I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
I am the type of player where I like to do everything and anything from time to time.
The most common attack vector is social networking websites, facebook,myspace,twitter have had massive security breaches allowing hackers to infect apps thus infecting tens of thousands of users ans popular web games though flash advertisements.
They also target web advertising they pay 20 bucks put there ad with a web advertising outfit an infect a huge amount of web browsers on popular sites such as newspapers,news,celeb sites,movie and tv sites, online game sites such as curse gaming,allakazam,farmville, mafia wars and list goes on and on.
Facebook atm is the largest attack vector due to shear numbers of users they are the number one spreaders of fake av's and keyloggers on the net atm if you want to blame someone you can blame facebook security in past year they have had there apps hacked about a dozen times and counting.
Also internet explorer has a security hole atm which hackers are still using to get passwords just from visiting their site using java script they get your email address and passwords , you can blame microsoft for this they were warned it has been around for 2 years now.
Best security when browsing the web: Firefox current version, with noscript, adblock plus,WOT,betterprivacy.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
1) Many people were already getting hacked prior to the battle.net change. Blizzard created the authenticator program a year and a half before the battle.net change. Hacked accounts were already out of control
2) Changing login names to email addresses did not help the situation and I think was a dumb idea.
3) More people getting hacked after the change, sure. Just think about how many players changed their login names to an email address that they have posted and registered all over the internet. I bet you anything that millions of people just exposed 1/2 of their login information. On top of that I bet you a good portion of those people stupidly use the same password for their wow account or email account which would allow hackers full control over their accounts.
It isn't really hard to see why hacking is on the rise. Far more phishing emails floating around and untold amounts of players just exposed 1/2 of their login information and a backdoor to their account management should their email account be compromised.
Sorry, but all of that points squarely at the user.
Ill say what I said in another thread. If you get hacked and don't have an authenticator I have 0 sympathy for you. Its the price of a happy meal. Get it and stop complaining.
I'm at the point where I look forward to my weekly phishing emails. It started with just a warning I might have been hacked, then moved to my faction being changed and is now up to freezing my account because it's being sold on the internet.
Quite amazing when you figure I've never had a single thing to do with WoW or Blizzard EVER.
I'm at the point where I look forward to my weekly phishing emails. It started with just a warning I might have been hacked, then moved to my faction being changed and is now up to freezing my account because it's being sold on the internet.
Quite amazing when you figure I've never had a single thing to do with WoW or Blizzard EVER.
Exactly! They simply scanned your email somewhere... whether here, on another forum/website/pornsite/signature/etc.
Also, people, make sure your forum name is NOT part of your email address. If I were a WoW hacker, id send a few emails to Nebless at: nebless@yahoo.com, nebless@yahoo.ca, nebless@hotmail.com, nebless@gmail.com, nebless@sprint.com, nebless@rogers.ca and maybe a few more from the major providers... i bet one or two emails are valid and will not return back to me.
PS: sorry Nebless if one of those emails is actually yours... If thats the case, you should change it.
EDIT: made my post more readable
I am the type of player where I like to do everything and anything from time to time.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
Do not forget home routers and routers in general they have a HUGE security hole that can be taken advantage of by using a war dialing (internet ip addresses) and webpages hacking routers to reroute your dns to allow man in the middle attack this attack will even steal authenticator codes.
Dlink has been one of the safer routers and will be even more safe using DNSSEC, CAPTCHA, and IPv6 certification.
You should check for new firmware for your router and update.
DNSSEC was revealed last month by the Internet Corporation for Assigned Names and Numbers (ICANN) during Black Hat 2010. The system was designed to beef up Internet security by virtually stamping email and web pages so that its authenticity can be verified. This will ultimately prevent "spoofer" attacks designed to use legitimate-looking emails and web sites to lure consumers to malware.
As for CAPTCHA, D-Link integrated the technology in mid-2009. It's a challenge-response test that verifies that a response during a user logon is actually a human and not computer-generated. Users confirm their organic origins by entering a small amount of text displayed in an image to help prevent automated registration and fraud.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
EXACTLY.. You can not protect your account against "new" hacks.. Again as I have said before.. Why doesn't Blizzard take away a hacks "market" instead of feeding it with a poor player economy.. Hacks don't hack to sell gold to people to pay for repair cost.. Blizzard designed a SHITTY player economy that attracts gold sellers and hackers.. Take away their incentive, and the hacks go away..
