I think a lot of the hacks happened do to scam emails. They look real for the most part. I get 2 sometimes 3 a week and I have not played wow since 2008. I got one the other day saying my account had been banned and I had to go click on this link if I wanted the ban removed, I was like you want to ban an account I not played in 2 years lol go ahead.
Honestly the email looked real but I ran a traceback, and it went to somebody using a hotmail account. I actually traced it back to hong kong on the route.
Now lets talk about why and what is going on. I think beyond a dought, that there are folks working at blizard that are compromizing the accounts and giving account information away. It is a huge business, and some of this hacking takes inside information. So I place some of the blame on blizzard for not having an internal investigation to find who has been paid by the gold famers.
Sure folks are going to be hacked its going to happen, however folks getting hacked that have autehnticators there is some colusion gong on and its folks working for blizzard.
So yes some of its pure stupidity, some of it is folks not knowing enough how to keep their computer secured. However there is some things that point directly at blizzard and why they dont take internal action is beyond me.
I think the majority of you have your heads in the sand and just don't "want to believe" that Blizz security could be vulnerable and likely is. Time will hopefully tell the true store.
Cause they are stupid noobs. If you want an example just read the steam forums daily and you will find plenty of retards who fall for obvious scams like freesteamgames.tk and gladly type there account name and password in. Also for people who claim they actualy know what they are doing and how it is not there fault they got hacked but it usualy is there fault since they use the same username and password for every forum they troll on so they are bound to get there account stolen.
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
I don't get this. This my sound elitist, but you have to be a PC security doofus to get your PC infected through a lua script addon.
My account was breached and hijacked immediately after I switched it to a battle.net account. I'm an Information Systems Security specialist, and my network is locked down tight. Of course no system is unbreachable, however I could not identify a vulnerability on my end that would allow something like that to occur.
My account was breached and hijacked immediately after I switched it to a battle.net account. I'm an Information Systems Security specialist, and my network is locked down tight. Of course no system is unbreachable, however I could not identify a vulnerability on my end that would allow something like that to occur.
Do you have realID friends?
My feeling is that somehow the account hijackers get access to just the email addresses used as logins for battle.net and then they brute force or acquire the passwords in some other way.
what did you think would happen when people were forced to use their e-mail instead of their obnoxiousy long and complex usernames.
of course now mine has an obnoxiously long complex email associated with it under a little known provider, but it's still an e-mail and e-mail are still easy as hell to acquire.
My account was breached and hijacked immediately after I switched it to a battle.net account. I'm an Information Systems Security specialist, and my network is locked down tight. Of course no system is unbreachable, however I could not identify a vulnerability on my end that would allow something like that to occur.
Do you have realID friends?
My feeling is that somehow the account hijackers get access to just the email addresses used as logins for battle.net and then they brute force or acquire the passwords in some other way.
I doubt they brute force hack accounts, the dozen of dollars it might get them doesn't seem worth it . There are more valuable things you can bruteforce hack .
Fere libenter homines id quod volunt credunt. Among those who dislike oppression are many who like to oppress.
My account was breached and hijacked immediately after I switched it to a battle.net account. I'm an Information Systems Security specialist, and my network is locked down tight. Of course no system is unbreachable, however I could not identify a vulnerability on my end that would allow something like that to occur.
Do you have realID friends?
My feeling is that somehow the account hijackers get access to just the email addresses used as logins for battle.net and then they brute force or acquire the passwords in some other way.
I doubt they brute force hack accounts, the dozen of dollars it might get them doesn't seem worth it . There are more valuable things you can bruteforce hack .
There are also more lucrative online criminal enterprises than gold farming/account power leveling. Yet these organizations still do this, since its relatively risk free.
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
I don't get this. This my sound elitist, but you have to be a PC security doofus to get your PC infected through a lua script addon.
I find it odd that people would rather say something rude and then say "no offense meant" rather than just refraining from giving offence in the first place.
You do not have to be pc doofus to get a virus through an infected zip or exe file, or a malicious java of shockwave advert on a website. You just have to be trusting and/or not keep your computer security up to date and/or use a crap browser like IE. One thing to remember is that a large part of Wows audience doesn't fit into the uber savvy computer genius category. Kids, Grandmas, etc. There was a big stink over a malicous virus spreading advert on this very website about a year ago and one of the sites own contributors, Jaime Skelton fell for an email phishing scam not long ago, and I certainly wouldn't consider her to be an internet doofus.
