My WoW account got hacked a few months back and I still have no idea why. Was playing one day got booted off and couldnt get back on, couldn't even use the automated account recovery thing because they had changed my email address.
First thing I did was run 3 different virus/malware scanners , found nothing.
Doesn't mean there was nothing there. New infections are released every day and many have not been seen yet by ANY security company. It also may have deleted itself once it mined the information it needed. Many password stealers will do this after running.
True
I received 0 phishing emails or any emails at all from blizzard prior to getting hacked.
I never used addons that use an exe.
Any program you download can potentially come bundled with online game password stealers. I work in the security software industry and I can tell you that they are one of the very most common threats.
I don't download pirated software, or use any software of questionable use, before I even install anythign I havn't heared of I run searches to see if it comes bundled with spyware. While it doesnt meen much there in of itself, my wow acount is the only thing I have ever had compromized in the 15 years I've been using the net
I never install odd browser extensions/plugins. I keep flash up to date
Do you use Internet Explorer? If so, it might not matter which browser extensions or plugins you have. IE has more well-known security holes than any other browser and almost all exploits are designed for it. I would recommend using Chrome, Firefox or Safari instead.
Haven't used IE in a long time, Firefox+adblock
when I called phone support I could not reach them as their phone lines had reached their maximum capacity. Had to use email support to get account back which took 5 days and still couldn't play as the 'hackers' added a mobile authenticator to the account. still couldn't contact phone support another round of emails took a few days to get the authenticator off.
This is only because Blizzard has so many customers to deal with and their support department may not be able to accomidate their customer base... especially when many of them need complicated account restorations.
Im more inclined to believe it was a problem on blizzards end as the 'hackers' changed my email address, and blizzard had gotten a mass amount of calls the same time my account got compromised. I realize its possible it was on my end so I did reformat my computer and made a new email address and all that, as well as ordered an authenticator.
It is EXTREMELY unlikely that the security breach was on Blizzard's end. First of all, they have industry-leading security measures in place to protect their servers. Only the most talented hackers would be able to penetrate their databases. Secondly, the account information stored on these servers is ENCRYPTED. Even if hackers were able to somehow gain access to the data, it would be incredibly difficult to decrypt and read it. Most people with these kinds of skills are busy hacking governments or corporations... they don't usually tend to care about video games.
Yea servers have never gotten hacked like ever! /sarcasm.
Ended up canceling my account altogether when they reviled their 'RealID' plans as it shows they don't care about internet security, even after they changed their mind about the realid forums, I still don't trust them with my credit card info
That is your prerogative of course. You can believe whatever you want to believe if it makes you happy. But you are wrong about them breaching your information. I guarantee you it was something you did/did not do to make yourself vulnerable.
I don't think they did anything intentionaly, but when a company goes "Hey were going to give out your personal info to everyone!" I don't trust that the people in charge are listening to their security people
Well I will say that I have never been hacked in any MMO. I attribute that to using common sense and just being generally careful about everything I do. If Blizzard's servers really were the ones getting hacked and leaking information, I would think my account would have been compromised at least once since 2004...
I only had a trial account for WoW about a year ago, i wasn't hacked personally but i can tell you that my account is continuously being hacked as i get emails from BLIZZARD not phishin mails as they are merely informing that my account details have changed. therefore this is a clear indication that it is BLIZZARD's account systems that are being hacked and not always the individual themselves. If you (excuse the term) "fanboi's" want to blast people for bringing up legitimate issues then your wearing beer goggles, i mean come on, USE YOUR BRAINS.. everyone and everything is NEVER foolproof. including your beloved Blizzard..
*EDIT*
I'd also like to add that out of the 9 sub paying MMO's i've played over the years and the 4 trial accounts i've made for others, ONLY my WoW account is being hacked. Wake up and smell the roses, if you love your game so much then get a petition going on your official forums for Blizzard to get off their lazy butts and do something.
I only had a trial account for WoW about a year ago, i wasn't hacked personally but i can tell you that my account is continuously being hacked as i get emails from BLIZZARD not phishin mails as they are merely informing that my account details have changed. therefore this is a clear indication that it is BLIZZARD's account systems that are being hacked and not always the individual themselves. If you (excuse the term) "fanboi's" want to blast people for bringing up legitimate issues then your wearing beer goggles, i mean come on, USE YOUR BRAINS.. everyone and everything is NEVER foolproof. including your beloved Blizzard..
Why would someone hack a trial account? As for Blizz, your account was closed long ago (if it was trial) and they would not be sending you emails....
So.....if you are getting emails, they are probably phishing emails.
I get phishing emails all the time on an email account that has never played WOW.