Every game that has an economy attracts hackers and gold sellers. The problem isn't an in game economy, it is players wanting to cheat and short cuy gameplay. That is always going to be a problem for popular mmos if they use currency that has any use.
What mmo companies need to do is put fear into end users for buying currency. As long as players don't have anything to lose for dealing with gold sellers they will continue to do so. By this I mean a sense of fear the playerbase as a whole feels. Not some isolated cases where some people get banned, but very highly publicized situations that get the message across to everyone that they are at risk for buying currency.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
Do not forget home routers and routers in general they have a HUGE security hole that can be taken advantage of by using a war dialing (internet ip addresses) and webpages hacking routers to reroute your dns to allow man in the middle attack this attack will even steal authenticator codes.
Dlink has been one of the safer routers and will be even more safe using DNSSEC, CAPTCHA, and IPv6 certification.
You should check for new firmware for your router and update.
DNSSEC was revealed last month by the Internet Corporation for Assigned Names and Numbers (ICANN) during Black Hat 2010. The system was designed to beef up Internet security by virtually stamping email and web pages so that its authenticity can be verified. This will ultimately prevent "spoofer" attacks designed to use legitimate-looking emails and web sites to lure consumers to malware.
As for CAPTCHA, D-Link integrated the technology in mid-2009. It's a challenge-response test that verifies that a response during a user logon is actually a human and not computer-generated. Users confirm their organic origins by entering a small amount of text displayed in an image to help prevent automated registration and fraud.
From that link... "Most routers that are vulnerable are only at risk if they are running older versions of firmware, and aren’t using a password to protect themselves, or even just the default passwords" - that made me LOL.
I am the type of player where I like to do everything and anything from time to time.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
How would a person get to the hacker's website in the first place? Flash vulnerability does not let you get hacked unless... again, you are browsing a hacker's website. If you stay away from those sites, you are fine. And you can't get to the hacker's sites unless:
- you got a phishing email and u followed the link (read my previous post);
- you were looking for hacks;
- you were looking for powerleveling services;
- you were looking for gold selling services;
- you were looking for bad porn (there are so many normal porn sites, that finding hacker's website by searching for normal porn is highly improbable);
So no, you can't just get hacked, it takes effort to get hacked. If you have average computer literacy you will easily identify 90-95% of the spoofs and never get hacked. Router vulnerabilities, browser vulnerabilities, all of that is offset by decent firewall and average brains. Its all about the user.
I am the type of player where I like to do everything and anything from time to time.
Most of the hype is around a few people that seem to enjoy fanning the flames of the problem. Without a doubt people are getting phished and scammed but the number of real hacks where people use brute force attacks against an account to gain access are miniscule and a wasted effort against anyone that has used a reasonable password and/or the authenticator. Plus Blizzard has systems in place to detect and prevent that sort of attack.
Use the advice that Blizzard and others have given out and use some common sense and nothing will happen to your account but unfortunately too many people are having fun pointing fingers and causing hysteria for these posts to stop any time soon.
loads of nOObs think they gonna onw wow if they would just have enough money in their bank.......there you go.
All them stupid kids (and prolly some crazy adult peeps too) who think "hey lets do this fast so i can buy some uber gear and go endgame".......they buy some wow money and then they come whining that there account has been hacked.
just note this.......i never in my life bought wow gold and never has my account been in any danger (oh yeah....my account is 5 years old )
Why do these money sellers keep trying???? because LOTS of losers are stil buying wow gold.....your own damn fault......dont whine about gold sellers......just dont buy gold from them and they will stop on their own cause it makes them no more money.
its realy that simple........oh btw......nobody in the real life cares that you PWN in wow so you are only "uber" when it comes to one video game......i am not uber but pretty good irl and thats harder then any video game
"About my own experiences: since the last month or two I've been getting mails about WoW that look official, but when you see the link that's added and check the email address it's coming from they're both phoney, not from Blizzard itself. So I never clicked the link."
I don't even play WOW, but I also have been getting spammed to hell over the last few weeks with fake AND real Blizzard e-mails. It's wierd and annoying.
I've got friends who buy gold but only for F2P MMO's since the ratio of gold for real life money gets you more then if bought the stuff off the item mall.