That said, I do not believe there is a massive conspiracy behind peoples accounts being hacked. I feel it is down to the hardest to plug security leak for every computer, the one between the chair and the keyboard. The main thing I see people claim is that their accounts weren't even active. I wonder how many of those people tried private wow servers during their hiatus from the pay for play game? I did a study on private wow servers a few months ago and low and behold the email accounts I created to make server accounts get about 10 phishing emails a day if not more, yet my real wow account, the one that is linked to my battlenet account, gets ZERO.
I am up in the air about claims that wow accounts can be brute force hacked. I admit it seems somewhat feasible but it seems that if such a thing were that easy (take a quick web search you will find tons of helpful tutorials and downloads on how to brute force, WARNING: so far all the ones I've seen are actually confidence phishing scams themselves) the amount of hacked wow accounts would be far greater than what we are seeing.
"Gypsies, tramps, and thieves, we were called by the Admin of the site . . . "
Everyone in my small town has gotten hacked, except for me. Why people get hacked is a number of reasons. Mostly because wow is a good way to earn money since its the only game that actually has people buying accounts, and lots of them.
So all from keyloggers, to hackers tracking down level 80s. The main reason is the population. With so many people and most dont have / use their iphone's for the blizzard authenticator. Is the main reason for their accounts being hacked. When i played wow i never got hacked, i have used blizz authenticator since it came out. No one can get passed it.
Last but not least, always use a random password that has no meaning whatsoever. Thus you have maxed out your chances.
Almost every post here claiming that only idiots are getting hacked are from people who aren't playing WoW, or haven't converted to using battle.net. Coincidence?
Blizzard has a security problem. I'm a veteran of 10+ MMORPGs and a LOT of other online things - the only time I've ever been hacked was this Spring when my months-inactive WoW account was suddenly suspended for ilicit activity. The last time I had played was a few times last Fall when there was a free 10-day promo offer for the new expansion. And guess what else? I had to convert my account to battle.net. Hmmm.
I'm a software developer, been on the Net since the '80's, am running M$'s virus scanning tools, check my system for with HijackThis and other tools all the time, bla bla bla; I'm no security wizard, but I know what I'm doing, in general. It's unlikely that I got phished or trojaned.
I know a few people in RL who play the game, and almost ALL of them have had their accounts hijacked at some point. They're all using the hardware-based thing the Blizz offers now, as they are convinced that there's someone inside of Blizzard leaking this info, and therefore the only way to truly secure your account there is to have a constantly changing password.
I'm inclined to agree with a previous poster who said that those of you blindly thinking that Blizzard can do no wrong because of the size of their operation really have your heads in the sand here. They have a problem in their operation somewhere, and they really need to get a handle on it before it gets more publicity than threads like this are providing.
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
I don't get this. This my sound elitist, but you have to be a PC security doofus to get your PC infected through a lua script addon.
You do not have to be pc doofus to get a virus through an infected zip or exe file, or a malicious java of shockwave advert on a website. You just have to be trusting and/or not keep your computer security up to date and/or use a crap browser like IE. One thing to remember is that a large part of Wows audience doesn't fit into the uber savvy computer genius category. Kids, Grandmas, etc. There was a big stink over a malicous virus spreading advert on this very website about a year ago and one of the sites own contributors, Jaime Skelton fell for an email phishing scam not long ago, and I certainly wouldn't consider her to be an internet doofus.
I don't think its offending to call someone a doofus. I am, for example, a complete doofus when it comes to doing anything hands on, like assembling a shelf bought from IKEA or doing some general DIY maintenance. I'm not ashamed to admit this, since that stuff doesn't really interest me. The same goes for most PC users, when security is concerned.
I do think that 'being trusting', 'not keeping your computer security upt to date' and 'using a crap browser like IE' makes someone a PC doofus, or dummy. I also think Jaime Skelton is a doofus for falling for that mail, and I think she would agree as well. This does not reflect on the intelligence or other capabilities of the person, as PC maintenance and security is not exactly rocket science, its all a matter of interest. Also we are all human and isolated incidents do happen. I can recall a nearly infinte amount of incidents where I have been a complete doofus or ass.
Why I brought up the doofus card, is that as an addon developer myself, I am sick and tired of people blaming addons for account security breaches. The lua addons that WoW uses are extremely secure, the addons that interface with the game itself can not compromise your account information. The reason why people get infected 'through addons' is general PC usage tomfoolery. They either download an infected .zip archive or 'self extractor' or use third party programs to manage their addons that are infected.
