That being said, why does something have to have changed recently?
I hear what you are saying, but how do you explain the following post? I'm seeing more and more of these recently and had never heard of it happening prior to the last 3 to 4 weeks.
He only played once about a year ago and apparently had never received any e-mails about his WoW account up till about 3 weeks ago. I can't say for certain, but this appears to be a valid e-mail from Blizzard notifying him that his password has been changed. That is not typically what has happened in the passed. A password change on an account that's been inactive for over a year? In the passed most account compromises were on ACTIVE accounts, in fact I had NEVER heard of an inactive account being compromised prior to the last couple of weeks.
That's different in my humble opinion. And yes it could be explained that they have had his account info for over a year and just now getting around to his account, but does that sound any more plausible then what I'm suggesting? It doesn't to me. Not a bit more plausible and in fact I think it's a lot more inplausible. He only played for a few hours and was somehow keylogged in that short period of time and then the information used a year later. C'mon, surely you see this is as absurd as anything that I have suggested if not more and this has only started happening in the last month or so.
I see a new pattern in recent events. That's just my opinion, I could be wrong.
Gold farming has become more malicious these days. What they do, is they hack the accounts and use stolen credit card information to activate them. This has been going on for some time.
I just want to put my name in as another legitimate player who has been screwed by this.
I had a regular WoW account for about 3 years, starting from about the 2nd week the game came out, then I quit maybe a year ago. I got the anniversary email that said I had 7 days of free game time to try the game again, but I could not login to the game until I converted my account to battle.net account, so I did.
I played my free time for 7 days and then did not re-subscribe so have not played for about 2 months or so. Then I get an email out of nowhere 3 days ago that my account has been banned for "Exploiting The Economy" which I assume is for buying/selling gold.
I called customer support and the guy says that my account has domestic (not China/Korea) logins after the period of my anniversary time login so I can only assume somehow my account has been compromised and logged into since then. I have never traded my account information to anyone, never bought or sold this account, etc so basically I am 100% sure that my account was either compromised internally at Blizzard, or that I had a key-logger program on my computer at the time I logged in for the 7 days I was trying the anniversary trial.
I am a web/database developer so I consider myself somewhat educated on how to prevent key-logger and virus/malware from getting access to a network, so I very much doubt that I somehow had a third party executable program fetch my credentials, i played the game (and many other games) for the last 5 years with NO problems. I have a firewall (m0n0wall) prtotecting my home network computers.
All I can say is that I am 95% sure that this is some kind of complete BULLSHIT going on that they better get fixed, it's very disturbing. And if there is some explanation I would be glad to hear it.
I find it interesting how so many people with 5 posts only got their WoW accounts hacked and they did not do anything anything wrong. I work as a CSR so I know when people call to complain it is NEVER their fault. It is ALWAYS the company fault. People always do everything right and never make a mistake. Its ridiculous to even consider that a person with no technical PC knowledge is better protected from hackers then a multi-million corporation with a professional team guarding its data. No sir, not the people's faults. It must be the company - their bad security or even an insider job.
I have some 2000 posts to these forums to my name.
I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW.
I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases.
I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working.
I have always had an anti-virus package installed on my PC and it's always updated.
I always have the latest updates for Windows installed on my PC.
I do not visit unsecure websites.
I do not fall for phishing e-mails.
I don't give out my password.
I'm aware of most of the most common techniques that hackers use to try to compromise your data.
I have a firewall on my PC that I constantly monitor
I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean.
And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised.
I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time.
It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation?
I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised."
Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
It doesn't matter who you are, there is no such thing as safe or secure (end user and corporation alike). The fact that you mention firewall suggests that you don't know as much as you think you do.
Anyhow, the reason there are so many hacked accounts in wow is because it is big business. There are people out there making crazy insane amounts of money from hacking accounts, liquidating cash/farming gold and selling it to other players.
That isn't something that is very common in other computer games. There is no money to be made in hacking your left for dead 2 account of vanguard account. It is natural that activities like this increase as there is a demand for their services (gold sales).