From a P2P point of view it's abit tricky , because when you buy gold from a website , they're able to track your account name and therefor once they a hold of your account name they just run their Password programs for hours until they get a lock on your password and then hack your account to 0. Remember that a P2P account is worth WAY MORE then a F2P account regardless of the P2P title. So for gold sellers its way more profitable to hack a P2P account when they can , and trust me nothing will stop them to eventually hack any accounts that buys gold off of them. And trust me when I say they don't give a s""t if you have put your lifesavings on a MMO. You buy gold off of them , your at very high risk. And Blizzard as of any company will investigate on why your account has been hacked which can take a while. And they can back track any IP address to any accounts around the globe to see if in fact you bought gold off a website , and if that's the case you'll probably get banned. But if your legit , they'll give back your account with all gear and gold. A hacked account is like a crime scene , there's always a reason for why a account got hacked. In my 18 years of playing MMO's ,and I played a crap load of them, I never got hacked
Main reason to never ever give out your account name. But then again if your foolish enough to buy gold on a P2P MMO then it's your problem , because getting hacked without buying gold is pretty much impossible unless you give out your account name for millions to see. Those that do get hacked deny of anything and they are the most legit of players. Unless your account name is bob123 with PW: Ipwn it is very unlikely for anyone to get hacked.
With that said , I'm currently starting to play wow again after a few years to get back into the Blizzard beat until D3 comes out.
Why would you give a gold seller your account name anyway. . all they need is your character. The problem is that Bliz/Battlenes started using e-mail addresses instead of account names. With so many people playing they are bound to just run hotmail e-mails on gaming forums etc. and get lucky with brute force or dictionairy methods.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
How would a person get to the hacker's website in the first place? Flash vulnerability does not let you get hacked unless... again, you are browsing a hacker's website. If you stay away from those sites, you are fine. And you can't get to the hacker's sites unless:
- you got a phishing email and u followed the link (read my previous post);
- you were looking for hacks;
- you were looking for powerleveling services;
- you were looking for gold selling services;
- you were looking for bad porn (there are so many normal porn sites, that finding hacker's website by searching for normal porn is highly improbable);
So no, you can't just get hacked, it takes effort to get hacked. If you have average computer literacy you will easily identify 90-95% of the spoofs and never get hacked. Router vulnerabilities, browser vulnerabilities, all of that is offset by decent firewall and average brains. Its all about the user.
Banner ads from third party Web advertisement companies.
The "hackers" can submit their infected "advertisements" to web advertising companies, who then proliferate them into the ad rotation of WoW related websites that have banner ads for supplemented revenue.
The vast majority of web advertising companies do not properly screen ads that they put into the advertising rotation. They will only act on removing certain ads that are identified as being security risks, and this is usually after they've been out in the wild and infected a number of people already to be noticed, and after the advertising company can confirm they're malicious.
So basically, any website with third party banner ads is a potential avenue of becoming infected by malicious software...
This includes sites like Wowhead, Thottbot, Curse gaming, even the WoW forums themselves have had the potential to be a point of infection -- they've inadvertantly had gold selling adverts pop up on the official WoW forums before. All are legitimate websites that a typical WoW player would visit, for legitimate reasons.
So no, it's not purely the fault of users, because there is a decent portion of it outside of the control of the users. Users can only mitigate the chance of having their account breached, they cannot completely and 100% secure themselves.
And for someone so adament about blaming victims for their ignorance and needing to become more informed about IT security... you certainly could use some brushing up on it yourself.
Reports are flooding in sites with ads that are infecting users again on over 60 popular websites using as many as 68 script exploits in the ads everything from facebook,myspace,piratebay,file sharing sites,tv and movie sites,music sites, news sites, mmo sites and more sites that were at one time considered safe.
I used a virtual machine test machine and browsed all these sites my software which tracks changes to my system showed dozens of infections off of these rogue ads, from fake av to rootkits with keyloggers i traced these because of the large increase in my customers get hacked in WoW and traced it to game ads on facebook.
The malicious software in question are hosted on 3 domains; savelocity.com, seekerfeed.com, and xoads.com, with another 6 reported as distribution intermediaries including parkneed.com, yieldmanager.com and zxxds.net.