Players do not get HACKED, they get PHISHED. The majority of all "hacking cases" are account phishers or people who click on malicious links who pose as blizzard or other entities that contain keyloggers which record info when typed.
This. I love how people throw this word around so often when they have no clue what it actually means.
Because people are stupid. They click everything. Create accounts everywhere. Open every email. Give passwords to friends. Download from very shady people and places. And they get a keylogger. And don't just think keyloggers can still your wow password. They steal every keystroke you make. You are sending out all your passwords. People just need to practice common sense computing.
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
I've been hacked and my account has continued to be hacked since Blizzard supposedly took care of it, since 5 months ago. I don't play anymore, and won't return because of this. I used to think that people who are getting hacked must be visiting unsafe sites or buying gold. But then my friend got hacked, and he doesn't visit unsafe sites or buy gold. Then 3 months later, I got hacked. I used some add-ons, that were downloaded off of Curse, and were required by any raiding guild to raid, so it's either that or something else.
Players do not get HACKED, they get PHISHED. The majority of all "hacking cases" are account phishers or people who click on malicious links who pose as blizzard or other entities that contain keyloggers which record info when typed.
Originally posted by nate1980 Originally posted by mrcalhou Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
I've been hacked and my account has continued to be hacked since Blizzard supposedly took care of it, since 5 months ago. I don't play anymore, and won't return because of this. I used to think that people who are getting hacked must be visiting unsafe sites or buying gold. But then my friend got hacked, and he doesn't visit unsafe sites or buy gold. Then 3 months later, I got hacked. I used some add-ons, that were downloaded off of Curse, and were required by any raiding guild to raid, so it's either that or something else.
I do visit unsafe sites. I pirate. I have bought gold. I do all the typically nefarious online activities one can do. And I run a ton of addons, mostly from curse. But I also can spot scams, phising emails, don't play stupid facebook games or sign up on every website. And I have an authenticator. Never been hacked. Never had a virus. I do scan regularly. Getting hacked goes beyond game related activities such as buying gold. You'd be surprised how many people still use limewire for downloading stuff. Or how viruses can send out emails from you and attach a file to it so all your contacts believe it really is you and open that attachment.
In the UK papers today it was reported that the MOD(Ministry of Defence) staff lost or had stolen 340 laptops in the past two years! As well as 593 CDs DvDs and floppy disks, 96 Harddrives, 215 USB memory sticks and 13 mobiles. Of which only 1 in 5 had encrypted data.
This is a National defence minstry not even Blizzard, so one wonders.
After I got hacked (never gave my details via a phising webpage, I work in the IT industry so I know what to look for), I bought an authenticator and not been hacked again since (touch wood).
However, a friend of mine who knew I got hacked didn't bother buying an authenticator at the time, and now wished he had.
In short my advice is:
Always be wary of ANY emails that look to be genuinely sent by MMO companies. Just because the email address looks genuine, it can still be a fake email.
NEVER, click on any links in emails. Especially ones that ask you to click them to visit the accounts section of that website. Always visit the MMO companies website manually (i.e. type their address into your web browser and go to the accounts section).
If the email requests your password and login details via email: ITS A FAKE. No MMO company should need to ask for your login details. They have their own ways to get into your account, they don't need such details.
If it is offered: BUY an authenticator. Yes, it is a small annoyance for having to use it every time to log into the game, but the cost of the authenticator (Blizzard sells WoW authenticators for about £5) is far outweighed by the annoyance of having to wait a few weeks to get your stuff back, whilst having to change your email account and password because you've been hacked.
Don't use the same login name and password as your main email accounts.
NEVER use your main email account for an MMO. Setup a separate one with a password that differs to the password you use for the game. That way if they manage to get your email address, all they'll see in your account is a few notifications from Blizzard and phishing emails.
If it looks "too good to be true", then in all likelihood, it is. Never automatically believe any emails that say you've been picked for the Beta of an MMO expansion or that you are special enough that you've won a prize. Check directly with the MMO company. Don't click any link in the email until you know the information is genuine.
Keep the use of "addons" to a minimum. Only install addons that have been proven to be hacker-free.
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
Aside from 3rd party add-on's, there is something called Natural Selection!