All we know from that account is the user got an email. No where did they say they actually checked the account to see if it was indeed hacked. For sake of discussion lets assume it is real. OK. How could an inactive account get hacked? There are to many ways to list. Maybe their email account was hacked. The e-mail does not say the password was reset and here is the new password, it says the password has been changed. To change the password you have to know the password already, so whomever made this change already had the password to his WoW account. This is exactly what happened to me. The hackers change your password so that you can't login to your account while they are in the account and kick them off it. So this particular instance doesn't seem to be an e-mail account hack. Maybe they thought the phishing email was real and clicked it. He doesn't say he did this, in fact he says he didn't. Perhaps his account isn't compromised, but for the purposes of this disucussion we are assuming that it is, so this doesn't work. Maybe they used their email address and wow password on some gold sites. He doesn't say he did this and why would he? He said he downloaded the game and played for a couple hours and uninstalled the game. Why would he need to EVER enter his account information again. It doesn't make sense that he would do this and again he didn't say that he did. Maybe the is more information to the story that isn't being presented as end users often do. And maybe the user is being completely honest about what happened. I have no reason to doubt his story, he doesn't even play the game anymore. Why would he lie about this? Again it doesn't seem to fit. If you worked in tech support you know what I mean. Actually I work in a support role for a large corporation. I have worked in tech support for over 20 years and I have known DOZENS of times when there were security breaches because of new software being installed and not working as expected or intended. I know that as a tech support analyst my first instinct is NOT to believe that the user is lieing or mistaken and brush him off, my first instinct is to believe that he is telling me the truth and that there is a problem. If I check and find that's NOT the case, then I may begin to ask more questions and see if the problem is user error or something else, but's NOT where you start. Often times when a user says there is a problem, they are correct and there is a hardware, software or data problem.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
They NEVER tell you anything. They simply say your account has been restored, DON'T LET IT HAPPEN AGAIN or words to that effect. Blizzard is not going to reveal anything they find out to you, that would be silly. It may deserve an explanation, but trust me you're not going to get one.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
It doesn't matter who you are, there is no such thing as safe or secure (end user and corporation alike). The fact that you mention firewall suggests that you don't know as much as you think you do.
Anyhow, the reason there are so many hacked accounts in wow is because it is big business. There are people out there making crazy insane amounts of money from hacking accounts, liquidating cash/farming gold and selling it to other players.
That isn't something that is very common in other computer games. There is no money to be made in hacking your left for dead 2 account of vanguard account. It is natural that activities like this increase as there is a demand for their services (gold sales).
I'm not grasping your argument, so we should accept it because there's nothing we can do about it, because it's big business?
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Actually pappy, the user never said they didn't click anything. All they said was they got an email saying their password was changed and they assumed their account was hacked.
Everything else about your example has been filled with assumptions that there was something more than a user receiving an email. Much like you were beating on me about a few posts back.
Anyhow, my point about the email and password is that a lot of users use the same username, email address and password on websites all over the internet. People use their real name and things of that nature. End users don't always give all the information on what happened as is the fact of this case (there is no information other than 1 email). I didn't say omitting information was the act of a lie, some people just don't know what is important and what isn't.
Based on what information was shared, how could anyone possibly explain what happened? Especially considering we don't even know if anything did happen. This is a perfect example of what I have been talking about this whole time.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Well yes obviously in your case you had 3rd party programs, but I think a lot of people got the ban for no reason (like myself). I've played this game fairly for 4 years since release with NO addons, third party bullshit, etc and I still got compromised and all my gold sold RIGHT after the battle.net credential transfer, that's what this thread is about I thought.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Of course they are going to respond this way. 1st off you were probably talking to a 1st level tech support person who doesn't have the 1st clue what really happened, all they know is that you need your account restored and they try to do that for you. Secondly even if they did know what actually caused the problem, if they said it was a Blizzard problem they wouldn't be working for Blizzard for much longer, even a 1st line tech support person knows you say "Add-ons" when someone asks how their account was compromised if you want to continue to work for Blizzard.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Addons are 100% safe if you do nothing more than extract the files to your addon folder. They are not even activated when you log into the game.
I doubt a csr on the phone will actually have the specific answer to how you got hacked, just that is got hacked.
Actually pappy, the user never said they didn't click anything. He said he didn't even care because he no longer used the account which to me implies that he didn't click on the link and in fact it doesn't appear to be a link at all, only a URL to enter into a browser which is a valid URL to Blizzard's website although it's possible the link just didn't come across when it was copied and pasted. He didn't say he DID click on a link if there was one. In my opinion you're fishing for an answer where there is no evidence of one. We've both had our say now, I think it's time to agree to disagree.
I think just the fact that there's a huge thread of people complaining about this issue is proof that there's something going on.
Something is not right and Blizzard needs to state something regarding this.
Blizzard (or battle.net) fucked something up and people who play the game fairly are being punished! That's all I care about, I've never had an issue with any game I've played until now.
