Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
Care to explain how a company is responsible for people downloading trojans, giving out their account information to phishing email scam and every other type of internet foolishness under the sun?
care to explain how i just got the same email and rarely download anything, have good antivirus programs, update/run scans regulary, and never gave my account info to ANYONE?
Daffid011 can't explain it because it's blind loyalty and devotion from the way he's worded things, i have nothign against blizz or WoW but it's plain to see that it's THEIR security or lack of thats at fault. yes people do fall for phishing mails, yes people do use dodgy sites and addon's etc but only a small percentage of them actually end up with account issues because of it. Put yourselves in a hackers pair of shoes, who would you hack? an individual where all your likely to get is saved account details usually locked away and hidden in ghost files or a company where only a few seconds can yield you many account details?. as i've said before it's simple logic..
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
strange, Blizzard's security is pretty much solid.
I played SWG, EQ, EQ2, WOW, UO, AO, COH, still playing EVE (THE meta mmo out there), Aion, POTBS, Tabula Rasa, and a load of others out there and never been hacked or even been sent a phishing email.
Come to say of it, I've never:
-bought gold or ingame currency
-NEVER shared accounts
-never clicked on keylogging links on the forums promising nude content.
-my computers' antivirus and firewalls are up to date and good.
-never play on shared computers as I have seen people play MMO's abroad in internet cafe's........smart move :S.
"going into arguments with idiots is a lost cause, it requires you to stoop down to their level and you can't win"
They get keylogged or scammed. Which is entirely due to their own neglect or stupidity tbh.
Yes it still sucks and like any predator, those loggers/scammers are bad guys, but it can be avoided if you're careful enough.
You are wrong. I've been playing MMO's since 2000 and have been in worse environments then WoW's for hacking and cheats, I know the precautions to have in place and they are there. My security is as tight as a nut.
I have never been scammed, and I didn't have a trojan on my pc then and haven't had one since - windows and AV updates are bang up to date as is my spyware software. I have daily scans of each. I'm stting behind a software firewall which is behind a hardware firewall. I have never had an email from Blizzard but even so whenever I get an email from any company with some kind of offer requring a login I never click the link in it, I always go to the site manually.
My usename and pass for each game I play is unique to that game so if one gets jacked for whatever reason the others aren't vunerable as well.
I don't use my game logon details for forum / website registration which are commonly hacked and stolen.
The different email addresses I use to register game accounts on I don't read on the network I play on, I don't even have email configured at home and I use a package to remote control my work pc and read them remotely. Either that or I use my iPhone or iPad.
But going with your theory for a second, if this was from a trojan why would they not clean out the other accounts that I have? Only Battlenet was affected. I also play LOTRO and WAR amongst others.
If the Battlenet backend is impervious and Blizzard's employees beyond reproach, how are accounts that are inactive getting hacked and banned for inappropriate activities?
maybe 85% of the time it's down to the account holder's poor security and account sharing but there's too many reports of hackings that just don't not fit that theory.
_________________________________________ You can walk the walk but can you talk the talk?
The different email addresses I use to register game accounts on I don't read on the network I play on, I don't even have email configured at home and I use a package to remote control my work pc and read them remotely. Either that or I use my iPhone or iPad.
But going with your theory for a second, if this was from a trojan why would they not clean out the other accounts that I have? Only Battlenet was affected. I also play LOTRO and WAR amongst others.
If the Battlenet backend is impervious and Blizzard's employees beyond reproach, how are accounts that are inactive getting hacked and banned for inappropriate activities?
maybe 85% of the time it's down to the account holder's poor security and account sharing but there's too many reports of hackings that just don't not fit that theory.
Using multiple computers to access the various parts of your account just increases your exposure to the various threats on the internet. For example, the computer you use just to read the email could have been compromised and been the point of access hackers used to get your information. An account hacker only needs access to your email account to have access to your entire account.
Anti-virus, spyware cleaners and firewalls and the basic minimum security elements for a computer, not something that makes your invulnerable to getting infected. Simply having those tools does not allow someone to say they can't get infected, because it happens every single day. Every virus definition you download is created in response to a virus that is found to already exist. Even beyond that there are so many exploits that AV software cannot prevent against.