I only had a trial account for WoW about a year ago, i wasn't hacked personally but i can tell you that my account is continuously being hacked as i get emails from BLIZZARD not phishin mails as they are merely informing that my account details have changed. therefore this is a clear indication that it is BLIZZARD's account systems that are being hacked and not always the individual themselves. If you (excuse the term) "fanboi's" want to blast people for bringing up legitimate issues then your wearing beer goggles, i mean come on, USE YOUR BRAINS.. everyone and everything is NEVER foolproof. including your beloved Blizzard..
Why would someone hack a trial account? As for Blizz, your account was closed long ago (if it was trial) and they would not be sending you emails....
So.....if you are getting emails, they are probably phishing emails.
I get phishing emails all the time on an email account that has never played WOW.
Due to the simple logical thinking behind it, how does a hacker know the difference between full paid sub and trial account? i actually contacted Blizzard via email stated on their website under the contact us section (WoWaccountreviewEU@blizzard.com) and they told me the mails i was getting were legitimatly from their automated system and that they were aware of the situation regarding the content of the emails i was recieving, 3 months later and i'm still getting those emails. (take note that no details were asked for by them other than the email address registered with what used to be my trial account.)
I agree with you however that trial accounts should be closed if not upgraded to full accounts within a set timeframe however they obviously are not for some reason.
My WoW account got hacked a few months back and I still have no idea why. Was playing one day got booted off and couldnt get back on, couldn't even use the automated account recovery thing because they had changed my email address.
First thing I did was run 3 different virus/malware scanners , found nothing.
Doesn't mean there was nothing there. New infections are released every day and many have not been seen yet by ANY security company. It also may have deleted itself once it mined the information it needed. Many password stealers will do this after running.
True
I received 0 phishing emails or any emails at all from blizzard prior to getting hacked.
I never used addons that use an exe.
Any program you download can potentially come bundled with online game password stealers. I work in the security software industry and I can tell you that they are one of the very most common threats.
I don't download pirated software, or use any software of questionable use, before I even install anythign I havn't heared of I run searches to see if it comes bundled with spyware. While it doesnt meen much there in of itself, my wow acount is the only thing I have ever had compromized in the 15 years I've been using the net
I never install odd browser extensions/plugins. I keep flash up to date
Do you use Internet Explorer? If so, it might not matter which browser extensions or plugins you have. IE has more well-known security holes than any other browser and almost all exploits are designed for it. I would recommend using Chrome, Firefox or Safari instead.
Haven't used IE in a long time, Firefox+adblock
when I called phone support I could not reach them as their phone lines had reached their maximum capacity. Had to use email support to get account back which took 5 days and still couldn't play as the 'hackers' added a mobile authenticator to the account. still couldn't contact phone support another round of emails took a few days to get the authenticator off.
This is only because Blizzard has so many customers to deal with and their support department may not be able to accomidate their customer base... especially when many of them need complicated account restorations.
Im more inclined to believe it was a problem on blizzards end as the 'hackers' changed my email address, and blizzard had gotten a mass amount of calls the same time my account got compromised. I realize its possible it was on my end so I did reformat my computer and made a new email address and all that, as well as ordered an authenticator.
It is EXTREMELY unlikely that the security breach was on Blizzard's end. First of all, they have industry-leading security measures in place to protect their servers. Only the most talented hackers would be able to penetrate their databases. Secondly, the account information stored on these servers is ENCRYPTED. Even if hackers were able to somehow gain access to the data, it would be incredibly difficult to decrypt and read it. Most people with these kinds of skills are busy hacking governments or corporations... they don't usually tend to care about video games.
Yea servers have never gotten hacked like ever! /sarcasm.
Ended up canceling my account altogether when they reviled their 'RealID' plans as it shows they don't care about internet security, even after they changed their mind about the realid forums, I still don't trust them with my credit card info
That is your prerogative of course. You can believe whatever you want to believe if it makes you happy. But you are wrong about them breaching your information. I guarantee you it was something you did/did not do to make yourself vulnerable.
I don't think they did anything intentionaly, but when a company goes "Hey were going to give out your personal info to everyone!" I don't trust that the people in charge are listening to their security people
I don't see why people are so hung up on personal information. You do understand that regardless if they use RealID or not that your personal information is already freely on the internet and open to just about anything.
It's funny how people complain about blizzard using RealID yet when the SS Department was hacked and over 20 million peoples Names, Addresses, Phone Numbers, SS numbers flooded the internet, noone here complained about that. When CC companys are continuely hacked and your name and address makes it onto the internet or the black market (this happens more then anyone cares to admit) noone here is complaining about that.
You don't complain when you can take a IP address and easily pin it to someones name and location via a reverse ip lookup.
I just find it very funny that people think that there information is so private and protected. If you use the internet, your information is now out there for anyone to find and use. Privacy is something that was lost over 10 years ago.
As far as Blizzard's servers being hacked. I find it very hard to see that happening. It's not impossible, but I imagine Blizzard's servers are by far more secure then your CC companys servers or your local banks servers.