Couple reasons why. They get their PC infected by a keylogger by downloading or browsing something unsafe. They log on to their WoW account on friends computers which are infected. They use their Battle.net email for fansites and social networking. This is a big one. I get fake emails all the time telling me I have been suspended or hacked etc. Just don't open them. I don't open any blizzard emails at all.
Couple reasons why. They get their PC infected by a keylogger by downloading or browsing something unsafe. They log on to their WoW account on friends computers which are infected. They use their Battle.net email for fansites and social networking. This is a big one. I get fake emails all the time telling me I have been suspended or hacked etc. Just don't open them. I don't open any blizzard emails at all.
Agreed. I get the fake emails at least once every other day to my old email account that I used to use for MMO's. That's why I know they're fake, because the MMO's don't have that address as a point of contact for me anymore.
Personally, I think all MMO dev companies should make a policy (and shout about it on their sites) that their genuine emails will never contain links to the site, thus forcing people to manually type in the site address. Therefore, any emails that "look" to be genuine but contain hyperlinks will be obvious that they are fakes. That to me would be just one way to help with the situation.
Comments
I think a lot of the hacks happened do to scam emails. They look real for the most part. I get 2 sometimes 3 a week and I have not played wow since 2008. I got one the other day saying my account had been banned and I had to go click on this link if I wanted the ban removed, I was like you want to ban an account I not played in 2 years lol go ahead.
Honestly the email looked real but I ran a traceback, and it went to somebody using a hotmail account. I actually traced it back to hong kong on the route.
Now lets talk about why and what is going on. I think beyond a dought, that there are folks working at blizard that are compromizing the accounts and giving account information away. It is a huge business, and some of this hacking takes inside information. So I place some of the blame on blizzard for not having an internal investigation to find who has been paid by the gold famers.
Sure folks are going to be hacked its going to happen, however folks getting hacked that have autehnticators there is some colusion gong on and its folks working for blizzard.
So yes some of its pure stupidity, some of it is folks not knowing enough how to keep their computer secured. However there is some things that point directly at blizzard and why they dont take internal action is beyond me.
I think the majority of you have your heads in the sand and just don't "want to believe" that Blizz security could be vulnerable and likely is. Time will hopefully tell the true store.
Cause they are stupid noobs. If you want an example just read the steam forums daily and you will find plenty of retards who fall for obvious scams like freesteamgames.tk and gladly type there account name and password in. Also for people who claim they actualy know what they are doing and how it is not there fault they got hacked but it usualy is there fault since they use the same username and password for every forum they troll on so they are bound to get there account stolen.
I don't get this. This my sound elitist, but you have to be a PC security doofus to get your PC infected through a lua script addon.
My account was breached and hijacked immediately after I switched it to a battle.net account. I'm an Information Systems Security specialist, and my network is locked down tight. Of course no system is unbreachable, however I could not identify a vulnerability on my end that would allow something like that to occur.
Do you have realID friends?
My feeling is that somehow the account hijackers get access to just the email addresses used as logins for battle.net and then they brute force or acquire the passwords in some other way.
what did you think would happen when people were forced to use their e-mail instead of their obnoxiousy long and complex usernames.
of course now mine has an obnoxiously long complex email associated with it under a little known provider, but it's still an e-mail and e-mail are still easy as hell to acquire.
I doubt they brute force hack accounts, the dozen of dollars it might get them doesn't seem worth it . There are more valuable things you can bruteforce hack .
Fere libenter homines id quod volunt credunt.
Among those who dislike oppression are many who like to oppress.
There are also more lucrative online criminal enterprises than gold farming/account power leveling. Yet these organizations still do this, since its relatively risk free.
I find it odd that people would rather say something rude and then say "no offense meant" rather than just refraining from giving offence in the first place.
You do not have to be pc doofus to get a virus through an infected zip or exe file, or a malicious java of shockwave advert on a website. You just have to be trusting and/or not keep your computer security up to date and/or use a crap browser like IE. One thing to remember is that a large part of Wows audience doesn't fit into the uber savvy computer genius category. Kids, Grandmas, etc. There was a big stink over a malicous virus spreading advert on this very website about a year ago and one of the sites own contributors, Jaime Skelton fell for an email phishing scam not long ago, and I certainly wouldn't consider her to be an internet doofus.
