Spammers are paid professionals who are experts at deceiving people. So I don't find it to surprising when a spammer gets ahold of someones email and they don't understand how it happened.
I know they are, but I haven't logged into WoW since July 2007. I had a second account which my GF and a close friend played. That account has a a gmail adress and hasn't received a single email. I switched computers in the meant time and formatted my old computer. Cookies is the very unlikely.
I agree, a lot of people are careless with their personal info or have been buying gold. Or downloaded risky thirdparty addons. Not me, I can loose my job as my clients find out my computer is infiltrated by hackers.
If it was any other emailadress I would agree that I was careless and I filled in my details at a bad site. That is why I always change my free emailadresses once a year. To make things interesting I received my first fishing email for Sony.Station today. I played Vanguard in 2007/2008. Used a second paid emailadress for that one. No idea how they got that one. Paid both games with a CC that isn't registered to me, so it isn't possible they tracked my by that.
Option 1: Blizzard has a security breach; some can access their servers
Option 2 : Blizzard has hired a bad employee
Option 3 : Blizzard is selling information themselves
I still believe the spammers have someone on the inside; option 2. To me that makes the most sense.
Sure those options are possible, but it is also possible that hotmail/gmail sold your address. Why no one jumps to that conclusion is funny. The conclusion drawn is that is must be blizzard. There is no more information to suggest one over the other, but people always blame blizzard for the unknown in these situations. My point is possible doesn't mean probable.
There are plenty more ways for someone to get your email address than just you entering it into a website or something like that. Even google returned results in their paid advertisements to infected websites that steal data. Not intentionally, but it happens. Even casual surfing has its risks. The level of deception is getting very sophisticated, which is why most people have no idea how they were compromised.
My friend hasn't played WoW since mid 200-freaking-5. We're talking five years here, folks. He always uses a unique username, email adress and password for his MMORPG accounts, and at least a unique password for every freakin' thing he ever signs up for. He never used any addons. He's regularly used antivirus/antispyware/etc. since before WoW was a twinkle in Blizzard's eye.
For those saying "it's all the users fault!!!1!!11" please explain to me how his account managed to get hacked, as he just recently found out that it had.
I figure I might as well chime in too, seems to be the thing to do.
So I quit Wow November of last year, cancelled my sub, unistalled it, the whole shubang. At this time I had also been played LotRO for about a year and it was now my primary mmo. Fast Forward to February and I get an email from Bliz saying my account had gotten a 3 day suspention, I chalked this up as a scam email, since my friend was currently being plagued with them as well. But I figured "what the heck" and I went to battle.net to log in, well guess who's password was different and now had an authenticator (from an unknown source). So the fiasco of waiting on the phone for 8 hours to talk to a service rep (I'm not about the let the hackers win and it was the weekend). I get the authenticator removed and my account is now mine again. I did get some free time thanks to Mr. Hackers 2 month time card, the first 2 weeks of which I spent waiting for my characters to be recovered. I took all their suggested precautions to "keep my computer safe", including multiple scans and rescans for virus with and without WoW open. And of course changing all my passwords.
Fast Forward again to a month ago. I reactive my account, because some friends who have since moved out of town are gonna start playing and I'm gonna join them. Within 2 weeks, I get an email from Bliz saying they detected a virus/keylogger on my computer and have temperarily deactivaed (or something like that) my account so I don't get compromised. So I figure whatever was there from last time I somehow didn't get rid of it, so I do the most painful thing and reformat my hard drive. So I reinstall everything get my account back again from Bliz. Submit my ticket to get my chars back, which were deleted again (guess you weren't quick enough to prevent my account being compromised Bliz). Wait the 1.5 weeks for my chars to come back and here we are.
All this time I haven't had a single problem with either my LotRO account which has been active and played this entire time, nor my Guild Wars account, which was also played.
I'm joining the ranks of the tin foil hatters.
[Tin Foil Hat]
+150% Bliz Skepticism
Requires 1 WoW Account Hack
Edit: To revome possible arguments, I have upto date virus, spyware, malware, etc. blockers/scanners. I also run Firefox, with NoScript (saw scripts mentioned before). I don't follow email links, always just use the address bar (that that way they can't fake you out with the site address that is linked). Can't think of anything else, but thought I'd cover my bases.
Edit 2: Just one more cover my ass point. I'm not saying it's Bliz's fault jet saying ts possible. I think far and away the disguntled employee is the most likely scenario as others have stated. In support of that I think would be very odd for hackers/phishers to pick up and use so many accounts in such a short time. As well as adding the authenticator seems odd for a hacker, but then again I'm nt to familiar with hacking protocal.
Granted, there isn't really much of a reason to trust Blizzard due to their history...but did you use any kind of add-on, at any point, ever, on the computer you played WoW on?Add-ons seem to be necessary for far too many WoW players and these have amazing security risks. If you didn't use an add-on I commend you, it's something I didn't do myself until the last month or two months of playing the game and purely to see what folks were talking about. I found that they were never, ever, ever necessary.