My WoW account got hacked a few months back and I still have no idea why. Was playing one day got booted off and couldnt get back on, couldn't even use the automated account recovery thing because they had changed my email address.
First thing I did was run 3 different virus/malware scanners , found nothing.
Doesn't mean there was nothing there. New infections are released every day and many have not been seen yet by ANY security company. It also may have deleted itself once it mined the information it needed. Many password stealers will do this after running.
True
I received 0 phishing emails or any emails at all from blizzard prior to getting hacked.
I never used addons that use an exe.
Any program you download can potentially come bundled with online game password stealers. I work in the security software industry and I can tell you that they are one of the very most common threats.
I don't download pirated software, or use any software of questionable use, before I even install anythign I havn't heared of I run searches to see if it comes bundled with spyware. While it doesnt meen much there in of itself, my wow acount is the only thing I have ever had compromized in the 15 years I've been using the net
I never install odd browser extensions/plugins. I keep flash up to date
Do you use Internet Explorer? If so, it might not matter which browser extensions or plugins you have. IE has more well-known security holes than any other browser and almost all exploits are designed for it. I would recommend using Chrome, Firefox or Safari instead.
Haven't used IE in a long time, Firefox+adblock
when I called phone support I could not reach them as their phone lines had reached their maximum capacity. Had to use email support to get account back which took 5 days and still couldn't play as the 'hackers' added a mobile authenticator to the account. still couldn't contact phone support another round of emails took a few days to get the authenticator off.
This is only because Blizzard has so many customers to deal with and their support department may not be able to accomidate their customer base... especially when many of them need complicated account restorations.
Im more inclined to believe it was a problem on blizzards end as the 'hackers' changed my email address, and blizzard had gotten a mass amount of calls the same time my account got compromised. I realize its possible it was on my end so I did reformat my computer and made a new email address and all that, as well as ordered an authenticator.
It is EXTREMELY unlikely that the security breach was on Blizzard's end. First of all, they have industry-leading security measures in place to protect their servers. Only the most talented hackers would be able to penetrate their databases. Secondly, the account information stored on these servers is ENCRYPTED. Even if hackers were able to somehow gain access to the data, it would be incredibly difficult to decrypt and read it. Most people with these kinds of skills are busy hacking governments or corporations... they don't usually tend to care about video games.
Yea servers have never gotten hacked like ever! /sarcasm.
Ended up canceling my account altogether when they reviled their 'RealID' plans as it shows they don't care about internet security, even after they changed their mind about the realid forums, I still don't trust them with my credit card info
That is your prerogative of course. You can believe whatever you want to believe if it makes you happy. But you are wrong about them breaching your information. I guarantee you it was something you did/did not do to make yourself vulnerable.
I don't think they did anything intentionaly, but when a company goes "Hey were going to give out your personal info to everyone!" I don't trust that the people in charge are listening to their security people
I don't see why people are so hung up on personal information. You do understand that regardless if they use RealID or not that your personal information is already freely on the internet and open to just about anything.
It's funny how people complain about blizzard using RealID yet when the SS Department was hacked and over 20 million peoples Names, Addresses, Phone Numbers, SS numbers flooded the internet, noone here complained about that. When CC companys are continuely hacked and your name and address makes it onto the internet or the black market (this happens more then anyone cares to admit) noone here is complaining about that.
You don't complain when you can take a IP address and easily pin it to someones name and location via a reverse ip lookup.
I just find it very funny that people think that there information is so private and protected. If you use the internet, your information is now out there for anyone to find and use. Privacy is something that was lost over 10 years ago.
As far as Blizzard's servers being hacked. I find it very hard to see that happening. It's not impossible, but I imagine Blizzard's servers are by far more secure then your CC companys servers or your local banks servers.
What makes you think a game companies servers are more secure than banking or other servers? banks have a lot more to lose should peoples details be stolen, a game company only has to protect the personal information and account holders login details (just in case the person who posted on another thread is here YES they are responcible for these details on their system as it's in the Data protection act).
All anyone has to do is look over threads from 2 years ago to present date in official forums as well as here and other community sites and you'll notice the trend, possibly 0-5 mentions of being hacked from all other game companies/games and a whopping 1,000+ mentioned for Blizzards WoW. it's a simple thing to work out, Blizzard has security issues for their account database, it's not a get at the game or the company in general for those of you defending it blindly. It's simple to fix the issue if enough of you who play the game actually mention it to blizzard, with enough politely worded notifications about it i'm sure they'll fix things if they care as much as some people swear they do.
I would say 75% of the hackings come from account sharing and another 10% from trojans, either through email or addons. But I'm pretty sure there's something going on with the backend of Battlenet.
My friend received an email a couple of days ago telling him that someone had changed his password - the classic precursor to logging on and finding your account hacked. Except of course his account has been inactive for over 6 months. So unless the hacker has paid for a months subs as part of the hack you could say it's a Battlenet issue.