That said, I do not believe there is a massive conspiracy behind peoples accounts being hacked. I feel it is down to the hardest to plug security leak for every computer, the one between the chair and the keyboard. The main thing I see people claim is that their accounts weren't even active. I wonder how many of those people tried private wow servers during their hiatus from the pay for play game? I did a study on private wow servers a few months ago and low and behold the email accounts I created to make server accounts get about 10 phishing emails a day if not more, yet my real wow account, the one that is linked to my battlenet account, gets ZERO.
I am up in the air about claims that wow accounts can be brute force hacked. I admit it seems somewhat feasible but it seems that if such a thing were that easy (take a quick web search you will find tons of helpful tutorials and downloads on how to brute force, WARNING: so far all the ones I've seen are actually confidence phishing scams themselves) the amount of hacked wow accounts would be far greater than what we are seeing.
"Gypsies, tramps, and thieves, we were called by the Admin of the site . . . "
Everyone in my small town has gotten hacked, except for me. Why people get hacked is a number of reasons. Mostly because wow is a good way to earn money since its the only game that actually has people buying accounts, and lots of them.
So all from keyloggers, to hackers tracking down level 80s. The main reason is the population. With so many people and most dont have / use their iphone's for the blizzard authenticator. Is the main reason for their accounts being hacked. When i played wow i never got hacked, i have used blizz authenticator since it came out. No one can get passed it.
Last but not least, always use a random password that has no meaning whatsoever. Thus you have maxed out your chances.
Why do so many WoW accounts get hacked?
Same reason why so many virus and malicious programs are written for Windows.
Biggest fish in the pond get the most people after it.
Almost every post here claiming that only idiots are getting hacked are from people who aren't playing WoW, or haven't converted to using battle.net. Coincidence?
Blizzard has a security problem. I'm a veteran of 10+ MMORPGs and a LOT of other online things - the only time I've ever been hacked was this Spring when my months-inactive WoW account was suddenly suspended for ilicit activity. The last time I had played was a few times last Fall when there was a free 10-day promo offer for the new expansion. And guess what else? I had to convert my account to battle.net. Hmmm.
I'm a software developer, been on the Net since the '80's, am running M$'s virus scanning tools, check my system for with HijackThis and other tools all the time, bla bla bla; I'm no security wizard, but I know what I'm doing, in general. It's unlikely that I got phished or trojaned.
I know a few people in RL who play the game, and almost ALL of them have had their accounts hijacked at some point. They're all using the hardware-based thing the Blizz offers now, as they are convinced that there's someone inside of Blizzard leaking this info, and therefore the only way to truly secure your account there is to have a constantly changing password.
I'm inclined to agree with a previous poster who said that those of you blindly thinking that Blizzard can do no wrong because of the size of their operation really have your heads in the sand here. They have a problem in their operation somewhere, and they really need to get a handle on it before it gets more publicity than threads like this are providing.
I don't think its offending to call someone a doofus. I am, for example, a complete doofus when it comes to doing anything hands on, like assembling a shelf bought from IKEA or doing some general DIY maintenance. I'm not ashamed to admit this, since that stuff doesn't really interest me. The same goes for most PC users, when security is concerned.
I do think that 'being trusting', 'not keeping your computer security upt to date' and 'using a crap browser like IE' makes someone a PC doofus, or dummy. I also think Jaime Skelton is a doofus for falling for that mail, and I think she would agree as well. This does not reflect on the intelligence or other capabilities of the person, as PC maintenance and security is not exactly rocket science, its all a matter of interest. Also we are all human and isolated incidents do happen. I can recall a nearly infinte amount of incidents where I have been a complete doofus or ass.
Why I brought up the doofus card, is that as an addon developer myself, I am sick and tired of people blaming addons for account security breaches. The lua addons that WoW uses are extremely secure, the addons that interface with the game itself can not compromise your account information. The reason why people get infected 'through addons' is general PC usage tomfoolery. They either download an infected .zip archive or 'self extractor' or use third party programs to manage their addons that are infected.
This. I love how people throw this word around so often when they have no clue what it actually means.
Because people are stupid. They click everything. Create accounts everywhere. Open every email. Give passwords to friends. Download from very shady people and places. And they get a keylogger. And don't just think keyloggers can still your wow password. They steal every keystroke you make. You are sending out all your passwords. People just need to practice common sense computing.
