone was hacked that week was well..
Inside job? maybe, maybe not..
However, The blizz employee did confirm a keylogger bug on her internet exployer via "ADDONS"...... I too and my friend have used the addons as well.. ADDON'S are becoming the number 1 best way to get your info.. Blizzard is aware of this problem, but will NOT go public with it.. Too many people use addons from wowmatrix and curse, and Blizz wants to keep this a low profile event..
IF you go to the Customer Service forums you'll see more then 50% of their post are people yelling they got hacked.. This is becoming an epidemic that Blizz seems to be unsure how to handle it.. other then sell "authenticators"..
/shrug
It is because of one thing usually if it's not 3rd party, and that is your secret question. If they can guess your secret question they basically have everything they need, and best of all Blizz won't let you change it so they can just keep using it to steal your account.
My brothers account was stolen repeatedly by his cousin because his cousin was a dick and knew his dads middle name. Both of us called Blizzard to tell them that it was his cousin so of course he knew the middle name, but they refused to let him change the secret question so it just kept happening and eventually Blizz locked his account for over a month and they said the only thing he could do was buy one of their sold out usb key things.
Really baffling... the only thing I can think is they are trying to promote their stupid keys.
I've gotten a few of those e-mails, even though I haven't player WoW since 2005. However, they want me to go to http://www.worldrofwarcraft.net/ <--spot the errors?
Now that is a myth.
Addons being placed in the /addon subdirectory and opened by WoW only, cannot introduce a keylogger. If your addon has to be clicked and executed on its own, never fire it up.
Even if the spelling on the link looks ok, the true webaddress might not match the typed link in the email. Now your link has one more r, that is not that subtle.
I just had this happen to me, i was in class checking my emails and i see a email from blizzard saying i have a 72 hour ban for exploiting economy. Real ban from blizzard, real blizzard info in the email. I go home and try to login to wow.com since i uninstalled the game a few months ago and have a authenticator key on my acct.
So im confused since i havent played in a while, could care less because i have no intent to go back, and im loving how when i called blizzard to try to get it back i just get a recording saying how they are busy and to call back later, wont even let me wait on hold.. gogo mmo(pretty much the same across any mmo) customer service, market leader in BLAH.