That said, if you've ever used an add-on, like I once did toward the very end of my playing time in WoW, you have no room to complain. Why? If you use add-ons you participate in the problem, to be polite, and deserve to be hacked. I'll say it again, if an individual ever uses an add-on they deserve to be hacked. I used one at the very end and, even with a cancelled account, hackers were able to get in and I deserved to get hacked for it. The two add-ons I used at the end were one to check DPS and that ridiculous GearScore nonsense so I could see what peopel were talking about. That was it, they were very popular, and with a rather secure password and proper security the only realistic option was a keylogger imbedded in those programmes or some sort of new trojan.
If you didn't use an add-on then, well, Blizzard really is that poorly securing your information. To read more of my thoughts on Blizzard and security please check an earlier posting of mine in the thread.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain. (2) It's not about community, is it? You just have nothing better to do.
Granted, there isn't really much of a reason to trust Blizzard due to their history...but did you use any kind of add-on, at any point, ever, on the computer you played WoW on?Add-ons seem to be necessary for far too many WoW players and these have amazing security risks. If you didn't use an add-on I commend you, it's something I didn't do myself until the last month or two months of playing the game and purely to see what folks were talking about. I found that they were never, ever, ever necessary.
That said, if you've ever used an add-on, like I once did toward the very end of my playing time in WoW, you have no room to complain. Why? If you use add-ons you participate in the problem, to be polite, and deserve to be hacked. I'll say it again, if an individual ever uses an add-on they deserve to be hacked. I used one at the very end and, even with a cancelled account, hackers were able to get in and I deserved to get hacked for it. The two add-ons I used at the end were one to check DPS and that ridiculous GearScore nonsense so I could see what peopel were talking about. That was it, they were very popular, and with a rather secure password and proper security the only realistic option was a keylogger imbedded in those programmes or some sort of new trojan.
If you didn't use an add-on then, well, Blizzard really is that poorly securing your information. To read more of my thoughts on Blizzard and security please check an earlier posting of mine in the thread.
Well unfortunately I do generally use add ons. However I do think it is a little harsh to say people who use add ons deserve to be hacked. Especially since Bliz seems to condone add ons, providing the makers with what they need and not banning/blocking them. I assume the problem you say that add on users are participating in is the hacking from keyloggers in those add ons? Well its entirely possible. Still I take the precaution of checking them for .exe files just in case (I'm sure there are other ways to get hacked from add ons) and I always get them from the same site (I manually download them and have a program that checks my downloads for viruses).
Must say though, I've decided to start an experiment. Gonna remove all add on and do all my security checks and see if I end up getting hacked again. While this isn't really the best way to prove if its on Bliz's or the user (mostly because it requires getting hacked again and that I can prove it wasn't on my end), its worth a try to at least see.
Last point: I honestly believe if Bliz knew that add ons where the #1 reason for hacked accounts they would do something about it. Oh course they may not know thats the main cause or it may not be.
I figure I might as well chime in too, seems to be the thing to do.
So I quit Wow November of last year, cancelled my sub, unistalled it, the whole shubang. At this time I had also been played LotRO for about a year and it was now my primary mmo. Fast Forward to February and I get an email from Bliz saying my account had gotten a 3 day suspention, I chalked this up as a scam email, since my friend was currently being plagued with them as well. But I figured "what the heck" and I went to battle.net to log in, well guess who's password was different and now had an authenticator (from an unknown source). So the fiasco of waiting on the phone for 8 hours to talk to a service rep (I'm not about the let the hackers win and it was the weekend). I get the authenticator removed and my account is now mine again. I did get some free time thanks to Mr. Hackers 2 month time card, the first 2 weeks of which I spent waiting for my characters to be recovered. I took all their suggested precautions to "keep my computer safe", including multiple scans and rescans for virus with and without WoW open. And of course changing all my passwords.
Fast Forward again to a month ago. I reactive my account, because some friends who have since moved out of town are gonna start playing and I'm gonna join them. Within 2 weeks, I get an email from Bliz saying they detected a virus/keylogger on my computer and have temperarily deactivaed (or something like that) my account so I don't get compromised. So I figure whatever was there from last time I somehow didn't get rid of it, so I do the most painful thing and reformat my hard drive. So I reinstall everything get my account back again from Bliz. Submit my ticket to get my chars back, which were deleted again (guess you weren't quick enough to prevent my account being compromised Bliz). Wait the 1.5 weeks for my chars to come back and here we are.
All this time I haven't had a single problem with either my LotRO account which has been active and played this entire time, nor my Guild Wars account, which was also played.
I'm joining the ranks of the tin foil hatters.
[Tin Foil Hat]
+150% Bliz Skepticism
Requires 1 WoW Account Hack
Edit: To revome possible arguments, I have upto date virus, spyware, malware, etc. blockers/scanners. I also run Firefox, with NoScript (saw scripts mentioned before). I don't follow email links, always just use the address bar (that that way they can't fake you out with the site address that is linked). Can't think of anything else, but thought I'd cover my bases.
Edit 2: Just one more cover my ass point. I'm not saying it's Bliz's fault jet saying ts possible. I think far and away the disguntled employee is the most likely scenario as others have stated. In support of that I think would be very odd for hackers/phishers to pick up and use so many accounts in such a short time. As well as adding the authenticator seems odd for a hacker, but then again I'm nt to familiar with hacking protocal.