Tribes 2 is back!!!! http://www.tribesnext.com/
And from the makers of tribes: Fallen Empire: Legions http://www.instantaction.com/
I've been hacked and my account has continued to be hacked since Blizzard supposedly took care of it, since 5 months ago. I don't play anymore, and won't return because of this. I used to think that people who are getting hacked must be visiting unsafe sites or buying gold. But then my friend got hacked, and he doesn't visit unsafe sites or buy gold. Then 3 months later, I got hacked. I used some add-ons, that were downloaded off of Curse, and were required by any raiding guild to raid, so it's either that or something else.
^^ This.
I've been hacked and my account has continued to be hacked since Blizzard supposedly took care of it, since 5 months ago. I don't play anymore, and won't return because of this. I used to think that people who are getting hacked must be visiting unsafe sites or buying gold. But then my friend got hacked, and he doesn't visit unsafe sites or buy gold. Then 3 months later, I got hacked. I used some add-ons, that were downloaded off of Curse, and were required by any raiding guild to raid, so it's either that or something else.
I do visit unsafe sites. I pirate. I have bought gold. I do all the typically nefarious online activities one can do. And I run a ton of addons, mostly from curse. But I also can spot scams, phising emails, don't play stupid facebook games or sign up on every website. And I have an authenticator. Never been hacked. Never had a virus. I do scan regularly.
Getting hacked goes beyond game related activities such as buying gold. You'd be surprised how many people still use limewire for downloading stuff. Or how viruses can send out emails from you and attach a file to it so all your contacts believe it really is you and open that attachment.
Tribes 2 is back!!!! http://www.tribesnext.com/
And from the makers of tribes: Fallen Empire: Legions http://www.instantaction.com/
In the UK papers today it was reported that the MOD(Ministry of Defence) staff lost or had stolen 340 laptops in the past two years! As well as 593 CDs DvDs and floppy disks, 96 Harddrives, 215 USB memory sticks and 13 mobiles. Of which only 1 in 5 had encrypted data.
This is a National defence minstry not even Blizzard, so one wonders.
After I got hacked (never gave my details via a phising webpage, I work in the IT industry so I know what to look for), I bought an authenticator and not been hacked again since (touch wood).
However, a friend of mine who knew I got hacked didn't bother buying an authenticator at the time, and now wished he had.
In short my advice is:
Always be wary of ANY emails that look to be genuinely sent by MMO companies. Just because the email address looks genuine, it can still be a fake email.
NEVER, click on any links in emails. Especially ones that ask you to click them to visit the accounts section of that website. Always visit the MMO companies website manually (i.e. type their address into your web browser and go to the accounts section).
If the email requests your password and login details via email: ITS A FAKE. No MMO company should need to ask for your login details. They have their own ways to get into your account, they don't need such details.
If it is offered: BUY an authenticator. Yes, it is a small annoyance for having to use it every time to log into the game, but the cost of the authenticator (Blizzard sells WoW authenticators for about £5) is far outweighed by the annoyance of having to wait a few weeks to get your stuff back, whilst having to change your email account and password because you've been hacked.
Don't use the same login name and password as your main email accounts.
NEVER use your main email account for an MMO. Setup a separate one with a password that differs to the password you use for the game. That way if they manage to get your email address, all they'll see in your account is a few notifications from Blizzard and phishing emails.
If it looks "too good to be true", then in all likelihood, it is. Never automatically believe any emails that say you've been picked for the Beta of an MMO expansion or that you are special enough that you've won a prize. Check directly with the MMO company. Don't click any link in the email until you know the information is genuine.
Keep the use of "addons" to a minimum. Only install addons that have been proven to be hacker-free.
Top 10 Most Misused Words in MMO's
Aside from 3rd party add-on's, there is something called Natural Selection!
Couple reasons why. They get their PC infected by a keylogger by downloading or browsing something unsafe. They log on to their WoW account on friends computers which are infected. They use their Battle.net email for fansites and social networking. This is a big one. I get fake emails all the time telling me I have been suspended or hacked etc. Just don't open them. I don't open any blizzard emails at all.
Agreed. I get the fake emails at least once every other day to my old email account that I used to use for MMO's. That's why I know they're fake, because the MMO's don't have that address as a point of contact for me anymore.
Personally, I think all MMO dev companies should make a policy (and shout about it on their sites) that their genuine emails will never contain links to the site, thus forcing people to manually type in the site address. Therefore, any emails that "look" to be genuine but contain hyperlinks will be obvious that they are fakes. That to me would be just one way to help with the situation.
Top 10 Most Misused Words in MMO's