This includes sites like Wowhead, Thottbot, Curse gaming, even the WoW forums themselves have had the potential to be a point of infection -- they've inadvertantly had gold selling adverts pop up on the official WoW forums before. All are legitimate websites that a typical WoW player would visit, for legitimate reasons.
The sites I highlighted in orange (including mmo-champion and allazhazam) are actually owned by a subsidiary of IGE. The worlds largest gold seller. Just imagine the database of information they have access to.
"About my own experiences: since the last month or two I've been getting mails about WoW that look official, but when you see the link that's added and check the email address it's coming from they're both phoney, not from Blizzard itself. So I never clicked the link."
I don't even play WOW, but I also have been getting spammed to hell over the last few weeks with fake AND real Blizzard e-mails. It's wierd and annoying.
Blizzard does not spam. I played WoW since release, and i got like 10-20 emails from Bliz in total.
I am the type of player where I like to do everything and anything from time to time.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
How would a person get to the hacker's website in the first place? Flash vulnerability does not let you get hacked unless... again, you are browsing a hacker's website. If you stay away from those sites, you are fine. And you can't get to the hacker's sites unless:
- you got a phishing email and u followed the link (read my previous post);
- you were looking for hacks;
- you were looking for powerleveling services;
- you were looking for gold selling services;
- you were looking for bad porn (there are so many normal porn sites, that finding hacker's website by searching for normal porn is highly improbable);
So no, you can't just get hacked, it takes effort to get hacked. If you have average computer literacy you will easily identify 90-95% of the spoofs and never get hacked. Router vulnerabilities, browser vulnerabilities, all of that is offset by decent firewall and average brains. Its all about the user.
Banner ads from third party Web advertisement companies.
The "hackers" can submit their infected "advertisements" to web advertising companies, who then proliferate them into the ad rotation of WoW related websites that have banner ads for supplemented revenue.
The vast majority of web advertising companies do not properly screen ads that they put into the advertising rotation. They will only act on removing certain ads that are identified as being security risks, and this is usually after they've been out in the wild and infected a number of people already to be noticed, and after the advertising company can confirm they're malicious.
So basically, any website with third party banner ads is a potential avenue of becoming infected by malicious software...
This includes sites like Wowhead, Thottbot, Curse gaming, even the WoW forums themselves have had the potential to be a point of infection -- they've inadvertantly had gold selling adverts pop up on the official WoW forums before. All are legitimate websites that a typical WoW player would visit, for legitimate reasons.
So no, it's not purely the fault of users, because there is a decent portion of it outside of the control of the users. Users can only mitigate the chance of having their account breached, they cannot completely and 100% secure themselves.
And for someone so adament about blaming victims for their ignorance and needing to become more informed about IT security... you certainly could use some brushing up on it yourself.
You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.
I am the type of player where I like to do everything and anything from time to time.
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
[*]
Some people get hacked but not many and it's usually obvious as to how
[*]
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
How would a person get to the hacker's website in the first place? Flash vulnerability does not let you get hacked unless... again, you are browsing a hacker's website. If you stay away from those sites, you are fine. And you can't get to the hacker's sites unless:
- you got a phishing email and u followed the link (read my previous post);
- you were looking for hacks;
- you were looking for powerleveling services;
- you were looking for gold selling services;
- you were looking for bad porn (there are so many normal porn sites, that finding hacker's website by searching for normal porn is highly improbable);
So no, you can't just get hacked, it takes effort to get hacked. If you have average computer literacy you will easily identify 90-95% of the spoofs and never get hacked. Router vulnerabilities, browser vulnerabilities, all of that is offset by decent firewall and average brains. Its all about the user.
Banner ads from third party Web advertisement companies.
The "hackers" can submit their infected "advertisements" to web advertising companies, who then proliferate them into the ad rotation of WoW related websites that have banner ads for supplemented revenue.
The vast majority of web advertising companies do not properly screen ads that they put into the advertising rotation. They will only act on removing certain ads that are identified as being security risks, and this is usually after they've been out in the wild and infected a number of people already to be noticed, and after the advertising company can confirm they're malicious.
So basically, any website with third party banner ads is a potential avenue of becoming infected by malicious software...
This includes sites like Wowhead, Thottbot, Curse gaming, even the WoW forums themselves have had the potential to be a point of infection -- they've inadvertantly had gold selling adverts pop up on the official WoW forums before. All are legitimate websites that a typical WoW player would visit, for legitimate reasons.