Granted, there isn't really much of a reason to trust Blizzard due to their history...but did you use any kind of add-on, at any point, ever, on the computer you played WoW on?Add-ons seem to be necessary for far too many WoW players and these have amazing security risks. If you didn't use an add-on I commend you, it's something I didn't do myself until the last month or two months of playing the game and purely to see what folks were talking about. I found that they were never, ever, ever necessary.
That said, if you've ever used an add-on, like I once did toward the very end of my playing time in WoW, you have no room to complain. Why? If you use add-ons you participate in the problem, to be polite, and deserve to be hacked. I'll say it again, if an individual ever uses an add-on they deserve to be hacked. I used one at the very end and, even with a cancelled account, hackers were able to get in and I deserved to get hacked for it. The two add-ons I used at the end were one to check DPS and that ridiculous GearScore nonsense so I could see what peopel were talking about. That was it, they were very popular, and with a rather secure password and proper security the only realistic option was a keylogger imbedded in those programmes or some sort of new trojan.
If you didn't use an add-on then, well, Blizzard really is that poorly securing your information. To read more of my thoughts on Blizzard and security please check an earlier posting of mine in the thread.
Add-ons cannot keylog you just by placing them in your WoW addon folder. They're just an assortment of XML and LUA files that are read by WoW, limited to performing the functions that are allowed in the client. You can however, get keylogged from visiting a site with infected ads (typically via flash vulnerability), or by using an executable to "auto install" an add-on... which is why you should only ever use add-ons that are in a zip format, with no executables in it. And of course, using a half-decent browser like firefox, preferably with the noscript plugin to prevent flash ads from loading.
My friend hasn't played WoW since mid 200-freaking-5. We're talking five years here, folks. He always uses a unique username, email adress and password for his MMORPG accounts, and at least a unique password for every freakin' thing he ever signs up for. He never used any addons. He's regularly used antivirus/antispyware/etc. since before WoW was a twinkle in Blizzard's eye.
For those saying "it's all the users fault!!!1!!11" please explain to me how his account managed to get hacked, as he just recently found out that it had.
Your friend or you?
If it is your friend, you know everything about him?
If so, you and only you + your friend can figure it out b/c no one else on this earth know who you or your friend is.
If you + you friend cannot explain it, then you + your friend failed. It does not mean we must provide an answer, cos we do not know you + your friend, and if we pretend we are giving you an answer, we are kidding you.
Unexplanable issues does not imply anything. It just means, something you never know.
Well unfortunately I do generally use add ons. However I do think it is a little harsh to say people who use add ons deserve to be hacked. Especially since Bliz seems to condone add ons, providing the makers with what they need and not banning/blocking them. I assume the problem you say that add on users are participating in is the hacking from keyloggers in those add ons? Well its entirely possible. Still I take the precaution of checking them for .exe files just in case (I'm sure there are other ways to get hacked from add ons) and I always get them from the same site (I manually download them and have a program that checks my downloads for viruses).
Must say though, I've decided to start an experiment. Gonna remove all add on and do all my security checks and see if I end up getting hacked again. While this isn't really the best way to prove if its on Bliz's or the user (mostly because it requires getting hacked again and that I can prove it wasn't on my end), its worth a try to at least see.
Last point: I honestly believe if Bliz knew that add ons where the #1 reason for hacked accounts they would do something about it. Oh course they may not know thats the main cause or it may not be.
No one deserves to be hacked.
Normal Addons do not and cannot hack you, so long as it does not involve executables. DL it from known websites, expand the zip or whatever compressed form using you own decompressing tool, which I kept on a CD (in theory less chance of being compromised). Never open the directory containing addons, just run wow.
All precautions are taken with add ons (i.e. using only zipped ones, manual installing, no .exe). My last post was just responding to The_Grump.
Btw Grump I went back and read one of your posts about add ons and as far as I understand most add ons for WoW don't use data mining, as this would be against the EULA, etc. Again stating I don't make add ons, but from what I understand Bliz provides the info/data to the add on creators that they need to make their mods/add ons. So its not like they are breaking Bliz's systems and stealing info to make these mods/add ons. (Would be nice to have someone who knows add ons confirm this, though).
As quick changing as this may seem, I've decided not to do my little no add ons and wait to be hacked experiment (big shocker there). I'm not on some righteous quest to prove Bliz is stealing my info or anything, just came here to say its possible and share what happened to me. Thanks for the couple people who seem to know add ons (or at least more than me) for the precautions, I'll keep using them.
All precautions are taken with add ons (i.e. using only zipped ones, manual installing, no .exe). [...]
Btw Grump I went back and read one of your posts about add ons and as far as I understand most add ons for WoW don't use data mining, as this would be against the EULA, etc. Again stating I don't make add ons, but from what I understand Bliz provides the info/data to the add on creators that they need to make their mods/add ons. So its not like they are breaking Bliz's systems and stealing info to make these mods/add ons. (Would be nice to have someone who knows add ons confirm this, though).