I was also hacked about 4 months ago. No one knew my log in and the user and password were unique to WoW. I don't have email on the pc I play WoW on and have full antivirus, software firewall and hardware firewall. I also play LOTRO on a lifetime sub on this pc yet that account was totally untouched.
Virus scans have found no trace of a trojan on my rig. The only browsing I do is online banking. No attempt has been made to access my banking which is worth a damn sight more than a few virtual items. So it's not as clear cut as Blizzard claimed it was when I phoned them to report it. They insisted the problem was at my end - which you'd expect them to for liabilitiy issues. (btw Other than that they were great and restored everything within 90 mins).
But looking back on it now I'm 99.99% positive it's a Blizzard issue. I received the email telling me that my password had been changed and at first I though 'Oh crap hacked!'. Then I thought how the hell? In order to change my password without administrator access to Battlenet you would need to know my secret question and answer. It's one thing to steal a user and pass and log in with it but entirely another to know details that haven't been typed in for years.They are also uniuqe to WoW and I haven't had to enter them since I created the account in 2005.
The only possibilities behind my hacking and that of my friend are either a rogue CS employee at Blizzard, harvesting items and gold from accounts, or their backend security has more holes than a Swiss cheese.
They are hardly likely to admit either so there are only 2 options open to you. Either get an authenticator for free on your phone or send off for it or cancel you accoutn and walk way. I downloaded the authenticator but I was sorely tempted to take option 2.
_________________________________________ You can walk the walk but can you talk the talk?
The last time I played wow was in wow classic, just after they added the new honor system that, where you could just grind honor all day for topnotch pvp gear, instead of trying to hit grandmarshal.
About half a year ago I recieved a email from blizz saying I needed to switch my account to bnet, So I did.
Just a few days ago, I went to check up on my old wow account. "This account has been temporarily suspended". Been waiting on a reply from blizzard forever now (I would think with the billions of dollars they got it wouldnt take 5 days to figure out why my account has been closed).
Needless to say, I did research. Chances are my account was hacked, so blizz closed the account (instead of banning it).
I always been pretty good about never being hacked, actually I guess this makes it the first time for me (if thats what happened).
I blame it on bnet, I dont care what anyone else says. There is definatlly some problems with bnet when they were doing the account transfers. Now the old email address I used to keep my wow account on, the one during the switch, recieves atleast 20 spams a day about my wow account. Even though I dont even have a wow account tied in with the emaill addy.
All the spam and everything started a few days after switching over my wow account to Bnet.
Not that I really care about my wow account, its just I see people saying how its Bnet fault, and I cannot agree more with them. To a certain degree, sometimes it is the players fault. But you gotta be blind not to see the trend with the bnet transfers and hacks.
I havent been on WOW or WOW's website or any addon sites in a year or more. Yesterday i went to Worldofwarcraft.com to check on my acct to make sure it hasnt been hacked recently since this big up roar of hacked accounts. I havent been, my account was still inactive and i checked to make sure it hasnt been payed for anytime within the last year as well... Then today i get an email....
World of Warcraft Account Password Verification?
Greetings! This is an automated notification regarding the recent change(s) made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website. *** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password we recommend you Login verify your password: https://www.battle.net/account/support/login-support.xml If you are unable to successfully verify your password. using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play. Regards, The World of Warcraft Support Team Blizzard Entertainment...
Something fishy bout that if you ask me. AVG says the link is Suspected Phishing Page. WOW's main site is the only place i have been that is affiliated with World of Warcraft.
Playing WoW yesterday, some random dude with "blizzard" or something similiar in his name whispers me, saying something like "Congratulations, you won the new ... flying mount. Go to this website and login to receive your moun: www.someadresswithworldofwarcraftinit.com".
And THAT's why people get hacked. Not because of Blizzard selling account data. Or because of super-duper hackers breaking into Blizzard's database on a daily basis. People get hacked because they believe stuff as I got whispered. Because they click on every link they get mailed saying WoW, because if they see a video saying "go to this website and download the hacks to pwn your friends" they do so, because they receive a mail saying "congratulations, you won cataclysm access, log in here", and so on and so on...
Or in short: they get hacked because they are naive. Very simple. No evil schemes by Blizzard. No dark complots. Nothing. Just naive people who don't know how to handle sensitive information.
I can't believe how anyone in all seriousness could assume that Blizzard sells account data to scam their own customers. That's just dumb beyond all measurements. It's probably still easier than saying "ok, my account got hacked, what did I do wrong and how do I not do it again" though.
Just to clear things up for the people who don't seem to get it.
You cannot get hacked by WoW addons.
Addons cannot access the internet.
Addons cannot access your hard drive.
Addons do not stay running after the WoW client exists.
Addons cannot read your key strokes.
Addons cannot interact with the operating system.