Why not steal your warhammer or lotro accounts? The market is so small to nonexistant for those games for gold sellers that few deal in those currencies. Why steal something you don't deal in? Wow currency is easy to steal and resell.
The question to inactive accounts has been answered many times. Hackers have learned they can sandbag a stolen account for a while to see if they go inactive. So instead of getting to use an account for perhaps a day while it is active, they can use it much longer if the original user isn't playing. Not to mention how many users get a phishing email from a hacker months after they quit and fall for the scam. Then they turn around and say "how could my account get hacked when I wasn't even playing!". An active subscription isn't required for someone to fall victom to getting tricked out of their account details.
If you are going to put percentages onto who is at fault for getting hacked (users vs blizzard) you should at least have something to justify those theories should you?
To be honest, I think that there COULD be a Leak having to do with Blizzard (Someone working for blizzard selling information to the gold sellers?) People get hacked so often... Sometimes Even with Authenticators... Imo, if Blizz doesn't get off their lazy butts and do something, more people will get hacked and more people will get frustrated, which isn't good...
I quit in OCT of 3.2 my account was hacked 6 months later..... and I had not played for 6 months...... I only contacted customer support to get my ex guilds Vault supplies back.
I quit in OCT of 3.2 my account was hacked 6 months later..... and I had not played for 6 months...... I only contacted customer support to get my ex guilds Vault supplies back.
Funny how that works im litle over 6 months cancled an now my acounts hacked as well. i kinda think another poster is right it could well be a insider.Talkeing to wow vets that play eq ,3 out of 4 have had their acounts hacked. no trojens no scams no buying gold .All of us use firewalls an antivirus.All hacked after they quit.
Love how fanbois blame the hacked .Classy.
Blizzard has a problem .An for the record i dont hate wow.Its a ok game .Just ticks me off some jackwagon has my toons an leveled some they benifited from my game play as well as what resources i had.will see if blizzard does any thing about it . Seems 1 week is the time to get acout back im told.
"Civilized men are more discourteous than savages because they know they can be impolite without having their skulls split, as a general thing." Robert E. Howard, The Tower of the Elephant (1933)
I quit in OCT of 3.2 my account was hacked 6 months later..... and I had not played for 6 months...... I only contacted customer support to get my ex guilds Vault supplies back.
Funny how that works im litle over 6 months cancled an now my acounts hacked as well. i kinda think another poster is right it could well be a insider.Talkeing to wow vets that play eq ,3 out of 4 have had their acounts hacked. no trojens no scams no buying gold .All of us use firewalls an antivirus.All hacked after they quit.
Love how fanbois blame the hacked .Classy.
Blizzard has a problem .An for the record i dont hate wow.Its a ok game .Just ticks me off some jackwagon has my toons an leveled some they benifited from my game play as well as what resources i had.will see if blizzard does any thing about it . Seems 1 week is the time to get acout back im told.
Getting accounts back is only half the battle, Blizzard need to realise that they have to take responcibility for this and get their systems a hell of a lot more secure. I personally have been receiving these mails and messages from Phishers and Blizz themselves for over around 3 months now.
The phrase "burrying their heads in the sand" is what comes to my mind when i think of Blizzard these days.
How exactly is a company supposed to stop end users from replying to phishing emails saying their accounts got hacked, that they won beta keys, that there is suspicious activity on their account, etc? How can a company stop players from going to infected websites, downloading trojans, posting their email address all over the internet?
End users are stupid creatures who think they know what they are doing which is a dangerous combination. There is a reason identity theft is on the rise, credit card fraud is rising, spam email is rising. End users are dumb and no company can wave a magic wand and make them secure.
Everyone is running around looking for someone else to blame since they just don't understand what happened. I suppose banks are selling peoples account information also.
if you ask me 4 simple points will sum up the majority of the users that have been hacked.
1. Bruit force attacks, out of the users that have been hacked i bet about 20% of them use a single word plus the number 1 as there passwords for everything
2. using same info on other sites
3. keyloggers, packet sniffers, root kits
4. Plan old noobness, today's web is something of a mindfield for the average user that isn't use to it. Phishing attempts and the willingness to click the OK button on any pop up requesting an install or password.