I think just the fact that there's a huge thread of people complaining about this issue is proof that there's something going on. No, it's not proof, it's circumstantial evidence at best, but sometimes if you have enough circumstantial evidence you can convince someone beyond a reasonable doubt. I'm starting to be convinced. Something is not right and Blizzard needs to state something regarding this. Blizzards answer is to get an authenticator and actually that's not a half bad solution. It's 7 bucks. That's half what you pay for your monthly fee and it's a one time fee. Isn't it worth 7 bucks to have a secure account? It is to me, so I've done it. My buddy did it. We both hope that we will never have to worry about security on our accounts again. I'm sure that's not the answer you would like, but if it works it works. It would be nice to see Blizzard add the authenticators into the next expansion and perhaps they will. I don't think it would be a money issue as Blizzard can certainly afford a $6 authenticator per box sold, but it's a logistics problem as some people already have them and they would have to make 4 or 5 million of them to stick in the boxes in the first place. Maybe Blizz can put a coupon in the box for a free authenticator or something. We'll see.
Until I hear otherwise from the publicly traded corporation Activision, I recommend the following:
DO NOT transfer your worldofwarcraft.com account to a battle.net account.
YOU WILL LOSE your account. YOU WILL LOSE all your work, all your friends and guild mates, all your possesions. You will be at the mercy of the Activision customer support representative, your account will be flagged and banned until further review...
I'm not sure what further review means but I will let you know when I find out...
Originally posted by Pappy13 Originally posted by Daffid011 Originally posted by Mykell I hate to admit it but i d/l'ed the WoW trial in a moment of weakness about a year ago. Played for a few hours, got bored and uninstalled it. Then a couple of weeks ago i get an email saying... Greetings! This is an automated notification regarding the recent change(s) made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website. *** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password we recommend you Login verify your password: http://www.worldofwarcraft.com If you are unable to successfully verify your password . using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment
I could care less but i have no idea how they hacked into it since i forgot the account even existed lol.
That is a phishing email. The sender hopes that you will click on a link that will take you to what looks like the wow website and hope you enter your account information there. Your account is most likely untouched.
You don't know that for sure. Nothing in that e-mail suggests that it's bogus. I in fact recieved an identical e-mail from Blizzard when my account was hacked. No, I didn't click on the link, in fact there was no link in the e-mail, only a URL that could be typed in just like this one here. The first thing I did was ask my son to log into my account using my user-id and password because I was at work and couldn't do it and he said the password was wrong. My account WAS hacked.
You are making assumptions based on what you believe to be true that are not necessarily true.
Ditto, when I received an email like this, before clicking on anything I logged into the armory and all my gear was already gone. The email was time stamped around 7 am my time and I hit the armory around 9 am.
Originally posted by Pappy13 Originally posted by jimmyman99 I find it interesting how so many people with 5 posts only got their WoW accounts hacked and they did not do anything anything wrong. I work as a CSR so I know when people call to complain it is NEVER their fault. It is ALWAYS the company fault. People always do everything right and never make a mistake. Its ridiculous to even consider that a person with no technical PC knowledge is better protected from hackers then a multi-million corporation with a professional team guarding its data. No sir, not the people's faults. It must be the company - their bad security or even an insider job.
I have some 2000 posts to these forums to my name. I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW. I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases. I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working. I have always had an anti-virus package installed on my PC and it's always updated. I always have the latest updates for Windows installed on my PC. I do not visit unsecure websites. I do not fall for phishing e-mails. I don't give out my password. I'm aware of most of the most common techniques that hackers use to try to compromise your data. I have a firewall on my PC that I constantly monitor I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean. And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised. I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time. It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
Pappy, since it sounds like you're in the trade I'm sure you're well aware of this, and for anyone who isn't just go find yourself a decent IT related news site and you will see that companies that SHOULD be secure get hacked ALL the time, most of the time people only hear about it when it's a financial company who is required by law to disclose this info to it's customers, and even then it's usually weeks to months later before they do so. I am NOT saying Blizzard/Activision security has ever been compromised, but I am saying it is well within the realm of possibility and they are under no legal obligation to admit it if it ever does happen. From a shareholder perspective it would be best to keep such news as quiet as possible.
In my own case I was responsible for my account being compromised, BUT I am uncomfortable with the amount and type of information other people were able to get out of Blizzard "on my behalf" without my consent or account information details.
I hate to admit it but i d/l'ed the WoW trial in a moment of weakness about a year ago. Played for a few hours, got bored and uninstalled it. Then a couple of weeks ago i get an email saying...
Greetings!
This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
If you are unable to successfully verify your password .
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment
I could care less but i have no idea how they hacked into it since i forgot the account even existed lol.
That is a phishing email. The sender hopes that you will click on a link that will take you to what looks like the wow website and hope you enter your account information there.
Your account is most likely untouched.