I don't make add-ons either and, really, with how user-friendly World of Warcraft is I just can't see a reason for it. I have a strong anti-add-on stance and that isn't going to change unless a strong argument in favour of relying on that crutch is given to me. WIth that said, my knowledge of how add-ons work comes from talking with GMs (during in-game support converations) and some of the support staff for World of Warcraft (when I called to rectify the situation). If add-ons truly function in a different way then they function in a different way, I have no problem with being wrong and can only learn from that. This, of course, doesn't remove the real danger that add-ons pose to account security.
People seem to need add-ons and I've never been able to figure that out. The popularity that add-ons have does leave windows open for malicious intent, windows that I don't have the techonogical prowess to do more than speculate with. It could be within ads on a site, hidden files, a whole host of things. Whatever it may be, it is a risk taken outside of necessity and people should bear the consequences of that.
When I think of all of the security precautions I took, from a strong password, updated Windows programmes/files, updated and comprehensive security suite and using Firefox with incredibly strong security settings, the only thing that comes to mind that it could have been is something from the two add-ons that I idiotically used. I played a damn good Warlock, had good rotations with no dps issues and remembered what skills did and when I should use them -even in complicated circumstances. I didn't need the add-on and took a needless risk, something that I paid for with my account being hacked. Thankfully, I had been out of World of Warcraft for a few months when that happened so I wasn't effected in any way other than having to call support to rectify the situation. (Why? I cancelled my account because of Blizzard, I didn't want some data thief to have the final say on my account.)
I still stand by the contentious statement, that people who use add-ons deserve to be hacked. It's an unnecessary risk, period, and it can lead to various secruity compromises that otherwise would not have been there. I simply cannot believe that there is no connexion to add-on useage and hacked accounts. Coincidence is not causation, true, and the internet is certainly a dangerous place when it comes to data security, true, but it seems to me that there is a connexion.
Blizzard supports add-ons in a very vague way (cf. #7), especially when add-ons clearly violate section 2B of the EULA. Add-ons appreciably modify the game experience in some way, even it if is merely cosmetic, and Blizzard's stance on the issue is clearly not one that has much integrity. It is simply disingenuous to say that add-ons cannoy violate the ToS/EULA and at the same time have a statement in the EULA that says you cannot use third-party software to modify the game experience. It's a hypocritcal position.
With that said, I'll leave my arguments against add-ons and the hacking issue in this thread at this. Hopefully the argument will be helpful, if not then hopefully someone defeating my argument will be helpful. After all, it's about community and we need to help each other get things right.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain. (2) It's not about community, is it? You just have nothing better to do.
I agree with you for the most part on the no add-on stance, though i do make some exceptions. Sometimes games are designed with just plain horribly and non-user friendly UIs. For example the default UI in WAR, especially playing a healer in Warbands and Scenarios was just plain horrid and made doing your job way more trouble than it already was, not because of any game difficulty but simply a poorly designed interface. Addons like Squared actually make things like healing in large groups doable for a change. There were also some addons which made crafting much more user friendly and convenient too, because once again the de3fault UI for that was pretty bad in several aspects. State of the Realm was also much better for tracking RvR stuff than anything Mythic ever added into the game.
On the other hand, there were other addons for things like buffing, healing, twisting auras, and many other things which i agree absolutely should not be allowed in game because they do directly impact your ability to fight and use skills and give very clear advantages over those who do not use them.
I used to play WoW, last time i paid for it was last year or so... After reading about the hacked accounts i just went to check my own... and BAM i was hacked !
thats silly, i use credit card , i use paypal, i play lot more mmos , i have a steam account, i use internet banking. The "fucking hacker" choose what ? my credit card ? nooo useless, my bank account ? NO My WoW account that dont even have a maxed lvl character !
I used to claim Blizzard as one of the best Game company, but after this and after all i'm reading, maan i'll think twice after buying something made by them...
The only good part of this is that i'll never play the game again, even if i get tempted to do so.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
To add to the list. My account hadn't been active in a year (WoW wasnt even on my comp anymore) and I suddenly got a mail from bliz stating that my account ha been banned (hacked with an authenticator added), Checking the armory, my toons had been played recently. No idea how this happened.
I don't really see what you guys would think Blizzard would earn from stealing your stuff and money, it is virtual stuff they could create for free anyways. They have no motive, only things to lose. Some players get so upset that they quit when they lose their stuff and that means a large sum of cash just go down the drain for them.
There is of course a chance that one or several Blizzard employees are doing this by themselves to earn extra money, but I think phising programs and suspicious add ons is the real problem here.
There will always be a lot of people who tries to earn money on stuff like this. Some of them are really good on what they do too.
Change your password often and have a long one. Never use add ons and avoid download pirate stuff on the same computer you play on. Never answer any questions about your account no matter who it is from. Avoid suspicious webbsites and use a browser that is safe.
Personally I would avoid Firefox because it is far to common today, making it a target for those people. Chrome or Opera is a better choice.
I might be slightly paranoid but I never got anything hacked ever (as far as I know at least).