So no, it's not purely the fault of users, because there is a decent portion of it outside of the control of the users. Users can only mitigate the chance of having their account breached, they cannot completely and 100% secure themselves.
And for someone so adament about blaming victims for their ignorance and needing to become more informed about IT security... you certainly could use some brushing up on it yourself.
You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.
You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.
It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.
As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.
I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.
You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.
The gold selling industry is touted to be a billion dollar industry, and banner ads don't cost all that much. Drop a couple hundred dollars to create a point of infection for potentially thousands, if not tens of thousands, of victims. All it would take is a few resulting breached accounts to easily make back the cost of the banner ad from selling off of gold, items, and even the characters or accounts themselves. Besides, they probably use stolen credit card info to pay for the ads anyways, and fake identites to register them. Heck, that's what the "hackers" do to get into breached inactive accounts, they reactivate them with stolen credit card info.
As per you brushing up on your security, I mean that you don't quite grasp the full extent of IT security. Despite your hardware and software firewall, despite your anti-virus, malware scanner, using mor esecure browsers and security add-ons, there is STILL the possibility to have your PC breached. All it takes is one person with malicious intent to find one of the many security flaws in the myriad of software we all use everyday, and they can potentially exploit that to slip past all of your security without you realizing until it's too late. That's simply a fact of being on the Internet, and to arrogantly proclaim that it's entirely the user's fault for being hacked, is just blind ignorance. Sure, the user may have been a contributing factor in some manner, but there are many cases where a user can do everything "right", and still get hacked from something as harmless looking as a banner ad sitting at the top of a webpage.
Comments
I have not been hacked. My account has been inactive since February and I just checked and it still hasn't been banned.
But, this has to be something on Blizzard's end. It just doesn't add up any other way.
Some people get hacked but not many and it's usually obvious as to how
Blizzard makes everyone register on battle.net
Many people (orders of magnitude more people) start getting hacked
Now, since the battle.net switch I've been receiving lots of phishing emails (one or two a day, sometimes more) but since I'm not subbed I just forward them on to hacks@blizzard.com and forget about it. This e-mail address is registered with lots of MMO sites so that doesn't prove anything but it's fishy (phishy.. get it.. heh!)
But this isn't a problem with the end users, it's much to widespread for that and the sudden surge in account hacking that happened with the switch to b.net points the finger squarely at Blizzard.
What's sad for me is I was looking forward to resubbing for Cataclysm but there's no way in hell I'll even consider resubbing until this problem is brought under control.
NO, it points at the hackers. THe reason why the sheer amount of phishing emails and such is because WoW is so popular and because they can't hack Blizzard. You don't see any phishing emails asking to log to a game called Horizons (I know its not called that anymore, just to illustrate the point), because barely anyone plays it. Noone is interested in hijacking a Horizons account. They want to hijack game accounts where they can steal money - WoW is a goldmine for these purposes.
Many people getting hacked means a lot of people are simply computer illiterate. They do not distinguish between simple things. My father used to get caught for the spoof where a fishy site would present an image of a regular window with a message and an OK button. He could not distinguish that from a genuine Windows message. He kept clicking on it. I had to make him learn about it the hard way (if you move your mouse over the OK button and it looks like a hand pointing a finger upwards, DO NOT CLICK on it).
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
The most common attack vector is social networking websites, facebook,myspace,twitter have had massive security breaches allowing hackers to infect apps thus infecting tens of thousands of users ans popular web games though flash advertisements.
They also target web advertising they pay 20 bucks put there ad with a web advertising outfit an infect a huge amount of web browsers on popular sites such as newspapers,news,celeb sites,movie and tv sites, online game sites such as curse gaming,allakazam,farmville, mafia wars and list goes on and on.
Facebook atm is the largest attack vector due to shear numbers of users they are the number one spreaders of fake av's and keyloggers on the net atm if you want to blame someone you can blame facebook security in past year they have had there apps hacked about a dozen times and counting.
Also internet explorer has a security hole atm which hackers are still using to get passwords just from visiting their site using java script they get your email address and passwords , you can blame microsoft for this they were warned it has been around for 2 years now.