You don't know that for sure. Nothing in that e-mail suggests that it's bogus. I in fact recieved an identical e-mail from Blizzard when my account was hacked. No, I didn't click on the link, in fact there was no link in the e-mail, only a URL that could be typed in just like this one here. The first thing I did was ask my son to log into my account using my user-id and password because I was at work and couldn't do it and he said the password was wrong. My account WAS hacked.
You are making assumptions based on what you believe to be true that are not necessarily true.
Ditto, when I received an email like this, before clicking on anything I logged into the armory and all my gear was already gone. The email was time stamped around 7 am my time and I hit the armory around 9 am.
Pretty much what happened to me as well. By the time I saw the e-mail that my password had been changed, I already had another e-mail from Blizzard that said this:
Greetings ??????,
Account Name: ????????
Access to this account has been temporarily disabled due to inappropriate
advertising activity within the World of Warcraft, and we are currently
conducting a thorough investigation on this issue. Any recurring subscriptions
on this account have also been suspended to prevent further monetary charges.
We are committed to concluding this investigation as quickly as possible, and
appreciate your patience as we attempt to resolve this issue. We sincerely
apologize for any inconvenience you may experience and will contact you again as
soon as this account's review is complete. Please be aware that we will be
unable to provide any additional information regarding this matter until the
conclusion of the investigation.
Thank you again for your time and patience in this matter.
Regards,
Ferenire
Game Master
Blizzard Entertainment
www.worldofwarcraft.com
My son checked the armory and my toons were all naked. He also tried to log into my account and found the account information not working. A couple days later I got this from Blizzard:
Greetings,
Please review this entire message, as it contains important instructions about the security of your account.
Recently you were contacted regarding an action on the World of Warcraft account you are using. Upon further review, it appears the account was compromised. As a result, the account action has been removed from the account at this time.
We have restored access to World of Warcraft account ??????? and reset the account's password.
Please consider that if an unauthorized third-party has accessed your account, they may also have access to the registered email address associated with the account. In order to protect your personal information, we recommend that you:
-Change the password of your current email address to ensure that you are the only one accessing it or -Create a new email address to associate with your existing World of Warcraft account.
We encourage you to keep the following security tips in mind when playing World of Warcraft on any computer:
- Use up-to-date Firewall, Antivirus, and Anti-Spyware programs if possible and scan the system regularly for malicious software.
- Keep current with the latest operating system and other software updates and be careful when downloading new software.
- Be wary of "spoof" websites and e-mails that request account or personal information.
- Use separate, unique passwords for your email, World of Warcraft and any other online accounts.
- Change your passwords regularly and keep your World of Warcraft account information updated using the Account Management page at http://www.worldofwarcraft.com/account/.
For additional security tips and information, please visit the following sites:
It may take up to one hour for our system to generate and send the temporary password and we suggest checking your Spam, Junk and/or Suspect Mail folders for the message.
Additionally, we now offer the Blizzard Authenticator, an optional device that can help prevent account security issues. For more information concerning eligibility and on how to add this additional layer of security to your account, please visit the Blizzard Authenticator FAQ at http://us.blizzard.com/support/article/24660.
The Account Administration department is not responsible for the restoration of missing goods due to a compromise and we are unable to provide updates on the status of a compromise investigation. If you notice anything missing from your account, submit an in-game petition and a Game Master will contact you as soon as possible to help resolve the issue.
Feel free to contact us with any further questions or concerns you may have.
Sincerely,
Poyule
Account Administrator
Blizzard Entertainment
www.blizzard.com
Note that every one of these e-mails were in fact legitimate e-mails from Blizzard. None of them were phishing e-mails and in fact I very rarely get a phishing e-mail, I think I have only seen maybe 1 or 2. So don't assume than an e-mail from Blizzard is a phishing expedition. Don't click on the links just in case, but do check it out on Blizzard's official site by typing it directly into your broswer.
I find it interesting how so many people with 5 posts only got their WoW accounts hacked and they did not do anything anything wrong. I work as a CSR so I know when people call to complain it is NEVER their fault. It is ALWAYS the company fault. People always do everything right and never make a mistake. Its ridiculous to even consider that a person with no technical PC knowledge is better protected from hackers then a multi-million corporation with a professional team guarding its data. No sir, not the people's faults. It must be the company - their bad security or even an insider job.
I have some 2000 posts to these forums to my name.
I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW.
I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases.
I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working.
I have always had an anti-virus package installed on my PC and it's always updated.
I always have the latest updates for Windows installed on my PC.
I do not visit unsecure websites.
I do not fall for phishing e-mails.
I don't give out my password.
I'm aware of most of the most common techniques that hackers use to try to compromise your data.
I have a firewall on my PC that I constantly monitor
I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean.
And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised.
I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time.