Its not just wow, look at the amount of face book accounts "hacked" over the past few years, A big user base is always going to be the target, even more so if there is profit to be made (RMT)
I have only ever once had an account comprimised in my life and that was when i settup my battle.net id, a compleaty unrelated issue. but i also use passwords such as RmHdRqWhhyY for anything i put value in, aswel as cryptic usernames. (battle.net useing emails is retarded imo)
My brother and every single one of my friends has been hacked, myself included. One of my friend (which is a real computer nerd) got hacked without downloading any addons and without clicking any phishing email.
So the im pretty sure theres a leak of information somewhere in blizzard system
I7 920 @ 2.7ghz (8 cpu total) 12 gig DDR3 ram Nvidia Geforce 560 GTX TI window 7 64bit
Well, since I quit this game recently, we'll see how long it takes for the hackers to steal my account. They won't find much, since I deleted all my characters, but maybe they can use it to advertise gold selling and powerleveling in game.
If it gets banned I don't care, since I have no intention of returning.
The theory that inactive accounts are being targeted points to a couple things, imo. Either that a Bliz employee is selling the info, or the gold buying/powerleveling that someone did way back when is coming back to bite them.
How exactly is a company supposed to stop end users from replying to phishing emails saying their accounts got hacked, that they won beta keys, that there is suspicious activity on their account, etc? How can a company stop players from going to infected websites, downloading trojans, posting their email address all over the internet?
End users are stupid creatures who think they know what they are doing which is a dangerous combination. There is a reason identity theft is on the rise, credit card fraud is rising, spam email is rising. End users are dumb and no company can wave a magic wand and make them secure.
Everyone is running around looking for someone else to blame since they just don't understand what happened. I suppose banks are selling peoples account information also.
Let me see if i've summed up your posts right.
Everyone is stupid and to blame.
Blizzard are blameless because they made a successful game.
Everyone who has been informed in one way or another about their account being hacked, password changed etc are to blame because they all download third party software and other such acts even when your ignoring the people who have posted saying they haven't used, viewed or downloaded said software.
also you've kind of given yourself away as either a Blizz employee or just a simple blinded fan by using the term "End User". in all my years reading forums and actively posting on things i have never seen anyone refer to gamers as "end users".
on a side note referring to the last sentence you said, it certainly wouldn't suprise me. Doctor's and other officials have been doing it for years, how the hell do you think cold callers get your phone number when it's ex-directory/not listed, it's because individuals AND companies sell on your details to partners and others.
I'm tired of posting the obvious now so i'll say it one more time then i'm ignoring this thread. BLIZZARD have a security fault and from what people have been saying they don't care about it, those of you who play WoW or any other Blizzard game that requires login details should actually make a petition on the official boards about this and MAYBE somethign will get done for you. until Blizz are made to realise their security issues it's just gonna continue happening to you all.
After logging in to my inactive battlenet account to check things out, I started receiving phishing e-mails the next day! Haven't had one in months. Now I've gotten two already:
world of warcraft: Cataclysm Beta Test Invitation!
Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don’t want to be left out in the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you’re opted-in and eligible as a potential candidate, you’ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.
Get the Installer - Log in to your Battle.net account: *link removed*
** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date.
My brother and every single one of my friends has been hacked, myself included. One of my friend (which is a real computer nerd) got hacked without downloading any addons and without clicking any phishing email.
So the im pretty sure theres a leak of information somewhere in blizzard system
There is, blizzs account info is at risk there is no doubt about it.
But thats not how most of the stolen accounts occur.
"Society in every state is a blessing, but government even in its best state is but a necessary evil; in its worst state an intolerable one ..." - Thomas Paine
How exactly is a company supposed to stop end users from replying to phishing emails saying their accounts got hacked, that they won beta keys, that there is suspicious activity on their account, etc? How can a company stop players from going to infected websites, downloading trojans, posting their email address all over the internet?
End users are stupid creatures who think they know what they are doing which is a dangerous combination. There is a reason identity theft is on the rise, credit card fraud is rising, spam email is rising. End users are dumb and no company can wave a magic wand and make them secure.
Everyone is running around looking for someone else to blame since they just don't understand what happened. I suppose banks are selling peoples account information also.
Let me see if i've summed up your posts right.
Everyone is stupid and to blame.