The WoW scripting system is quite secure these days and you don't need to worry about addons comprimising your account.
People always confuse addons with executables. Addons are scripts (you can read them) that only run inside the WoW client. Executables (like the curse client) are programs that run outside of WoW.
Playing WoW yesterday, some random dude with "blizzard" or something similiar in his name whispers me, saying something like "Congratulations, you won the new ... flying mount. Go to this website and login to receive your moun: www.someadresswithworldofwarcraftinit.com".
I see that working lol, you can tell people just about anything in a game and they will believe it. No joke.
When I played eq 1 classic, the days after launch. I had a gnome tinkerer and made a telescope, I told this person that the telescope was a 1 of a kind item and will never drop again. He traded me all the monks headbands and belts for a telescope that took me about 10minutes to make lol.Probablly took about a month to get all the headbands and belts. Plus I made around 4k p and during eq classic that was being rich.
Seriously I can see it now, " omg omg, I won the mount that mommy wouldn't buy for me!!!"
There's more to this than someone's actions. I've had numerous friends (and family) who discover that their year-old deactivated WoW account suddenly had the password changed on their battle.net account. This from people who never touched a single add-on, never touched a single scam email, or had a virus (some running on Macs). And yet, after a year of not playing WoW, their account password is changed, or we see them magically appear in WoW, character hopping. Some accounts were used merely to create trial accounts, others had their WoW subs renewed by the hackers.
This, IMO, goes beyond mere viruses or scams. I could likely see someone within Blizzard who scans for old accounts no longer played and sells the info to gold sellers / farmers.
I havent been on WOW or WOW's website or any addon sites in a year or more. Yesterday i went to Worldofwarcraft.com to check on my acct to make sure it hasnt been hacked recently since this big up roar of hacked accounts. I havent been, my account was still inactive and i checked to make sure it hasnt been payed for anytime within the last year as well... Then today i get an email....
World of Warcraft Account Password Verification?
Greetings!
This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
If you are unable to successfully verify your password.
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment...
Something fishy bout that if you ask me. AVG says the link is Suspected Phishing Page. WOW's main site is the only place i have been that is affiliated with World of Warcraft.
Regarding the highlighted sentence all i have to say is that isn't true anyway, It is the responsibility of the account holder to not share their information with anyone else and thats it as they don't have direct control over the server which holds said information. You'll find that it is the responsibilty of whoever controls the servers that hold the account details on that have to make sure it is secure and safe (DATA PROTECTION ACT 1998 - see links at bottom of this post for further info). To summerise it for those of you who don't bother with the links it states the following : The Data Protection Act requires anyone who handles personal information to comply with a number of important principles. It also gives individuals rights over their personal information.
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
I havent been on WOW or WOW's website or any addon sites in a year or more. Yesterday i went to Worldofwarcraft.com to check on my acct to make sure it hasnt been hacked recently since this big up roar of hacked accounts. I havent been, my account was still inactive and i checked to make sure it hasnt been payed for anytime within the last year as well... Then today i get an email....
World of Warcraft Account Password Verification?
Greetings!
This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
If you are unable to successfully verify your password.
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment...
Something fishy bout that if you ask me. AVG says the link is Suspected Phishing Page. WOW's main site is the only place i have been that is affiliated with World of Warcraft.
That is a standard phishing email. Mouse-over the links and you will see they go somewhere else.
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
Care to explain how a company is responsible for people downloading trojans, giving out their account information to phishing email scam and every other type of internet foolishness under the sun?
i just got a email telling me my battle.net info was changed. i haven't played WoW since October. i compared the email address with the address of the email i got wen i first activated my account and the match. everytime i go to click on the link to change my battle.net info, firefox says it's a fraudulent site.....i have no idea what to do. i don't really care what happens to my account, i just don't want them to get any credit card info. does anybody know if they could get that?
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
Care to explain how a company is responsible for people downloading trojans, giving out their account information to phishing email scam and every other type of internet foolishness under the sun?
care to explain how i just got the same email and rarely download anything, have good antivirus programs, update/run scans regulary, and never gave my account info to ANYONE?
If you are unable to successfully verify your password.
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment
I got this mail twice this week. I never had a Wow account in my life and I still get this scam. Never answer a mail like this, Blizzard would just ask you to change your password in the game without telling anyone if it indeed was true, or mailing you a new password themselves.
In some cases there might be a dishonest employee at Blizz who gives away passwords but never use mods, keep your antivirus up to date, never click on a file someone sent you and don't use pirate programs.
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
Care to explain how a company is responsible for people downloading trojans, giving out their account information to phishing email scam and every other type of internet foolishness under the sun?
Explain how my password gets hijacked with a fresh install of Windows. Then I'll gladly answer your question
My account has been inactive for 4 months(as far as me using it) and I just got a "your account has been suspended for using a 3rd party hack" email from Blizzard.
someone obviously took my account for a joy ride..