My friend hasn't played WoW since mid 200-freaking-5. We're talking five years here, folks. He always uses a unique username, email adress and password for his MMORPG accounts, and at least a unique password for every freakin' thing he ever signs up for. He never used any addons. He's regularly used antivirus/antispyware/etc. since before WoW was a twinkle in Blizzard's eye.
For those saying "it's all the users fault!!!1!!11" please explain to me how his account managed to get hacked, as he just recently found out that it had.
I will give you a hint. It all began when he got an email from "blizzard" that said his account was hacked.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
My friend hasn't played WoW since mid 200-freaking-5. We're talking five years here, folks. He always uses a unique username, email adress and password for his MMORPG accounts, and at least a unique password for every freakin' thing he ever signs up for. He never used any addons. He's regularly used antivirus/antispyware/etc. since before WoW was a twinkle in Blizzard's eye.
For those saying "it's all the users fault!!!1!!11" please explain to me how his account managed to get hacked, as he just recently found out that it had.
I will give you a hint. It all began when he got an email from "blizzard" that said his account was hacked.
I'll give you a hint: that's not how he found out. He went to link his old WoW account to his newly created BNet account and possibly start playing again and discovered from there that it was already hacked. Try again.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
I have more a chance of getting struck by lightning or winning the powerball than what you describe. I can already tell by your demenor you are either a Blizz fanboi or a shill. The whole RealID fiasco just proves blizz does not give a crap about our private info and also proves blizz is not infallible. So where is my powerball money?
I'll give you a hint: that's not how he found out. He went to link his old WoW account to his newly created BNet account and possibly start playing again and discovered from there that it was already hacked. Try again.
There is no such thing as being safe on the internet. No amount of firewalls, passwords, antivirus programs will keep someone safe.
What happened to your friend is hard to know to be honest and nearly impossible to give you an answer. We don't know EVERYTHING he did over the years and highlighting a few points doesn't cover all the possibilities of what he might have done. Lacking the ability to find out what happened isn't proof of something. It just means you don't know what happened.
If there is some massive leak at blizzard it will come out. Someone will blow the whistle. Considering the scale of accounts getting hacked, the cross section of acconts getting hacked, the time periods and everything else, if this was sourced at blizzard it would be to big to hide. Blizzard would have to lock something down internally just to stop the bleeding and that would impact players.
If my identity gets stolen and my credit ruined, I don't rush off to blame the bank for it just because I have a decent password and some basic virus/firewall protection. Same situation here, but I don't think all the banks in the world have security leaks ongoing for the last ten years, because people don't understand how their identities got stolen. This entire enterprise is designed to run on deceiving end users in one of many many ways to expose a vulnerability. Even the most savy users fall victom to threats.
Again, there is no such thing as being safe on the internet. To even think this is possible shows just how vulnerable someone is.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
I have more a chance of getting struck by lightning or winning the powerball than what you describe. I can already tell by your demenor you are either a Blizz fanboi or a shill. The whole RealID fiasco just proves blizz does not give a crap about our private info and also proves blizz is not infallible. So where is my powerball money?
Why don't you blame your email provider - maybe one of their employees are selling email address. Maybe you sleep-unsafe-browse and know nothing of it, why not blame your Antivirus/firewall company? why don't you blame Microsoft? why don't you blame your web browser? why dont you blame your ISP? ... I could go on.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
I have more a chance of getting struck by lightning or winning the powerball than what you describe. I can already tell by your demenor you are either a Blizz fanboi or a shill. The whole RealID fiasco just proves blizz does not give a crap about our private info and also proves blizz is not infallible. So where is my powerball money?
Why don't you blame your email provider - maybe one of their employees are selling email address. Maybe you sleep-unsafe-browse and know nothing of it, why not blame your Antivirus/firewall company? why don't you blame Microsoft? why don't you blame your web browser? why dont you blame your ISP? ... I could go on.
Stop being such a fool. The blame is placed eactly where it should be. Tell me something if your bank decided to change your PIN number to your house addresss number how would you feel about it? Sounds like a stupid thing to do doesn't it ? The same level of responsibility applies here.
There have been a lot of people getting scam email after the battle.net merge. Some people only use their email for wow only and still get these emails.
Some one selling email address' for money?
Plausible deniability for reasons people are getting hacked?
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
I have more a chance of getting struck by lightning or winning the powerball than what you describe. I can already tell by your demenor you are either a Blizz fanboi or a shill. The whole RealID fiasco just proves blizz does not give a crap about our private info and also proves blizz is not infallible. So where is my powerball money?
Why don't you blame your email provider - maybe one of their employees are selling email address. Maybe you sleep-unsafe-browse and know nothing of it, why not blame your Antivirus/firewall company? why don't you blame Microsoft? why don't you blame your web browser? why dont you blame your ISP? ... I could go on.
Stop being such a fool. The blame is placed eactly where it should be. Tell me something if your bank decided to change your PIN number to your house addresss number how would you feel about it? Sounds like a stupid thing to do doesn't it ? The same level of responsibility applies here.
Not to continue the pointless chat - in your senario (which is odd) your bank did not give you a choice, with the bnet switch u did have a choice.