It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
Pappy, since it sounds like you're in the trade I'm sure you're well aware of this, and for anyone who isn't just go find yourself a decent IT related news site and you will see that companies that SHOULD be secure get hacked ALL the time, most of the time people only hear about it when it's a financial company who is required by law to disclose this info to it's customers, and even then it's usually weeks to months later before they do so. I am NOT saying Blizzard/Activision security has ever been compromised, but I am saying it is well within the realm of possibility and they are under no legal obligation to admit it if it ever does happen. From a shareholder perspective it would be best to keep such news as quiet as possible.
In my own case I was responsible for my account being compromised, BUT I am uncomfortable with the amount and type of information other people were able to get out of Blizzard "on my behalf" without my consent or account information details.
To summarize - Do not transfer your account to battle.net or it will get hacked and Blizzard is under no requirement to tell you about it. So there's nothing you can do to get it back.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation? I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised." Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
this make me laugh when they say all these addon have keyloggers . well if that is so why dont blizz just make it so you cant use any addons . . if this was the case then theres a lot of players useing the same ones and we should all have had are account hacked . another bad thing on the account page any secrect qustion you put in years ago . theres no option to change it ill be lost if i have to reply to that .
Until I hear otherwise from the publicly traded corporation Activision, I recommend the following: DO NOT transfer your worldofwarcraft.com account to a battle.net account. YOU WILL LOSE your account. YOU WILL LOSE all your work, all your friends and guild mates, all your possesions. You will be at the mercy of the Activision customer support representative, your account will be flagged and banned until further review... I'm not sure what further review means but I will let you know when I find out...
If you don't transfer your WoW account to Bnet, how do you expect to use it? Its all tied in to Bnet now. I was one of the first to purchase one of the authenticators, as I was able to predict how bad things would get. Using email addresses is not a bright move, who ever came up with that "genius flash" needs to be sent back to the mail room.
Comments
It is a smart tactic. Their methods are getting more refined and effective.
I hear what you are saying, but how do you explain the following post? I'm seeing more and more of these recently and had never heard of it happening prior to the last 3 to 4 weeks.
http://www.mmorpg.com/discussion2.cfm/post/3358784#3358784
He only played once about a year ago and apparently had never received any e-mails about his WoW account up till about 3 weeks ago. I can't say for certain, but this appears to be a valid e-mail from Blizzard notifying him that his password has been changed. That is not typically what has happened in the passed. A password change on an account that's been inactive for over a year? In the passed most account compromises were on ACTIVE accounts, in fact I had NEVER heard of an inactive account being compromised prior to the last couple of weeks.
That's different in my humble opinion. And yes it could be explained that they have had his account info for over a year and just now getting around to his account, but does that sound any more plausible then what I'm suggesting? It doesn't to me. Not a bit more plausible and in fact I think it's a lot more inplausible. He only played for a few hours and was somehow keylogged in that short period of time and then the information used a year later. C'mon, surely you see this is as absurd as anything that I have suggested if not more and this has only started happening in the last month or so.
I see a new pattern in recent events. That's just my opinion, I could be wrong.
Gold farming has become more malicious these days. What they do, is they hack the accounts and use stolen credit card information to activate them. This has been going on for some time.
I just want to put my name in as another legitimate player who has been screwed by this.
I had a regular WoW account for about 3 years, starting from about the 2nd week the game came out, then I quit maybe a year ago. I got the anniversary email that said I had 7 days of free game time to try the game again, but I could not login to the game until I converted my account to battle.net account, so I did.
I played my free time for 7 days and then did not re-subscribe so have not played for about 2 months or so. Then I get an email out of nowhere 3 days ago that my account has been banned for "Exploiting The Economy" which I assume is for buying/selling gold.
I called customer support and the guy says that my account has domestic (not China/Korea) logins after the period of my anniversary time login so I can only assume somehow my account has been compromised and logged into since then. I have never traded my account information to anyone, never bought or sold this account, etc so basically I am 100% sure that my account was either compromised internally at Blizzard, or that I had a key-logger program on my computer at the time I logged in for the 7 days I was trying the anniversary trial.
I am a web/database developer so I consider myself somewhat educated on how to prevent key-logger and virus/malware from getting access to a network, so I very much doubt that I somehow had a third party executable program fetch my credentials, i played the game (and many other games) for the last 5 years with NO problems. I have a firewall (m0n0wall) prtotecting my home network computers.
All I can say is that I am 95% sure that this is some kind of complete BULLSHIT going on that they better get fixed, it's very disturbing. And if there is some explanation I would be glad to hear it.
I had to wait on hold for 45 minutes again but blizz got it straigtened out.
I have some 2000 posts to these forums to my name.
I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW.
I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases.
I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working.
