It is amazing how I've had a WoW account for years, 5 years of 4+ EQ1 accounts, 2 Eve accounts for 6 years, LOTRO for as long as it's been around, WW2 Online since 2001, etc.... never been hacked.
Of course, I don't download addons and I don't tell people my account name or password ever (not even roommates). Now, I am getting fake blizzard spam mail for the first time for the past couple of months, but they're all obviously bogus, and it makes me sad people fall for them. I get a lot of facebook spam too, but since I'm not on facebook, that makes them pretty easy to spot as fake lol.
Just as a point of interest, I'm getting fake WoW/Blizzard stuff constantly now too, telling me my account password has changed, or that my account was hacked etc.....and I've never, ever, played WoW. I don't live on the same side of the country as I did 13 years ago when I had a Battle.net account for Diablo, nor the same email etc.
Regardless of the designation, as long as that aircraft is assigned to drop things in the dirt, it's a target, not a fighter. - Robert Shaw, "Fighter Combat: Tactics and Maneuvering"
It is amazing how I've had a WoW account for years, 5 years of 4+ EQ1 accounts, 2 Eve accounts for 6 years, LOTRO for as long as it's been around, WW2 Online since 2001, etc.... never been hacked.
Of course, I don't download addons and I don't tell people my account name or password ever (not even roommates). Now, I am getting fake blizzard spam mail for the first time for the past couple of months, but they're all obviously bogus, and it makes me sad people fall for them. I get a lot of facebook spam too, but since I'm not on facebook, that makes them pretty easy to spot as fake lol.
Just as a point of interest, I'm getting fake WoW/Blizzard stuff constantly now too, telling me my account password has changed, or that my account was hacked etc.....and I've never, ever, played WoW. I don't live on the same side of the country as I did 13 years ago when I had a Battle.net account for Diablo, nor the same email etc.
simply really. At some point in time, you email was collected, sold, and is not in the hands of spammers.
It is amazing how I've had a WoW account for years, 5 years of 4+ EQ1 accounts, 2 Eve accounts for 6 years, LOTRO for as long as it's been around, WW2 Online since 2001, etc.... never been hacked.
Of course, I don't download addons and I don't tell people my account name or password ever (not even roommates). Now, I am getting fake blizzard spam mail for the first time for the past couple of months, but they're all obviously bogus, and it makes me sad people fall for them. I get a lot of facebook spam too, but since I'm not on facebook, that makes them pretty easy to spot as fake lol.
This.
I am scratching my head wondering how someone like the industry relation's manager (don't they have a god-mode always on when it comes to ALL the internet?) got hacked.
From my knowledge, you cannot get hacked unless you give away your account name and password or download a virus.
I don't think I've ever downloaded a virus (well...without KNOWING it was a virus, lol)
I have had some "close calls" like the first time I opened one of those spoof WoW account emails, but right before entering my info I saw it was not the right website. So I can see how people who do not know to ALWAYS check the url bar could get hacked.
But still... I've never been hacked. But I guess I'm different, having over a decade of online experience- especially when I was sending my friend's cousin trojans and flashing my BIOS at 13 years old...lol...
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
I usually play games with 4 friends of mine .... all had long inactive accounts in august and we all were hacked in august.
Was it in august that the 7 days free was rewarded ?
LoL... at first I wondered "How did they ALL get hacked in the same month?"
Then it occurred to me... 100% guarantee all of you shared the same downloaded add-on, which had a keylogger/trojan attached :P
Probably sent it to one another, lol...
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
If I bought an authenticator, I'd be the one crying.
Why someone needs to spend $6.50 for no reason is far beyond even my understanding.
My god I wish I was the genius who invented this "authenticator". I'd be a millionaire selling snake oil to people too dumb to not get phished.
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
It is amazing how I've had a WoW account for years, 5 years of 4+ EQ1 accounts, 2 Eve accounts for 6 years, LOTRO for as long as it's been around, WW2 Online since 2001, etc.... never been hacked.