My account been inactive since Oct 2009. Last week I got an email saying the account was compromised and to follow this link to verify login information. Now, Blizzard would never ask for login information. They already know it. So after playing email tag with an inept guy from Blizzard Support, I finally just called them up. After a 75 min hold, the CSR sent me a password reset in 5 mins. Apparently My account went active in March 2010 and got suspended same month for "questionable actions".
I donn't use any mods or addons for any mmo... ever. So how did it happen? I have no idea, my email accout is set to make my password expire after X days and the CSR said they got access to the WoW account via my email.
After all this the GMs "investigated" and couldn't verify when the account got compromised. Even though the CSR and I knew it was in March. So their "solution" was to say "sorry you lost all your stuff but we gave your 80's an even 800g each to buy new gear". Yeah cuz all their heroic/10man gear is just sitting on AH suddenly not BoP anymore. Way to encourage me to resub Blizz.
Comments
its because people are retarded and click links they should not.
Fine, we'll compromise. I'll get my way & you'll find a way to be okay with that.
Well I will say that I have never been hacked in any MMO. I attribute that to using common sense and just being generally careful about everything I do. If Blizzard's servers really were the ones getting hacked and leaking information, I would think my account would have been compromised at least once since 2004...
I only had a trial account for WoW about a year ago, i wasn't hacked personally but i can tell you that my account is continuously being hacked as i get emails from BLIZZARD not phishin mails as they are merely informing that my account details have changed. therefore this is a clear indication that it is BLIZZARD's account systems that are being hacked and not always the individual themselves. If you (excuse the term) "fanboi's" want to blast people for bringing up legitimate issues then your wearing beer goggles, i mean come on, USE YOUR BRAINS.. everyone and everything is NEVER foolproof. including your beloved Blizzard..
*EDIT*
I'd also like to add that out of the 9 sub paying MMO's i've played over the years and the 4 trial accounts i've made for others, ONLY my WoW account is being hacked. Wake up and smell the roses, if you love your game so much then get a petition going on your official forums for Blizzard to get off their lazy butts and do something.
Why would someone hack a trial account? As for Blizz, your account was closed long ago (if it was trial) and they would not be sending you emails....
So.....if you are getting emails, they are probably phishing emails.
I get phishing emails all the time on an email account that has never played WOW.
Due to the simple logical thinking behind it, how does a hacker know the difference between full paid sub and trial account? i actually contacted Blizzard via email stated on their website under the contact us section (WoWaccountreviewEU@blizzard.com) and they told me the mails i was getting were legitimatly from their automated system and that they were aware of the situation regarding the content of the emails i was recieving, 3 months later and i'm still getting those emails. (take note that no details were asked for by them other than the email address registered with what used to be my trial account.)
I agree with you however that trial accounts should be closed if not upgraded to full accounts within a set timeframe however they obviously are not for some reason.
I don't see why people are so hung up on personal information. You do understand that regardless if they use RealID or not that your personal information is already freely on the internet and open to just about anything.
It's funny how people complain about blizzard using RealID yet when the SS Department was hacked and over 20 million peoples Names, Addresses, Phone Numbers, SS numbers flooded the internet, noone here complained about that. When CC companys are continuely hacked and your name and address makes it onto the internet or the black market (this happens more then anyone cares to admit) noone here is complaining about that.
You don't complain when you can take a IP address and easily pin it to someones name and location via a reverse ip lookup.
I just find it very funny that people think that there information is so private and protected. If you use the internet, your information is now out there for anyone to find and use. Privacy is something that was lost over 10 years ago.
As far as Blizzard's servers being hacked. I find it very hard to see that happening. It's not impossible, but I imagine Blizzard's servers are by far more secure then your CC companys servers or your local banks servers.
What makes you think a game companies servers are more secure than banking or other servers? banks have a lot more to lose should peoples details be stolen, a game company only has to protect the personal information and account holders login details (just in case the person who posted on another thread is here YES they are responcible for these details on their system as it's in the Data protection act).
All anyone has to do is look over threads from 2 years ago to present date in official forums as well as here and other community sites and you'll notice the trend, possibly 0-5 mentions of being hacked from all other game companies/games and a whopping 1,000+ mentioned for Blizzards WoW. it's a simple thing to work out, Blizzard has security issues for their account database, it's not a get at the game or the company in general for those of you defending it blindly. It's simple to fix the issue if enough of you who play the game actually mention it to blizzard, with enough politely worded notifications about it i'm sure they'll fix things if they care as much as some people swear they do.
I would say 75% of the hackings come from account sharing and another 10% from trojans, either through email or addons. But I'm pretty sure there's something going on with the backend of Battlenet.
My friend received an email a couple of days ago telling him that someone had changed his password - the classic precursor to logging on and finding your account hacked. Except of course his account has been inactive for over 6 months. So unless the hacker has paid for a months subs as part of the hack you could say it's a Battlenet issue.