I have always had an anti-virus package installed on my PC and it's always updated.
I always have the latest updates for Windows installed on my PC.
I do not visit unsecure websites.
I do not fall for phishing e-mails.
I don't give out my password.
I'm aware of most of the most common techniques that hackers use to try to compromise your data.
I have a firewall on my PC that I constantly monitor
I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean.
And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised.
I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time.
It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
I'm curious when people say that Blizzard straightened it out, what exactly did they say to you for an explanation?
I mean if they are just going to say to everyone "Yes you had a virus so your account was compromised."
Well I'm sorry, that is BULLSHIT. I did not have a virus or key-logger, because some of us are not fucking retards who open EXE files through email or have our computers wide open without a firewall. Some of us have been playing games for the last 10 years with no security issues and now all of the sudden this shit comes out of nowhere. Yes it deserves a real explanation.
It doesn't matter who you are, there is no such thing as safe or secure (end user and corporation alike). The fact that you mention firewall suggests that you don't know as much as you think you do.
Anyhow, the reason there are so many hacked accounts in wow is because it is big business. There are people out there making crazy insane amounts of money from hacking accounts, liquidating cash/farming gold and selling it to other players.
That isn't something that is very common in other computer games. There is no money to be made in hacking your left for dead 2 account of vanguard account. It is natural that activities like this increase as there is a demand for their services (gold sales).
They NEVER tell you anything. They simply say your account has been restored, DON'T LET IT HAPPEN AGAIN or words to that effect. Blizzard is not going to reveal anything they find out to you, that would be silly. It may deserve an explanation, but trust me you're not going to get one.
It doesn't matter who you are, there is no such thing as safe or secure (end user and corporation alike). The fact that you mention firewall suggests that you don't know as much as you think you do.
Anyhow, the reason there are so many hacked accounts in wow is because it is big business. There are people out there making crazy insane amounts of money from hacking accounts, liquidating cash/farming gold and selling it to other players.
That isn't something that is very common in other computer games. There is no money to be made in hacking your left for dead 2 account of vanguard account. It is natural that activities like this increase as there is a demand for their services (gold sales).
I'm not grasping your argument, so we should accept it because there's nothing we can do about it, because it's big business?
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Actually pappy, the user never said they didn't click anything. All they said was they got an email saying their password was changed and they assumed their account was hacked.
Everything else about your example has been filled with assumptions that there was something more than a user receiving an email. Much like you were beating on me about a few posts back.
Anyhow, my point about the email and password is that a lot of users use the same username, email address and password on websites all over the internet. People use their real name and things of that nature. End users don't always give all the information on what happened as is the fact of this case (there is no information other than 1 email). I didn't say omitting information was the act of a lie, some people just don't know what is important and what isn't.
Based on what information was shared, how could anyone possibly explain what happened? Especially considering we don't even know if anything did happen. This is a perfect example of what I have been talking about this whole time.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Well yes obviously in your case you had 3rd party programs, but I think a lot of people got the ban for no reason (like myself). I've played this game fairly for 4 years since release with NO addons, third party bullshit, etc and I still got compromised and all my gold sold RIGHT after the battle.net credential transfer, that's what this thread is about I thought.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Of course they are going to respond this way. 1st off you were probably talking to a 1st level tech support person who doesn't have the 1st clue what really happened, all they know is that you need your account restored and they try to do that for you. Secondly even if they did know what actually caused the problem, if they said it was a Blizzard problem they wouldn't be working for Blizzard for much longer, even a 1st line tech support person knows you say "Add-ons" when someone asks how their account was compromised if you want to continue to work for Blizzard.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
Addons are 100% safe if you do nothing more than extract the files to your addon folder. They are not even activated when you log into the game.
I doubt a csr on the phone will actually have the specific answer to how you got hacked, just that is got hacked.
I think just the fact that there's a huge thread of people complaining about this issue is proof that there's something going on.
Something is not right and Blizzard needs to state something regarding this.
Blizzard (or battle.net) fucked something up and people who play the game fairly are being punished! That's all I care about, I've never had an issue with any game I've played until now.
FIX
THIS
BULLSHIT
Until I hear otherwise from the publicly traded corporation Activision, I recommend the following:
DO NOT transfer your worldofwarcraft.com account to a battle.net account.
YOU WILL LOSE your account. YOU WILL LOSE all your work, all your friends and guild mates, all your possesions. You will be at the mercy of the Activision customer support representative, your account will be flagged and banned until further review...
I'm not sure what further review means but I will let you know when I find out...
Your account is most likely untouched.