Best security when browsing the web:
Firefox current version, with noscript, adblock plus,WOT,betterprivacy.
1) Many people were already getting hacked prior to the battle.net change. Blizzard created the authenticator program a year and a half before the battle.net change. Hacked accounts were already out of control
2) Changing login names to email addresses did not help the situation and I think was a dumb idea.
3) More people getting hacked after the change, sure. Just think about how many players changed their login names to an email address that they have posted and registered all over the internet. I bet you anything that millions of people just exposed 1/2 of their login information. On top of that I bet you a good portion of those people stupidly use the same password for their wow account or email account which would allow hackers full control over their accounts.
It isn't really hard to see why hacking is on the rise. Far more phishing emails floating around and untold amounts of players just exposed 1/2 of their login information and a backdoor to their account management should their email account be compromised.
Sorry, but all of that points squarely at the user.
Ill say what I said in another thread. If you get hacked and don't have an authenticator I have 0 sympathy for you. Its the price of a happy meal. Get it and stop complaining.
I'm at the point where I look forward to my weekly phishing emails. It started with just a warning I might have been hacked, then moved to my faction being changed and is now up to freezing my account because it's being sold on the internet.
Quite amazing when you figure I've never had a single thing to do with WoW or Blizzard EVER.
SWG (pre-cu) - AoC (pre-f2p) - PotBS (pre-boarder) - DDO - LotRO (pre-f2p) - STO (pre-f2p) - GnH (beta tester) - SWTOR - Neverwinter
Exactly! They simply scanned your email somewhere... whether here, on another forum/website/pornsite/signature/etc.
Also, people, make sure your forum name is NOT part of your email address. If I were a WoW hacker, id send a few emails to Nebless at: nebless@yahoo.com, nebless@yahoo.ca, nebless@hotmail.com, nebless@gmail.com, nebless@sprint.com, nebless@rogers.ca and maybe a few more from the major providers... i bet one or two emails are valid and will not return back to me.
PS: sorry Nebless if one of those emails is actually yours... If thats the case, you should change it.
EDIT: made my post more readable
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
Phishing is not the leading cause of breached accounts.
It's via browers (mostly IE) and flash vulnerabilities to infect keyloggers or steal client data (stored browser passwords, etc) from the browser, made all the more easier for the fact that usernames are as simple as finding what e-mail address a person is, or has, used.
It's not as simple as labeling victims of breached accounts as being ignorant, when there are so many security flaws that are out of the control of users, aside of course, from completely unplugging their PC from their modem. Sure there are things that can be done to mitigate some of the issues, but if a hacker discovers a new major windows or Flash exploit, there's little a user can even do to protect against it until the vulnerability is even detected and fixed by the proper authorities.
Do not forget home routers and routers in general they have a HUGE security hole that can be taken advantage of by using a war dialing (internet ip addresses) and webpages hacking routers to reroute your dns to allow man in the middle attack this attack will even steal authenticator codes.
http://tech.blorge.com/Structure:%20/2010/07/14/millions-of-routers-may-be-at-risk-for-a-simple-hack/
Dlink has been one of the safer routers and will be even more safe using DNSSEC, CAPTCHA, and IPv6 certification.
You should check for new firmware for your router and update.
DNSSEC was revealed last month by the Internet Corporation for Assigned Names and Numbers (ICANN) during Black Hat 2010. The system was designed to beef up Internet security by virtually stamping email and web pages so that its authenticity can be verified. This will ultimately prevent "spoofer" attacks designed to use legitimate-looking emails and web sites to lure consumers to malware.
As for CAPTCHA, D-Link integrated the technology in mid-2009. It's a challenge-response test that verifies that a response during a user logon is actually a human and not computer-generated. Users confirm their organic origins by entering a small amount of text displayed in an image to help prevent automated registration and fraud.
EXACTLY.. You can not protect your account against "new" hacks.. Again as I have said before.. Why doesn't Blizzard take away a hacks "market" instead of feeding it with a poor player economy.. Hacks don't hack to sell gold to people to pay for repair cost.. Blizzard designed a SHITTY player economy that attracts gold sellers and hackers.. Take away their incentive, and the hacks go away..
Every game that has an economy attracts hackers and gold sellers. The problem isn't an in game economy, it is players wanting to cheat and short cuy gameplay. That is always going to be a problem for popular mmos if they use currency that has any use.