Comments
I know they are, but I haven't logged into WoW since July 2007. I had a second account which my GF and a close friend played. That account has a a gmail adress and hasn't received a single email. I switched computers in the meant time and formatted my old computer. Cookies is the very unlikely.
I agree, a lot of people are careless with their personal info or have been buying gold. Or downloaded risky thirdparty addons. Not me, I can loose my job as my clients find out my computer is infiltrated by hackers.
If it was any other emailadress I would agree that I was careless and I filled in my details at a bad site. That is why I always change my free emailadresses once a year. To make things interesting I received my first fishing email for Sony.Station today. I played Vanguard in 2007/2008. Used a second paid emailadress for that one. No idea how they got that one. Paid both games with a CC that isn't registered to me, so it isn't possible they tracked my by that.
Option 1: Blizzard has a security breach; some can access their servers
Option 2 : Blizzard has hired a bad employee
Option 3 : Blizzard is selling information themselves
I still believe the spammers have someone on the inside; option 2. To me that makes the most sense.
Sure those options are possible, but it is also possible that hotmail/gmail sold your address. Why no one jumps to that conclusion is funny. The conclusion drawn is that is must be blizzard. There is no more information to suggest one over the other, but people always blame blizzard for the unknown in these situations. My point is possible doesn't mean probable.
There are plenty more ways for someone to get your email address than just you entering it into a website or something like that. Even google returned results in their paid advertisements to infected websites that steal data. Not intentionally, but it happens. Even casual surfing has its risks. The level of deception is getting very sophisticated, which is why most people have no idea how they were compromised.
My friend hasn't played WoW since mid 200-freaking-5. We're talking five years here, folks. He always uses a unique username, email adress and password for his MMORPG accounts, and at least a unique password for every freakin' thing he ever signs up for. He never used any addons. He's regularly used antivirus/antispyware/etc. since before WoW was a twinkle in Blizzard's eye.
For those saying "it's all the users fault!!!1!!11" please explain to me how his account managed to get hacked, as he just recently found out that it had.
Granted, there isn't really much of a reason to trust Blizzard due to their history...but did you use any kind of add-on, at any point, ever, on the computer you played WoW on?Add-ons seem to be necessary for far too many WoW players and these have amazing security risks. If you didn't use an add-on I commend you, it's something I didn't do myself until the last month or two months of playing the game and purely to see what folks were talking about. I found that they were never, ever, ever necessary.
That said, if you've ever used an add-on, like I once did toward the very end of my playing time in WoW, you have no room to complain. Why? If you use add-ons you participate in the problem, to be polite, and deserve to be hacked. I'll say it again, if an individual ever uses an add-on they deserve to be hacked. I used one at the very end and, even with a cancelled account, hackers were able to get in and I deserved to get hacked for it. The two add-ons I used at the end were one to check DPS and that ridiculous GearScore nonsense so I could see what peopel were talking about. That was it, they were very popular, and with a rather secure password and proper security the only realistic option was a keylogger imbedded in those programmes or some sort of new trojan.
If you didn't use an add-on then, well, Blizzard really is that poorly securing your information. To read more of my thoughts on Blizzard and security please check an earlier posting of mine in the thread.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
(2) It's not about community, is it? You just have nothing better to do.
Well unfortunately I do generally use add ons. However I do think it is a little harsh to say people who use add ons deserve to be hacked. Especially since Bliz seems to condone add ons, providing the makers with what they need and not banning/blocking them. I assume the problem you say that add on users are participating in is the hacking from keyloggers in those add ons? Well its entirely possible. Still I take the precaution of checking them for .exe files just in case (I'm sure there are other ways to get hacked from add ons) and I always get them from the same site (I manually download them and have a program that checks my downloads for viruses).
Must say though, I've decided to start an experiment. Gonna remove all add on and do all my security checks and see if I end up getting hacked again. While this isn't really the best way to prove if its on Bliz's or the user (mostly because it requires getting hacked again and that I can prove it wasn't on my end), its worth a try to at least see.
Last point: I honestly believe if Bliz knew that add ons where the #1 reason for hacked accounts they would do something about it. Oh course they may not know thats the main cause or it may not be.
Add-ons cannot keylog you just by placing them in your WoW addon folder. They're just an assortment of XML and LUA files that are read by WoW, limited to performing the functions that are allowed in the client. You can however, get keylogged from visiting a site with infected ads (typically via flash vulnerability), or by using an executable to "auto install" an add-on... which is why you should only ever use add-ons that are in a zip format, with no executables in it. And of course, using a half-decent browser like firefox, preferably with the noscript plugin to prevent flash ads from loading.
Your friend or you?
If it is your friend, you know everything about him?
If so, you and only you + your friend can figure it out b/c no one else on this earth know who you or your friend is.
If you + you friend cannot explain it, then you + your friend failed. It does not mean we must provide an answer, cos we do not know you + your friend, and if we pretend we are giving you an answer, we are kidding you.
Unexplanable issues does not imply anything. It just means, something you never know.
No one deserves to be hacked.