You don't know that for sure. Nothing in that e-mail suggests that it's bogus. I in fact recieved an identical e-mail from Blizzard when my account was hacked. No, I didn't click on the link, in fact there was no link in the e-mail, only a URL that could be typed in just like this one here. The first thing I did was ask my son to log into my account using my user-id and password because I was at work and couldn't do it and he said the password was wrong. My account WAS hacked.
You are making assumptions based on what you believe to be true that are not necessarily true.
Ditto, when I received an email like this, before clicking on anything I logged into the armory and all my gear was already gone. The email was time stamped around 7 am my time and I hit the armory around 9 am.
I have some 2000 posts to these forums to my name.
I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW.
I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases.
I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working.
I have always had an anti-virus package installed on my PC and it's always updated.
I always have the latest updates for Windows installed on my PC.
I do not visit unsecure websites.
I do not fall for phishing e-mails.
I don't give out my password.
I'm aware of most of the most common techniques that hackers use to try to compromise your data.
I have a firewall on my PC that I constantly monitor
I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean.
And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised.
I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time.
It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
Pappy, since it sounds like you're in the trade I'm sure you're well aware of this, and for anyone who isn't just go find yourself a decent IT related news site and you will see that companies that SHOULD be secure get hacked ALL the time, most of the time people only hear about it when it's a financial company who is required by law to disclose this info to it's customers, and even then it's usually weeks to months later before they do so. I am NOT saying Blizzard/Activision security has ever been compromised, but I am saying it is well within the realm of possibility and they are under no legal obligation to admit it if it ever does happen. From a shareholder perspective it would be best to keep such news as quiet as possible.
In my own case I was responsible for my account being compromised, BUT I am uncomfortable with the amount and type of information other people were able to get out of Blizzard "on my behalf" without my consent or account information details.
Your account is most likely untouched.
You don't know that for sure. Nothing in that e-mail suggests that it's bogus. I in fact recieved an identical e-mail from Blizzard when my account was hacked. No, I didn't click on the link, in fact there was no link in the e-mail, only a URL that could be typed in just like this one here. The first thing I did was ask my son to log into my account using my user-id and password because I was at work and couldn't do it and he said the password was wrong. My account WAS hacked.
You are making assumptions based on what you believe to be true that are not necessarily true.
Ditto, when I received an email like this, before clicking on anything I logged into the armory and all my gear was already gone. The email was time stamped around 7 am my time and I hit the armory around 9 am.
Pretty much what happened to me as well. By the time I saw the e-mail that my password had been changed, I already had another e-mail from Blizzard that said this:
Greetings ??????,
Account Name: ????????
Access to this account has been temporarily disabled due to inappropriate
advertising activity within the World of Warcraft, and we are currently
conducting a thorough investigation on this issue. Any recurring subscriptions
on this account have also been suspended to prevent further monetary charges.
We are committed to concluding this investigation as quickly as possible, and
appreciate your patience as we attempt to resolve this issue. We sincerely
apologize for any inconvenience you may experience and will contact you again as
soon as this account's review is complete. Please be aware that we will be
unable to provide any additional information regarding this matter until the
conclusion of the investigation.
Thank you again for your time and patience in this matter.
Regards,
Ferenire
Game Master
Blizzard Entertainment
www.worldofwarcraft.com
My son checked the armory and my toons were all naked. He also tried to log into my account and found the account information not working. A couple days later I got this from Blizzard:
Greetings,
Please review this entire message, as it contains important instructions about the security of your account.
Recently you were contacted regarding an action on the World of Warcraft account you are using. Upon further review, it appears the account was compromised. As a result, the account action has been removed from the account at this time.
We have restored access to World of Warcraft account ??????? and reset the account's password.
Please consider that if an unauthorized third-party has accessed your account, they may also have access to the registered email address associated with the account. In order to protect your personal information, we recommend that you:
-Change the password of your current email address to ensure that you are the only one accessing it or -Create a new email address to associate with your existing World of Warcraft account.
We encourage you to keep the following security tips in mind when playing World of Warcraft on any computer:
- Use up-to-date Firewall, Antivirus, and Anti-Spyware programs if possible and scan the system regularly for malicious software.
- Keep current with the latest operating system and other software updates and be careful when downloading new software.
- Be wary of "spoof" websites and e-mails that request account or personal information.
- Use separate, unique passwords for your email, World of Warcraft and any other online accounts.
- Change your passwords regularly and keep your World of Warcraft account information updated using the Account Management page at http://www.worldofwarcraft.com/account/.
For additional security tips and information, please visit the following sites:
- Account Security: http://us.blizzard.com/support/article/21131
- Unauthorized Account Access Policy:
http://us.blizzard.com/support/article/20460
- World of Warcraft Account Security:
http://us.blizzard.com/support/article/20572
It may take up to one hour for our system to generate and send the temporary password and we suggest checking your Spam, Junk and/or Suspect Mail folders for the message.