What mmo companies need to do is put fear into end users for buying currency. As long as players don't have anything to lose for dealing with gold sellers they will continue to do so. By this I mean a sense of fear the playerbase as a whole feels. Not some isolated cases where some people get banned, but very highly publicized situations that get the message across to everyone that they are at risk for buying currency.
From that link... "Most routers that are vulnerable are only at risk if they are running older versions of firmware, and aren’t using a password to protect themselves, or even just the default passwords" - that made me LOL.
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
How would a person get to the hacker's website in the first place? Flash vulnerability does not let you get hacked unless... again, you are browsing a hacker's website. If you stay away from those sites, you are fine. And you can't get to the hacker's sites unless:
- you got a phishing email and u followed the link (read my previous post);
- you were looking for hacks;
- you were looking for powerleveling services;
- you were looking for gold selling services;
- you were looking for bad porn (there are so many normal porn sites, that finding hacker's website by searching for normal porn is highly improbable);
So no, you can't just get hacked, it takes effort to get hacked. If you have average computer literacy you will easily identify 90-95% of the spoofs and never get hacked. Router vulnerabilities, browser vulnerabilities, all of that is offset by decent firewall and average brains. Its all about the user.
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
Does it happen? Yes.
Is it that common? No.
Most of the hype is around a few people that seem to enjoy fanning the flames of the problem. Without a doubt people are getting phished and scammed but the number of real hacks where people use brute force attacks against an account to gain access are miniscule and a wasted effort against anyone that has used a reasonable password and/or the authenticator. Plus Blizzard has systems in place to detect and prevent that sort of attack.
Use the advice that Blizzard and others have given out and use some common sense and nothing will happen to your account but unfortunately too many people are having fun pointing fingers and causing hysteria for these posts to stop any time soon.
loads of nOObs think they gonna onw wow if they would just have enough money in their bank.......there you go.
All them stupid kids (and prolly some crazy adult peeps too) who think "hey lets do this fast so i can buy some uber gear and go endgame".......they buy some wow money and then they come whining that there account has been hacked.
just note this.......i never in my life bought wow gold and never has my account been in any danger (oh yeah....my account is 5 years old )
Why do these money sellers keep trying???? because LOTS of losers are stil buying wow gold.....your own damn fault......dont whine about gold sellers......just dont buy gold from them and they will stop on their own cause it makes them no more money.
its realy that simple........oh btw......nobody in the real life cares that you PWN in wow so you are only "uber" when it comes to one video game......i am not uber but pretty good irl and thats harder then any video game
sloeber out
"About my own experiences: since the last month or two I've been getting mails about WoW that look official, but when you see the link that's added and check the email address it's coming from they're both phoney, not from Blizzard itself. So I never clicked the link."
I don't even play WOW, but I also have been getting spammed to hell over the last few weeks with fake AND real Blizzard e-mails. It's wierd and annoying.
I've got friends who buy gold but only for F2P MMO's since the ratio of gold for real life money gets you more then if bought the stuff off the item mall.
From a P2P point of view it's abit tricky , because when you buy gold from a website , they're able to track your account name and therefor once they a hold of your account name they just run their Password programs for hours until they get a lock on your password and then hack your account to 0. Remember that a P2P account is worth WAY MORE then a F2P account regardless of the P2P title. So for gold sellers its way more profitable to hack a P2P account when they can , and trust me nothing will stop them to eventually hack any accounts that buys gold off of them. And trust me when I say they don't give a s""t if you have put your lifesavings on a MMO. You buy gold off of them , your at very high risk. And Blizzard as of any company will investigate on why your account has been hacked which can take a while. And they can back track any IP address to any accounts around the globe to see if in fact you bought gold off a website , and if that's the case you'll probably get banned. But if your legit , they'll give back your account with all gear and gold. A hacked account is like a crime scene , there's always a reason for why a account got hacked. In my 18 years of playing MMO's ,and I played a crap load of them, I never got hacked
Main reason to never ever give out your account name. But then again if your foolish enough to buy gold on a P2P MMO then it's your problem , because getting hacked without buying gold is pretty much impossible unless you give out your account name for millions to see. Those that do get hacked deny of anything and they are the most legit of players. Unless your account name is bob123 with PW: Ipwn it is very unlikely for anyone to get hacked.