Normal Addons do not and cannot hack you, so long as it does not involve executables. DL it from known websites, expand the zip or whatever compressed form using you own decompressing tool, which I kept on a CD (in theory less chance of being compromised). Never open the directory containing addons, just run wow.
That way, you should be reasonably safe.
All precautions are taken with add ons (i.e. using only zipped ones, manual installing, no .exe). My last post was just responding to The_Grump.
Btw Grump I went back and read one of your posts about add ons and as far as I understand most add ons for WoW don't use data mining, as this would be against the EULA, etc. Again stating I don't make add ons, but from what I understand Bliz provides the info/data to the add on creators that they need to make their mods/add ons. So its not like they are breaking Bliz's systems and stealing info to make these mods/add ons. (Would be nice to have someone who knows add ons confirm this, though).
As quick changing as this may seem, I've decided not to do my little no add ons and wait to be hacked experiment (big shocker there). I'm not on some righteous quest to prove Bliz is stealing my info or anything, just came here to say its possible and share what happened to me. Thanks for the couple people who seem to know add ons (or at least more than me) for the precautions, I'll keep using them.
I don't make add-ons either and, really, with how user-friendly World of Warcraft is I just can't see a reason for it. I have a strong anti-add-on stance and that isn't going to change unless a strong argument in favour of relying on that crutch is given to me. WIth that said, my knowledge of how add-ons work comes from talking with GMs (during in-game support converations) and some of the support staff for World of Warcraft (when I called to rectify the situation). If add-ons truly function in a different way then they function in a different way, I have no problem with being wrong and can only learn from that. This, of course, doesn't remove the real danger that add-ons pose to account security.
People seem to need add-ons and I've never been able to figure that out. The popularity that add-ons have does leave windows open for malicious intent, windows that I don't have the techonogical prowess to do more than speculate with. It could be within ads on a site, hidden files, a whole host of things. Whatever it may be, it is a risk taken outside of necessity and people should bear the consequences of that.
When I think of all of the security precautions I took, from a strong password, updated Windows programmes/files, updated and comprehensive security suite and using Firefox with incredibly strong security settings, the only thing that comes to mind that it could have been is something from the two add-ons that I idiotically used. I played a damn good Warlock, had good rotations with no dps issues and remembered what skills did and when I should use them -even in complicated circumstances. I didn't need the add-on and took a needless risk, something that I paid for with my account being hacked. Thankfully, I had been out of World of Warcraft for a few months when that happened so I wasn't effected in any way other than having to call support to rectify the situation. (Why? I cancelled my account because of Blizzard, I didn't want some data thief to have the final say on my account.)
I still stand by the contentious statement, that people who use add-ons deserve to be hacked. It's an unnecessary risk, period, and it can lead to various secruity compromises that otherwise would not have been there. I simply cannot believe that there is no connexion to add-on useage and hacked accounts. Coincidence is not causation, true, and the internet is certainly a dangerous place when it comes to data security, true, but it seems to me that there is a connexion.
Blizzard supports add-ons in a very vague way (cf. #7), especially when add-ons clearly violate section 2B of the EULA. Add-ons appreciably modify the game experience in some way, even it if is merely cosmetic, and Blizzard's stance on the issue is clearly not one that has much integrity. It is simply disingenuous to say that add-ons cannoy violate the ToS/EULA and at the same time have a statement in the EULA that says you cannot use third-party software to modify the game experience. It's a hypocritcal position.
With that said, I'll leave my arguments against add-ons and the hacking issue in this thread at this. Hopefully the argument will be helpful, if not then hopefully someone defeating my argument will be helpful. After all, it's about community and we need to help each other get things right.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
(2) It's not about community, is it? You just have nothing better to do.
@The_Grump
I agree with you for the most part on the no add-on stance, though i do make some exceptions. Sometimes games are designed with just plain horribly and non-user friendly UIs. For example the default UI in WAR, especially playing a healer in Warbands and Scenarios was just plain horrid and made doing your job way more trouble than it already was, not because of any game difficulty but simply a poorly designed interface. Addons like Squared actually make things like healing in large groups doable for a change. There were also some addons which made crafting much more user friendly and convenient too, because once again the de3fault UI for that was pretty bad in several aspects. State of the Realm was also much better for tracking RvR stuff than anything Mythic ever added into the game.
On the other hand, there were other addons for things like buffing, healing, twisting auras, and many other things which i agree absolutely should not be allowed in game because they do directly impact your ability to fight and use skills and give very clear advantages over those who do not use them.
Just started to read this guy blog.
I used to play WoW, last time i paid for it was last year or so... After reading about the hacked accounts i just went to check my own... and BAM i was hacked !
thats silly, i use credit card , i use paypal, i play lot more mmos , i have a steam account, i use internet banking. The "fucking hacker" choose what ? my credit card ? nooo useless, my bank account ? NO My WoW account that dont even have a maxed lvl character !
I used to claim Blizzard as one of the best Game company, but after this and after all i'm reading, maan i'll think twice after buying something made by them...
The only good part of this is that i'll never play the game again, even if i get tempted to do so.