If you are still unable to locate the email containing your new password, please contact us using this form: http://us.blizzard.com/support/webform-us.xml.
Additionally, we now offer the Blizzard Authenticator, an optional device that can help prevent account security issues. For more information concerning eligibility and on how to add this additional layer of security to your account, please visit the Blizzard Authenticator FAQ at http://us.blizzard.com/support/article/24660.
The Account Administration department is not responsible for the restoration of missing goods due to a compromise and we are unable to provide updates on the status of a compromise investigation. If you notice anything missing from your account, submit an in-game petition and a Game Master will contact you as soon as possible to help resolve the issue.
Feel free to contact us with any further questions or concerns you may have.
Sincerely,
Poyule
Account Administrator
Blizzard Entertainment
www.blizzard.com
Note that every one of these e-mails were in fact legitimate e-mails from Blizzard. None of them were phishing e-mails and in fact I very rarely get a phishing e-mail, I think I have only seen maybe 1 or 2. So don't assume than an e-mail from Blizzard is a phishing expedition. Don't click on the links just in case, but do check it out on Blizzard's official site by typing it directly into your broswer.
I have some 2000 posts to these forums to my name.
I have played WoW since beta and my account has been active the entire time and I'm very much a propoent of the game and have staunchly defended Blizzard and WoW.
I have worked as a mainframe programmer for over 20 years at some of the largest companies in the US including Sprint, MCI, Verizon and Southwest Airlines accessing various databases and sometimes dealing with the security of those databases.
I have been working with PC's since I was 16, some 30 years ago. I have built, upgraded and serviced my own PC's. I have fixed countless numbers of other people's PC's including finding and removing viruses or other malware since the days of DOS. I have coded in HTML and C++. My friends consider me an expert and come to me when their PC is not working.
I have always had an anti-virus package installed on my PC and it's always updated.
I always have the latest updates for Windows installed on my PC.
I do not visit unsecure websites.
I do not fall for phishing e-mails.
I don't give out my password.
I'm aware of most of the most common techniques that hackers use to try to compromise your data.
I have a firewall on my PC that I constantly monitor
I have visited websites that will check to see if my PC is vulnerable to attack and my PC always comes up clean.
And yet my WoW account information WAS compromised in April of this year. After it was compromised I did a full system scan of the only PC that I use to play the game with 2 different Anti-virus packages and nothing was found. I have yet to determine exactly how my account information was compromised.
I understand people's reluctance to believe that it could be a Blizzard problem. In fact I am very reluctant myself to believe that it's a Blizzard problem, however I WON'T rule it out like so many others are attempting to do. Just because it's not probable does not mean it's impossible. Security breaches do happen to even the most secure data in the world if only for a brief period of time, but that is usually all it takes, a very brief time.
It's no skin off my nose if you want to continue to believe that's it's ALL user error. You're probably correct. I just wish you wouldn't force your opinion down other's throats who may not agree or insinuate they don't have a clue about security.
Pappy, since it sounds like you're in the trade I'm sure you're well aware of this, and for anyone who isn't just go find yourself a decent IT related news site and you will see that companies that SHOULD be secure get hacked ALL the time, most of the time people only hear about it when it's a financial company who is required by law to disclose this info to it's customers, and even then it's usually weeks to months later before they do so. I am NOT saying Blizzard/Activision security has ever been compromised, but I am saying it is well within the realm of possibility and they are under no legal obligation to admit it if it ever does happen. From a shareholder perspective it would be best to keep such news as quiet as possible.
In my own case I was responsible for my account being compromised, BUT I am uncomfortable with the amount and type of information other people were able to get out of Blizzard "on my behalf" without my consent or account information details.
To summarize - Do not transfer your account to battle.net or it will get hacked and Blizzard is under no requirement to tell you about it. So there's nothing you can do to get it back.
I asked.."How could this have happened?"
Thier answer?
3rd party programs (add ons) which I had many of. Bagnon, gatherer and the like. All possibilities.
this make me laugh when they say all these addon have keyloggers . well if that is so why dont blizz just make it so you cant use any addons . . if this was the case then theres a lot of players useing the same ones and we should all have had are account hacked . another bad thing on the account page any secrect qustion you put in years ago . theres no option to change it ill be lost if i have to reply to that .
If you don't transfer your WoW account to Bnet, how do you expect to use it? Its all tied in to Bnet now. I was one of the first to purchase one of the authenticators, as I was able to predict how bad things would get. Using email addresses is not a bright move, who ever came up with that "genius flash" needs to be sent back to the mail room.