Of course, I don't download addons and I don't tell people my account name or password ever (not even roommates). Now, I am getting fake blizzard spam mail for the first time for the past couple of months, but they're all obviously bogus, and it makes me sad people fall for them. I get a lot of facebook spam too, but since I'm not on facebook, that makes them pretty easy to spot as fake lol.
This.
I am scratching my head wondering how someone like the industry relation's manager (don't they have a god-mode always on when it comes to ALL the internet?) got hacked.
From my knowledge, you cannot get hacked unless you give away your account name and password or download a virus.
I don't think I've ever downloaded a virus (well...without KNOWING it was a virus, lol)
I have had some "close calls" like the first time I opened one of those spoof WoW account emails, but right before entering my info I saw it was not the right website. So I can see how people who do not know to ALWAYS check the url bar could get hacked.
But still... I've never been hacked. But I guess I'm different, having over a decade of online experience- especially when I was sending my friend's cousin trojans and flashing my BIOS at 13 years old...lol...
Same here. Since a couple months I am receiving several WoW account phising emails a day. Some days worse than the others.
It's really easy to spot they are absolute fake. Just hover over the link and you already see a bogus referal link in the bottom of your IE bar.
But the problem here is. That a lot of people seem to be Anti-Microsoft and use other kind of browsers, that don't have this option.
So people don't see it's fake and click the link and don't see the masked referal link... and voila they are screwed.
And most of the time they do not even have to use the site, just clicking the link might already trigger a keylogger install from the website.
I say and keep saying. Use a different browser that actually shows you all this information, without having to click the links.
As same here. I have been playing tons of MMO's the past 8-9 years or so and plenty of other regular online games. And never been hacked! Never.
Same here. Since a couple months I am receiving several WoW account phising emails a day. Some days worse than the others.
It's really easy to spot they are absolute fake. Just hover over the link and you already see a bogus referal link in the bottom of your IE bar.
But the problem here is. That a lot of people seem to be Anti-Microsoft and use other kind of browsers, that don't have this option.
So people don't see it's fake and click the link and don't see the masked referal link... and voila they are screwed.
And most of the time they do not even have to use the site, just clicking the link might already trigger a keylogger install from the website.
I say and keep saying. Use a different browser that actually shows you all this information, without having to click the links.
As same here. I have been playing tons of MMO's the past 8-9 years or so and plenty of other regular online games. And never been hacked! Never.
Cheers
Firefox shows the real url, if you have thunderbird you can see the return-path which will be bla@aol/msn.com instead of blizzard infact firefox warns you from pishing sites, they keep a list, once the url matches you get a warning.
Same here. Since a couple months I am receiving several WoW account phising emails a day. Some days worse than the others.
It's really easy to spot they are absolute fake. Just hover over the link and you already see a bogus referal link in the bottom of your IE bar.
But the problem here is. That a lot of people seem to be Anti-Microsoft and use other kind of browsers, that don't have this option.
So people don't see it's fake and click the link and don't see the masked referal link... and voila they are screwed.
And most of the time they do not even have to use the site, just clicking the link might already trigger a keylogger install from the website.
I say and keep saying. Use a different browser that actually shows you all this information, without having to click the links.
As same here. I have been playing tons of MMO's the past 8-9 years or so and plenty of other regular online games. And never been hacked! Never.
Cheers
Firefox shows the real url, if you have thunderbird you can see the return-path which will be bla@aol/msn.com instead of blizzard infact firefox warns you from pishing sites, they keep a list, once the url matches you get a warning.
They can't keep that up, because these criminals are using several new url's each day.
They constantly create new url's. Take a good look in these phising emails you get. They seem to be constantly registering new url's each day, to avoid detection.