With that said , I'm currently starting to play wow again after a few years to get back into the Blizzard beat until D3 comes out.
Enjoy your gameing experiences everyone!
Why would you give a gold seller your account name anyway. . all they need is your character. The problem is that Bliz/Battlenes started using e-mail addresses instead of account names. With so many people playing they are bound to just run hotmail e-mails on gaming forums etc. and get lucky with brute force or dictionairy methods.
Wa min God! Se æx on min heafod is!
Banner ads from third party Web advertisement companies.
The "hackers" can submit their infected "advertisements" to web advertising companies, who then proliferate them into the ad rotation of WoW related websites that have banner ads for supplemented revenue.
The vast majority of web advertising companies do not properly screen ads that they put into the advertising rotation. They will only act on removing certain ads that are identified as being security risks, and this is usually after they've been out in the wild and infected a number of people already to be noticed, and after the advertising company can confirm they're malicious.
So basically, any website with third party banner ads is a potential avenue of becoming infected by malicious software...
This includes sites like Wowhead, Thottbot, Curse gaming, even the WoW forums themselves have had the potential to be a point of infection -- they've inadvertantly had gold selling adverts pop up on the official WoW forums before. All are legitimate websites that a typical WoW player would visit, for legitimate reasons.
So no, it's not purely the fault of users, because there is a decent portion of it outside of the control of the users. Users can only mitigate the chance of having their account breached, they cannot completely and 100% secure themselves.
And for someone so adament about blaming victims for their ignorance and needing to become more informed about IT security... you certainly could use some brushing up on it yourself.
Reports are flooding in sites with ads that are infecting users again on over 60 popular websites using as many as 68 script exploits in the ads everything from facebook,myspace,piratebay,file sharing sites,tv and movie sites,music sites, news sites, mmo sites and more sites that were at one time considered safe.
I used a virtual machine test machine and browsed all these sites my software which tracks changes to my system showed dozens of infections off of these rogue ads, from fake av to rootkits with keyloggers i traced these because of the large increase in my customers get hacked in WoW and traced it to game ads on facebook.
The malicious software in question are hosted on 3 domains; savelocity.com, seekerfeed.com, and xoads.com, with another 6 reported as distribution intermediaries including parkneed.com, yieldmanager.com and zxxds.net.
The sites I highlighted in orange (including mmo-champion and allazhazam) are actually owned by a subsidiary of IGE. The worlds largest gold seller. Just imagine the database of information they have access to.
Blizzard does not spam. I played WoW since release, and i got like 10-20 emails from Bliz in total.
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.
I am the type of player where I like to do everything and anything from time to time.
http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.
It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.
As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.
http://news.cnet.com/8301-27080_3-20002267-245.html
http://www.wowwiki.com/Talk:Thorium_Brotherhood
http://copyfight.corante.com/archives/2009/04/20/copyfight_is_everywhere.php
I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.
http://www.maximumpc.com/article/home/adobe_plugs_six_critical_security_holes_flash_player
http://www.adobe.com/support/security/bulletins/apsb10-16.html
The gold selling industry is touted to be a billion dollar industry, and banner ads don't cost all that much. Drop a couple hundred dollars to create a point of infection for potentially thousands, if not tens of thousands, of victims. All it would take is a few resulting breached accounts to easily make back the cost of the banner ad from selling off of gold, items, and even the characters or accounts themselves. Besides, they probably use stolen credit card info to pay for the ads anyways, and fake identites to register them. Heck, that's what the "hackers" do to get into breached inactive accounts, they reactivate them with stolen credit card info.
As per you brushing up on your security, I mean that you don't quite grasp the full extent of IT security. Despite your hardware and software firewall, despite your anti-virus, malware scanner, using mor esecure browsers and security add-ons, there is STILL the possibility to have your PC breached. All it takes is one person with malicious intent to find one of the many security flaws in the myriad of software we all use everyday, and they can potentially exploit that to slip past all of your security without you realizing until it's too late. That's simply a fact of being on the Internet, and to arrogantly proclaim that it's entirely the user's fault for being hacked, is just blind ignorance. Sure, the user may have been a contributing factor in some manner, but there are many cases where a user can do everything "right", and still get hacked from something as harmless looking as a banner ad sitting at the top of a webpage.