Blizzard are blameless because they made a successful game.
Everyone who has been informed in one way or another about their account being hacked, password changed etc are to blame because they all download third party software and other such acts even when your ignoring the people who have posted saying they haven't used, viewed or downloaded said software.
also you've kind of given yourself away as either a Blizz employee or just a simple blinded fan by using the term "End User". in all my years reading forums and actively posting on things i have never seen anyone refer to gamers as "end users".
on a side note referring to the last sentence you said, it certainly wouldn't suprise me. Doctor's and other officials have been doing it for years, how the hell do you think cold callers get your phone number when it's ex-directory/not listed, it's because individuals AND companies sell on your details to partners and others.
I'm tired of posting the obvious now so i'll say it one more time then i'm ignoring this thread. BLIZZARD have a security fault and from what people have been saying they don't care about it, those of you who play WoW or any other Blizzard game that requires login details should actually make a petition on the official boards about this and MAYBE somethign will get done for you. until Blizz are made to realise their security issues it's just gonna continue happening to you all.
It is amazing how much differently you read my words and the assumptions you have drawn. Please allow me to explain.
First, I use the term "end user", because it is an IT term and not anything related to blizzard or to people who enjoy blizzard games. Don't be stupid.
Are end users ignorant, yes. That isn't even a matter of debate. All of this "blizzard must be to blame, because it couldn't possibly be my fault" makes me laugh so hard.
Sorry that people don't understand how they got hacked, but they most certainly are not as safe as they think they are. I don't care who you are or what you do, there is no such thing as being safe. That isn't even considering all the misconceptions and assumptions that end users have.
If I have a nickle for every time a users tells me they don't download software as I am watching them play around with bejeweled, elf bowling, weatherbug of some other bullshit I would be rich. I'm just talking about things end users don't take into account, because they think their actions are safe. This isn't even talking about all the other millions of things they do without giving it a second thought, because they have no understanding of how threats works, where they can strike or flaws they can exploit.
All we hear about is "I didn't user my account for 10 hundred years and then it got the hacked, so it must be blizzards fault". "I have norton and don't click on emails, so there is no possible way it could be my fault!" as if all the users on the internet have suddenly become security experts.
I'm sure it must be comforting for people to find someone else to blame when they can't figure out the problem, because that seems to be what happens in every mmo that has people getting their accounts stolen.
So my point still stands, how can people demand that blizzard make end users be more secure? Can they install something that filters out what they type so they don't accidently give their account information to someone? Filter and approve their hotmail accounts so they don't get phishing emails? Have someone personally stand behind them and warn them not to go to various websites? What is blizzard supposed to do that end users couldn't already do themselves?
There is a reason anti-virus and malware business is in the billions of dollars. Why more than half the email on the internet is spam. Why millions of computers get infected with trash every day.
It doesn't take a genius to realize end users are the weakest point in internet security. They are so easy to attack, decieve and steal from that most don't even know it has happened.
As for cold callers, there are plenty of ways to get a phone number. Don't be so naive. Again you are using a lack of understanding to draw a conclusion that supports your blind theories. Not to mention there are very serious laws about medical professionals and patient information, but who cares about that right? This is about you proving things are the fault of businesses.
I think that the phishing emails play a large part here. Ppl are redirected to a fake WoW website for some excuse and are asked to enter their username and password.
It is known that a lot of ppl get tricked into giving out of personal information even by simple phonecalls.
After logging in to my inactive battlenet account to check things out, I started receiving phishing e-mails the next day! Haven't had one in months. Now I've gotten two already:
world of warcraft: Cataclysm Beta Test Invitation!
Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don’t want to be left out in the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you’re opted-in and eligible as a potential candidate, you’ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.
Get the Installer - Log in to your Battle.net account: *link removed*
** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date. Enjoy the game! Blizzard Entertainment, Inc.
Im getting those emails too and I dont even have a WoW account. Its possible that some other gamerelated website where you use that email adress is selling emailadresses. If you think about it, then it also not needed to send phishing emails to only emailadresses that are related to WoW. Just send as many as possible to as many different emails as possible and they will catch some.
I want to know what sort of bug/virus/program starts sending me phishing e-mails after I log in to my inactive battlenet account.