I was also hacked about 4 months ago. No one knew my log in and the user and password were unique to WoW. I don't have email on the pc I play WoW on and have full antivirus, software firewall and hardware firewall. I also play LOTRO on a lifetime sub on this pc yet that account was totally untouched.
Virus scans have found no trace of a trojan on my rig. The only browsing I do is online banking. No attempt has been made to access my banking which is worth a damn sight more than a few virtual items. So it's not as clear cut as Blizzard claimed it was when I phoned them to report it. They insisted the problem was at my end - which you'd expect them to for liabilitiy issues. (btw Other than that they were great and restored everything within 90 mins).
But looking back on it now I'm 99.99% positive it's a Blizzard issue. I received the email telling me that my password had been changed and at first I though 'Oh crap hacked!'. Then I thought how the hell? In order to change my password without administrator access to Battlenet you would need to know my secret question and answer. It's one thing to steal a user and pass and log in with it but entirely another to know details that haven't been typed in for years.They are also uniuqe to WoW and I haven't had to enter them since I created the account in 2005.
The only possibilities behind my hacking and that of my friend are either a rogue CS employee at Blizzard, harvesting items and gold from accounts, or their backend security has more holes than a Swiss cheese.
They are hardly likely to admit either so there are only 2 options open to you. Either get an authenticator for free on your phone or send off for it or cancel you accoutn and walk way. I downloaded the authenticator but I was sorely tempted to take option 2.
_________________________________________
You can walk the walk but can you talk the talk?
The last time I played wow was in wow classic, just after they added the new honor system that, where you could just grind honor all day for topnotch pvp gear, instead of trying to hit grandmarshal.
About half a year ago I recieved a email from blizz saying I needed to switch my account to bnet, So I did.
Just a few days ago, I went to check up on my old wow account. "This account has been temporarily suspended". Been waiting on a reply from blizzard forever now (I would think with the billions of dollars they got it wouldnt take 5 days to figure out why my account has been closed).
Needless to say, I did research. Chances are my account was hacked, so blizz closed the account (instead of banning it).
I always been pretty good about never being hacked, actually I guess this makes it the first time for me (if thats what happened).
I blame it on bnet, I dont care what anyone else says. There is definatlly some problems with bnet when they were doing the account transfers. Now the old email address I used to keep my wow account on, the one during the switch, recieves atleast 20 spams a day about my wow account. Even though I dont even have a wow account tied in with the emaill addy.
All the spam and everything started a few days after switching over my wow account to Bnet.
Not that I really care about my wow account, its just I see people saying how its Bnet fault, and I cannot agree more with them. To a certain degree, sometimes it is the players fault. But you gotta be blind not to see the trend with the bnet transfers and hacks.
I havent been on WOW or WOW's website or any addon sites in a year or more. Yesterday i went to Worldofwarcraft.com to check on my acct to make sure it hasnt been hacked recently since this big up roar of hacked accounts. I havent been, my account was still inactive and i checked to make sure it hasnt been payed for anytime within the last year as well... Then today i get an email....
World of Warcraft Account Password Verification?
Greetings!
This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
we recommend you Login verify your password:
https://www.battle.net/account/support/login-support.xml
If you are unable to successfully verify your password.
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment...
Something fishy bout that if you ask me. AVG says the link is Suspected Phishing Page. WOW's main site is the only place i have been that is affiliated with World of Warcraft.
Playing WoW yesterday, some random dude with "blizzard" or something similiar in his name whispers me, saying something like "Congratulations, you won the new ... flying mount. Go to this website and login to receive your moun: www.someadresswithworldofwarcraftinit.com".
And THAT's why people get hacked. Not because of Blizzard selling account data. Or because of super-duper hackers breaking into Blizzard's database on a daily basis. People get hacked because they believe stuff as I got whispered. Because they click on every link they get mailed saying WoW, because if they see a video saying "go to this website and download the hacks to pwn your friends" they do so, because they receive a mail saying "congratulations, you won cataclysm access, log in here", and so on and so on...
Or in short: they get hacked because they are naive. Very simple. No evil schemes by Blizzard. No dark complots. Nothing. Just naive people who don't know how to handle sensitive information.
I can't believe how anyone in all seriousness could assume that Blizzard sells account data to scam their own customers. That's just dumb beyond all measurements. It's probably still easier than saying "ok, my account got hacked, what did I do wrong and how do I not do it again" though.
Let's play Fallen Earth (blind, 300 episodes)
Let's play Guild Wars 2 (blind, 45 episodes)
Just to clear things up for the people who don't seem to get it.
You cannot get hacked by WoW addons.
Addons cannot access the internet.
Addons cannot access your hard drive.
Addons do not stay running after the WoW client exists.
Addons cannot read your key strokes.
Addons cannot interact with the operating system.