Your all right, if you get hacked its every ones elses fault but you own.. after all my 7 firewalls, 3 virus checkers, 9 malware scanners, the fact I change my password every 5 minutes and my rottweiler (woof) make me 100% hack proof... right?
Guys, you got hacked take responsibilty and learn from it.
There are far to many phishing emails, infected flash movies, zero day viruses and keyloggers (that your might anti-virus will not catch), infected torrents, embedded scripts on web pages, illegal mods (don't download the .exe, download the .zip and inspect all files) and bot-nets to guarantee 100% immunity.
Atleast blizzard do attempt to fix hacked accounts, because they dont have to you know.
To add to the list. My account hadn't been active in a year (WoW wasnt even on my comp anymore) and I suddenly got a mail from bliz stating that my account ha been banned (hacked with an authenticator added), Checking the armory, my toons had been played recently. No idea how this happened.
I don't really see what you guys would think Blizzard would earn from stealing your stuff and money, it is virtual stuff they could create for free anyways. They have no motive, only things to lose. Some players get so upset that they quit when they lose their stuff and that means a large sum of cash just go down the drain for them.
There is of course a chance that one or several Blizzard employees are doing this by themselves to earn extra money, but I think phising programs and suspicious add ons is the real problem here.
There will always be a lot of people who tries to earn money on stuff like this. Some of them are really good on what they do too.
Change your password often and have a long one. Never use add ons and avoid download pirate stuff on the same computer you play on. Never answer any questions about your account no matter who it is from. Avoid suspicious webbsites and use a browser that is safe.
Personally I would avoid Firefox because it is far to common today, making it a target for those people. Chrome or Opera is a better choice.
I might be slightly paranoid but I never got anything hacked ever (as far as I know at least).
I will give you a hint. It all began when he got an email from "blizzard" that said his account was hacked.
Bullshit. Blizz screwed their security on purpose the moment they made a email address logon for battle.net Explain how some of us have not been hacked yet we can get dozens of spam email to a brand new email account used for battle.net?Blizz should have to fix hacked accounts as they are the cause.
Some of us have not been hacked cus the hackers have not gotten our details through the various means they use. As to a new email address, scammers use programmes to create random email address and then use bot nets and other means to mass mail and I mean millions of different email address.
All I need to do is download a digital dictonary (millions of words), add in common changes such as "1" instead of an "i" choose a domain such as @gmail.com, it would take me about an hour to write a script that would output millions of random gmail accounts in seconds, even if 1% worked thats little work for a lot of email address, I then change the domain to @hotmail.com, @yahoo.com and repeat. Do a google for email ripper programs, they litterly troll the internal and forums extracting email address... it is so easy.
I have explained in various similar threads how more accounts have been hacked since the bnet switch and again it falls on the user and not blizzard.
I'll give you a hint: that's not how he found out. He went to link his old WoW account to his newly created BNet account and possibly start playing again and discovered from there that it was already hacked. Try again.
I have more a chance of getting struck by lightning or winning the powerball than what you describe. I can already tell by your demenor you are either a Blizz fanboi or a shill. The whole RealID fiasco just proves blizz does not give a crap about our private info and also proves blizz is not infallible. So where is my powerball money?
There is no such thing as being safe on the internet. No amount of firewalls, passwords, antivirus programs will keep someone safe.
What happened to your friend is hard to know to be honest and nearly impossible to give you an answer. We don't know EVERYTHING he did over the years and highlighting a few points doesn't cover all the possibilities of what he might have done. Lacking the ability to find out what happened isn't proof of something. It just means you don't know what happened.
If there is some massive leak at blizzard it will come out. Someone will blow the whistle. Considering the scale of accounts getting hacked, the cross section of acconts getting hacked, the time periods and everything else, if this was sourced at blizzard it would be to big to hide. Blizzard would have to lock something down internally just to stop the bleeding and that would impact players.
If my identity gets stolen and my credit ruined, I don't rush off to blame the bank for it just because I have a decent password and some basic virus/firewall protection. Same situation here, but I don't think all the banks in the world have security leaks ongoing for the last ten years, because people don't understand how their identities got stolen. This entire enterprise is designed to run on deceiving end users in one of many many ways to expose a vulnerability. Even the most savy users fall victom to threats.
Again, there is no such thing as being safe on the internet. To even think this is possible shows just how vulnerable someone is.
Why don't you blame your email provider - maybe one of their employees are selling email address. Maybe you sleep-unsafe-browse and know nothing of it, why not blame your Antivirus/firewall company? why don't you blame Microsoft? why don't you blame your web browser? why dont you blame your ISP? ... I could go on.
Stop being such a fool. The blame is placed eactly where it should be. Tell me something if your bank decided to change your PIN number to your house addresss number how would you feel about it? Sounds like a stupid thing to do doesn't it ? The same level of responsibility applies here.
There have been a lot of people getting scam email after the battle.net merge. Some people only use their email for wow only and still get these emails.
Some one selling email address' for money?
Plausible deniability for reasons people are getting hacked?
You tell me.
-Azure Prower
http://www.youtube.com/AzurePrower
Not to continue the pointless chat - in your senario (which is odd) your bank did not give you a choice, with the bnet switch u did have a choice.