Really, I do. How is it that I am targeted to receive these e-mails after a certain event, do the "hackers" have some sort of program on my system that lets them know when I log in on battlenet? Or is the fact that I'm getting the phishing e-mails a warning that my account is already compromised, since they know when I log in?
I'm curious. I'm no perfect person, I've downloaded addons before, and I probably clicked a questionable link at some point in the past. But I have not had my account compromised yet. I put an authenticator on it to add a little extra security, I run AVG, I use Firefox...
But it seems like more then coincidence that I start getting phishing e-mails the day after I log in to my battlenet account.
After logging in to my inactive battlenet account to check things out, I started receiving phishing e-mails the next day! Haven't had one in months. Now I've gotten two already:
world of warcraft: Cataclysm Beta Test Invitation!
Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don’t want to be left out in the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you’re opted-in and eligible as a potential candidate, you’ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.
Get the Installer - Log in to your Battle.net account: *link removed*
** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date. Enjoy the game! Blizzard Entertainment, Inc.
Im getting those emails too and I dont even have a WoW account. Its possible that some other gamerelated website where you use that email adress is selling emailadresses. If you think about it, then it also not needed to send phishing emails to only emailadresses that are related to WoW. Just send as many as possible to as many different emails as possible and they will catch some.
I made a new e-mail address to specifically use for WoW/battlenet. Haven't used it for anything else. So I guess g-mail or WoW are selling my e-mail address to gold sellers. Makes sense.
I want to know what sort of bug/virus/program starts sending me phishing e-mails after I log in to my inactive battlenet account.
Really, I do. How is it that I am targeted to receive these e-mails after a certain event, do the "hackers" have some sort of program on my system that lets them know when I log in on battlenet? Or is the fact that I'm getting the phishing e-mails a warning that my account is already compromised, since they know when I log in?
I'm curious. I'm no perfect person, I've downloaded addons before, and I probably clicked a questionable link at some point in the past. But I have not had my account compromised yet. I put an authenticator on it to add a little extra security, I run AVG, I use Firefox...
But it seems like more then coincidence that I start getting phishing e-mails the day after I log in to my battlenet account.
You're not making sense. If it was a virus that detects you logging into battlenet, it wouldve had your account information right at that moment. There wouldnt be a phishing email necessary.
So yeah, it is coincedence. Thats what coincedence means. You should think along the lines of spam. It doesnt have to involve a virus or dodge websitelink to make it start.
If anything, think about at what other websites you leave your emailadres and it can be seen by other visitors.
Comments
Daffid011 can't explain it because it's blind loyalty and devotion from the way he's worded things, i have nothign against blizz or WoW but it's plain to see that it's THEIR security or lack of thats at fault. yes people do fall for phishing mails, yes people do use dodgy sites and addon's etc but only a small percentage of them actually end up with account issues because of it. Put yourselves in a hackers pair of shoes, who would you hack? an individual where all your likely to get is saved account details usually locked away and hidden in ghost files or a company where only a few seconds can yield you many account details?. as i've said before it's simple logic..
strange, Blizzard's security is pretty much solid.
I played SWG, EQ, EQ2, WOW, UO, AO, COH, still playing EVE (THE meta mmo out there), Aion, POTBS, Tabula Rasa, and a load of others out there and never been hacked or even been sent a phishing email.
Come to say of it, I've never:
-bought gold or ingame currency
-NEVER shared accounts
-never clicked on keylogging links on the forums promising nude content.
-my computers' antivirus and firewalls are up to date and good.
-never play on shared computers as I have seen people play MMO's abroad in internet cafe's........smart move :S.
"going into arguments with idiots is a lost cause, it requires you to stoop down to their level and you can't win"
WoW is a huge target with its enormous playerbase. Increases chances of being "hacked".
Most people are probably just getting phished through email or what ever as opposed to actual hacks.
Huge amounts of phishing emails for WoW get sent out every day. They wouldn't waste their time and money if people weren't falling for them.
I'm very curious in finding out how much brute force password guessing is going on.
Forever looking for employment. Life is rather dull without it.
Nobody in WoW gets hacked.
They get keylogged or scammed. Which is entirely due to their own neglect or stupidity tbh.