The WoW scripting system is quite secure these days and you don't need to worry about addons comprimising your account.
People always confuse addons with executables. Addons are scripts (you can read them) that only run inside the WoW client. Executables (like the curse client) are programs that run outside of WoW.
I see that working lol, you can tell people just about anything in a game and they will believe it. No joke.
When I played eq 1 classic, the days after launch. I had a gnome tinkerer and made a telescope, I told this person that the telescope was a 1 of a kind item and will never drop again. He traded me all the monks headbands and belts for a telescope that took me about 10minutes to make lol.Probablly took about a month to get all the headbands and belts. Plus I made around 4k p and during eq classic that was being rich.
Seriously I can see it now, " omg omg, I won the mount that mommy wouldn't buy for me!!!"
<deleted>
There's more to this than someone's actions. I've had numerous friends (and family) who discover that their year-old deactivated WoW account suddenly had the password changed on their battle.net account. This from people who never touched a single add-on, never touched a single scam email, or had a virus (some running on Macs). And yet, after a year of not playing WoW, their account password is changed, or we see them magically appear in WoW, character hopping. Some accounts were used merely to create trial accounts, others had their WoW subs renewed by the hackers.
This, IMO, goes beyond mere viruses or scams. I could likely see someone within Blizzard who scans for old accounts no longer played and sells the info to gold sellers / farmers.
Regarding the highlighted sentence all i have to say is that isn't true anyway, It is the responsibility of the account holder to not share their information with anyone else and thats it as they don't have direct control over the server which holds said information. You'll find that it is the responsibilty of whoever controls the servers that hold the account details on that have to make sure it is secure and safe (DATA PROTECTION ACT 1998 - see links at bottom of this post for further info). To summerise it for those of you who don't bother with the links it states the following : The Data Protection Act requires anyone who handles personal information to comply with a number of important principles. It also gives individuals rights over their personal information.
here's some links about data protection act
http://www.ico.gov.uk/what_we_cover/data_protection.aspx
I blame Blizzard's poor security.
Even authenicators are proven to be useless. They can still be hacked. My battle.net password was changed by some random person. And you know what? I could care less.
That is a standard phishing email. Mouse-over the links and you will see they go somewhere else.
Care to explain how a company is responsible for people downloading trojans, giving out their account information to phishing email scam and every other type of internet foolishness under the sun?
i just got a email telling me my battle.net info was changed. i haven't played WoW since October. i compared the email address with the address of the email i got wen i first activated my account and the match. everytime i go to click on the link to change my battle.net info, firefox says it's a fraudulent site.....i have no idea what to do. i don't really care what happens to my account, i just don't want them to get any credit card info. does anybody know if they could get that?
care to explain how i just got the same email and rarely download anything, have good antivirus programs, update/run scans regulary, and never gave my account info to ANYONE?
Greetings!
This is an automated notification regarding the recent change(s)
made to your World of Warcraft account. Your password has recently been modified through the Password Recovery website.
*** If you made this password change, please disregard this notification. However, if you did NOT make changes to your password
we recommend you Login verify your password:
https://www.battle.net/ac(last bit deleted so no numbskull actually uses it)
If you are unable to successfully verify your password.
using the automated system, please contact Billing & Account Services at 1-800-59-BLIZZARD (1-800-592-5499) Mon-Fri, 8am-8pm Pacific Time or at billing@blizzard.com. Account security is solely the responsibility of the account holder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Regards,
The World of Warcraft Support Team Blizzard Entertainment
I got this mail twice this week. I never had a Wow account in my life and I still get this scam. Never answer a mail like this, Blizzard would just ask you to change your password in the game without telling anyone if it indeed was true, or mailing you a new password themselves.
In some cases there might be a dishonest employee at Blizz who gives away passwords but never use mods, keep your antivirus up to date, never click on a file someone sent you and don't use pirate programs.
Explain how my password gets hijacked with a fresh install of Windows. Then I'll gladly answer your question
My account been inactive since Oct 2009. Last week I got an email saying the account was compromised and to follow this link to verify login information. Now, Blizzard would never ask for login information. They already know it. So after playing email tag with an inept guy from Blizzard Support, I finally just called them up. After a 75 min hold, the CSR sent me a password reset in 5 mins. Apparently My account went active in March 2010 and got suspended same month for "questionable actions".
I donn't use any mods or addons for any mmo... ever. So how did it happen? I have no idea, my email accout is set to make my password expire after X days and the CSR said they got access to the WoW account via my email.
After all this the GMs "investigated" and couldn't verify when the account got compromised. Even though the CSR and I knew it was in March. So their "solution" was to say "sorry you lost all your stuff but we gave your 80's an even 800g each to buy new gear". Yeah cuz all their heroic/10man gear is just sitting on AH suddenly not BoP anymore. Way to encourage me to resub Blizz.
Sheesh.