Yes it still sucks and like any predator, those loggers/scammers are bad guys, but it can be avoided if you're careful enough.
You are wrong. I've been playing MMO's since 2000 and have been in worse environments then WoW's for hacking and cheats, I know the precautions to have in place and they are there. My security is as tight as a nut.
I have never been scammed, and I didn't have a trojan on my pc then and haven't had one since - windows and AV updates are bang up to date as is my spyware software. I have daily scans of each. I'm stting behind a software firewall which is behind a hardware firewall. I have never had an email from Blizzard but even so whenever I get an email from any company with some kind of offer requring a login I never click the link in it, I always go to the site manually.
My usename and pass for each game I play is unique to that game so if one gets jacked for whatever reason the others aren't vunerable as well.
I don't use my game logon details for forum / website registration which are commonly hacked and stolen.
The different email addresses I use to register game accounts on I don't read on the network I play on, I don't even have email configured at home and I use a package to remote control my work pc and read them remotely. Either that or I use my iPhone or iPad.
But going with your theory for a second, if this was from a trojan why would they not clean out the other accounts that I have? Only Battlenet was affected. I also play LOTRO and WAR amongst others.
If the Battlenet backend is impervious and Blizzard's employees beyond reproach, how are accounts that are inactive getting hacked and banned for inappropriate activities?
maybe 85% of the time it's down to the account holder's poor security and account sharing but there's too many reports of hackings that just don't not fit that theory.
_________________________________________
You can walk the walk but can you talk the talk?
lol i got an email about wow the other day something about someone logging into my account?? I don't even have a wow account
Using multiple computers to access the various parts of your account just increases your exposure to the various threats on the internet. For example, the computer you use just to read the email could have been compromised and been the point of access hackers used to get your information. An account hacker only needs access to your email account to have access to your entire account.
Anti-virus, spyware cleaners and firewalls and the basic minimum security elements for a computer, not something that makes your invulnerable to getting infected. Simply having those tools does not allow someone to say they can't get infected, because it happens every single day. Every virus definition you download is created in response to a virus that is found to already exist. Even beyond that there are so many exploits that AV software cannot prevent against.
Why not steal your warhammer or lotro accounts? The market is so small to nonexistant for those games for gold sellers that few deal in those currencies. Why steal something you don't deal in? Wow currency is easy to steal and resell.
The question to inactive accounts has been answered many times. Hackers have learned they can sandbag a stolen account for a while to see if they go inactive. So instead of getting to use an account for perhaps a day while it is active, they can use it much longer if the original user isn't playing. Not to mention how many users get a phishing email from a hacker months after they quit and fall for the scam. Then they turn around and say "how could my account get hacked when I wasn't even playing!". An active subscription isn't required for someone to fall victom to getting tricked out of their account details.
If you are going to put percentages onto who is at fault for getting hacked (users vs blizzard) you should at least have something to justify those theories should you?
To be honest, I think that there COULD be a Leak having to do with Blizzard (Someone working for blizzard selling information to the gold sellers?) People get hacked so often... Sometimes Even with Authenticators... Imo, if Blizz doesn't get off their lazy butts and do something, more people will get hacked and more people will get frustrated, which isn't good...
STAND BACK: I'm about to try Alchemy.
I quit in OCT of 3.2 my account was hacked 6 months later..... and I had not played for 6 months...... I only contacted customer support to get my ex guilds Vault supplies back.
Funny how that works im litle over 6 months cancled an now my acounts hacked as well. i kinda think another poster is right it could well be a insider.Talkeing to wow vets that play eq ,3 out of 4 have had their acounts hacked. no trojens no scams no buying gold .All of us use firewalls an antivirus.All hacked after they quit.
Love how fanbois blame the hacked .Classy.
Blizzard has a problem .An for the record i dont hate wow.Its a ok game .Just ticks me off some jackwagon has my toons an leveled some they benifited from my game play as well as what resources i had.will see if blizzard does any thing about it . Seems 1 week is the time to get acout back im told.
"Civilized men are more discourteous than savages because they know they can be impolite without having their skulls split, as a general thing." Robert E. Howard, The Tower of the Elephant (1933)
Getting accounts back is only half the battle, Blizzard need to realise that they have to take responcibility for this and get their systems a hell of a lot more secure. I personally have been receiving these mails and messages from Phishers and Blizz themselves for over around 3 months now.
The phrase "burrying their heads in the sand" is what comes to my mind when i think of Blizzard these days.
Most people who get "hacked" are not hacked they are "cracked".
A password such as "hatrack" is a horrible PW
"bunny76" is less bad but still bad
"Trap94" is better cause of the caps
"oDenliVeS04" is pretty good
"ngHr78dF5H" is the best you can get (but way harder to remember)
The few people who are actualy hacked are people who download third party applications with names like "WowTrainer.exe"
The programs tell you they can level you at 5X the speed and show PVP targets on your minimap and half the damage you take.
If it sounds too good to be good IT IS!
If you play things smart, with any game, you will almost never have your account comprimised.
How exactly is a company supposed to stop end users from replying to phishing emails saying their accounts got hacked, that they won beta keys, that there is suspicious activity on their account, etc? How can a company stop players from going to infected websites, downloading trojans, posting their email address all over the internet?
End users are stupid creatures who think they know what they are doing which is a dangerous combination. There is a reason identity theft is on the rise, credit card fraud is rising, spam email is rising. End users are dumb and no company can wave a magic wand and make them secure.
Everyone is running around looking for someone else to blame since they just don't understand what happened. I suppose banks are selling peoples account information also.
if you ask me 4 simple points will sum up the majority of the users that have been hacked.
1. Bruit force attacks, out of the users that have been hacked i bet about 20% of them use a single word plus the number 1 as there passwords for everything
2. using same info on other sites
3. keyloggers, packet sniffers, root kits
4. Plan old noobness, today's web is something of a mindfield for the average user that isn't use to it. Phishing attempts and the willingness to click the OK button on any pop up requesting an install or password.
Its not just wow, look at the amount of face book accounts "hacked" over the past few years, A big user base is always going to be the target, even more so if there is profit to be made (RMT)
I have only ever once had an account comprimised in my life and that was when i settup my battle.net id, a compleaty unrelated issue. but i also use passwords such as RmHdRqWhhyY for anything i put value in, aswel as cryptic usernames. (battle.net useing emails is retarded imo)
My brother and every single one of my friends has been hacked, myself included. One of my friend (which is a real computer nerd) got hacked without downloading any addons and without clicking any phishing email.
So the im pretty sure theres a leak of information somewhere in blizzard system
I7 920 @ 2.7ghz (8 cpu total)
12 gig DDR3 ram
Nvidia Geforce 560 GTX TI
window 7 64bit
Well, since I quit this game recently, we'll see how long it takes for the hackers to steal my account. They won't find much, since I deleted all my characters, but maybe they can use it to advertise gold selling and powerleveling in game.
If it gets banned I don't care, since I have no intention of returning.
The theory that inactive accounts are being targeted points to a couple things, imo. Either that a Bliz employee is selling the info, or the gold buying/powerleveling that someone did way back when is coming back to bite them.
Let me see if i've summed up your posts right.
Everyone is stupid and to blame.
Blizzard are blameless because they made a successful game.
Everyone who has been informed in one way or another about their account being hacked, password changed etc are to blame because they all download third party software and other such acts even when your ignoring the people who have posted saying they haven't used, viewed or downloaded said software.
also you've kind of given yourself away as either a Blizz employee or just a simple blinded fan by using the term "End User". in all my years reading forums and actively posting on things i have never seen anyone refer to gamers as "end users".
on a side note referring to the last sentence you said, it certainly wouldn't suprise me. Doctor's and other officials have been doing it for years, how the hell do you think cold callers get your phone number when it's ex-directory/not listed, it's because individuals AND companies sell on your details to partners and others.
I'm tired of posting the obvious now so i'll say it one more time then i'm ignoring this thread. BLIZZARD have a security fault and from what people have been saying they don't care about it, those of you who play WoW or any other Blizzard game that requires login details should actually make a petition on the official boards about this and MAYBE somethign will get done for you. until Blizz are made to realise their security issues it's just gonna continue happening to you all.
Well hey! Guess what everyone?
After logging in to my inactive battlenet account to check things out, I started receiving phishing e-mails the next day! Haven't had one in months. Now I've gotten two already:
world of warcraft: Cataclysm Beta Test Invitation!
Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don’t want to be left out in the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you’re opted-in and eligible as a potential candidate, you’ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.
Get the Installer - Log in to your Battle.net account: *link removed*
** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date.
Enjoy the game!
Blizzard Entertainment, Inc.
There is, blizzs account info is at risk there is no doubt about it.
But thats not how most of the stolen accounts occur.
"Society in every state is a blessing, but government even in its best state is but a necessary evil; in its worst state an intolerable one ..." - Thomas Paine
It is amazing how much differently you read my words and the assumptions you have drawn. Please allow me to explain.
First, I use the term "end user", because it is an IT term and not anything related to blizzard or to people who enjoy blizzard games. Don't be stupid.
Are end users ignorant, yes. That isn't even a matter of debate. All of this "blizzard must be to blame, because it couldn't possibly be my fault" makes me laugh so hard.
Sorry that people don't understand how they got hacked, but they most certainly are not as safe as they think they are. I don't care who you are or what you do, there is no such thing as being safe. That isn't even considering all the misconceptions and assumptions that end users have.
If I have a nickle for every time a users tells me they don't download software as I am watching them play around with bejeweled, elf bowling, weatherbug of some other bullshit I would be rich. I'm just talking about things end users don't take into account, because they think their actions are safe. This isn't even talking about all the other millions of things they do without giving it a second thought, because they have no understanding of how threats works, where they can strike or flaws they can exploit.
All we hear about is "I didn't user my account for 10 hundred years and then it got the hacked, so it must be blizzards fault". "I have norton and don't click on emails, so there is no possible way it could be my fault!" as if all the users on the internet have suddenly become security experts.
I'm sure it must be comforting for people to find someone else to blame when they can't figure out the problem, because that seems to be what happens in every mmo that has people getting their accounts stolen.
So my point still stands, how can people demand that blizzard make end users be more secure? Can they install something that filters out what they type so they don't accidently give their account information to someone? Filter and approve their hotmail accounts so they don't get phishing emails? Have someone personally stand behind them and warn them not to go to various websites? What is blizzard supposed to do that end users couldn't already do themselves?
There is a reason anti-virus and malware business is in the billions of dollars. Why more than half the email on the internet is spam. Why millions of computers get infected with trash every day.
It doesn't take a genius to realize end users are the weakest point in internet security. They are so easy to attack, decieve and steal from that most don't even know it has happened.
As for cold callers, there are plenty of ways to get a phone number. Don't be so naive. Again you are using a lack of understanding to draw a conclusion that supports your blind theories. Not to mention there are very serious laws about medical professionals and patient information, but who cares about that right? This is about you proving things are the fault of businesses.
I think that the phishing emails play a large part here. Ppl are redirected to a fake WoW website for some excuse and are asked to enter their username and password.
It is known that a lot of ppl get tricked into giving out of personal information even by simple phonecalls.
Im getting those emails too and I dont even have a WoW account. Its possible that some other gamerelated website where you use that email adress is selling emailadresses. If you think about it, then it also not needed to send phishing emails to only emailadresses that are related to WoW. Just send as many as possible to as many different emails as possible and they will catch some.
I want to know what sort of bug/virus/program starts sending me phishing e-mails after I log in to my inactive battlenet account.
Really, I do. How is it that I am targeted to receive these e-mails after a certain event, do the "hackers" have some sort of program on my system that lets them know when I log in on battlenet? Or is the fact that I'm getting the phishing e-mails a warning that my account is already compromised, since they know when I log in?
I'm curious. I'm no perfect person, I've downloaded addons before, and I probably clicked a questionable link at some point in the past. But I have not had my account compromised yet. I put an authenticator on it to add a little extra security, I run AVG, I use Firefox...
But it seems like more then coincidence that I start getting phishing e-mails the day after I log in to my battlenet account.
You're not making sense. If it was a virus that detects you logging into battlenet, it wouldve had your account information right at that moment. There wouldnt be a phishing email necessary.
So yeah, it is coincedence. Thats what coincedence means. You should think along the lines of spam. It doesnt have to involve a virus or dodge websitelink to make it start.
If anything, think about at what other websites you leave your emailadres and it can be seen by other visitors.