Seeing as there are an ungodly amount of posts here anyway, I dont imagine many people going this far down to read the following. I have played WoW since '05 never really had a problem with it, in fact, I took a trip to europe recently and went to log onto my char for a moment (the life of a gl isnt always fun) to settle a problem. Well, thats when the message that my account had been locked popped up and to check my email. Upon inspection, blizzard had detected that my account was being accessed from a different country and locked my account to protect it. Going through the emails instructions and unlocking it only took a minute, but it made me feel good to know that these sort of protection measures are in effect.
Were all put in the ground one day, why must this dark opera play out this way, sorrow the chord and suffering the melody
This is a fascinating thread. I learned a few tricks to securing my account that I didn't know before.
Firstly, I understand the frustration of having your computer & account violated. I've had a few computer invasions over the years and each time it feels like I've been groped. Luckily for me, none of my game accounts been hacked thus far. I am not a techie so I cannot offer any advice.
I started playing subscription MMOs since 2002 (?). With WoW I started in 2006 and play on & off till present day; currently my account is inactive and I think my toons are still clothed. I never got an authenticator but I do use game cards half the time. I hate the new system where your user name is your email. Ever since they changed the system, I got so many phishy emails. I think Blizzard is to blame for a few issues like the new Battle.net log in. Maybe someone is selling our data since many inactive accounts were hacked.
It would suck if I had to make an email for every MMO I decided to play or try out. So many emails & passwords to remember... What I'd like is more MMOs using other OS besides Win & Mac. Maybe we should blame Bill Gates for having a monopoly on the gaming industry. And his OS is #1 target for hackers.
What suprised me the most is that having played multiple MMORPG"s over a 10 year period and never got an account hacked beside WOW and that was within a few days after they switched to battle.net and also the spam mail started then, makes ya wonder if it was leaked by blizzard or their employee's to make extra $$.
The issue is YOU don't seem to understand how an addon in WoW differs from an actual applicaiton aka an independant program that runs beside the client. You don't seem to understand the limitations that blizzard has placed on AddOns.
1) Blizzard addons do not run seporatly from the client program. This allows Blizzard to implement how far the lua scripting can go in modifying the client behavior. In the last 3 years blizzard has added many limits to what addons can do how they get data into and out of the application. It is VERY dangerous for you to assume what an addon in WoW can do based on what one could do in UO, Everquest, MUD of the week etc. Again these are very much like Macros, but with more functionality and flexability by the authors. These run as part of the client and can only get and save data from specific folders in your wow folder. Again they can only move data to your computer while Wow is shutting down. (BTW this is why if you change addon settings and have the client crash that you lose your changes).
2) There are a few WoW Utility Programs that can be dangerous if not monitored(ie from a good firewall) or if dowloaded from anywhere but the mainstream hosting site. So I am clear as to what I am talking about, I am specifically talking about the addon updaters (ie Curse Client and MMOUI minion etc), also Website updaters (ie Guildportal Wow Client, Wowhead Client etc). Those are programs that run at the same time as wow and the Wow Client has no way to control what these do. These are kinds of programs that could be made into trojan Horses or loaded up with keyloggers. For these, I would recommend that a NOOB not use them at all. A more advanced user should DL them from the actual hosting website (ie Curse.com, MMOUI, WoWhead etc), and only run them before or after you start a WoW session. They should not be allowed to run while you play.
I guess you and I are running into a case of semantics. The only things that I call addons are the lua scripts that one places into the WoW>interface>addons folder. Other things that run like exe files I tend to call utilities, programs or apps. It's the latter that people need to be very careful of.
Sorry that is incorrect. Add-on's do carry trojan programs sometimes. Being oblivious to an actual problem is ok, but when you try spread an opinion that is incorrect in a forum thread that is just wrong.
You should always scan any add-on you download.
Actually TashaG is correct.
Addons are 100% safe. There is nothing they can do that will compromise accout information. There is no code that can be written in them that can call an external program such as a trojan or somehow log account information. Just to be clear, there is nothing a LUA addon can do to hack an account, even if there is a trojan file packed in the zip file you download.
I think you and several others are confusing Viruses/Trojans that are disquised as being addons and offered for download. It may sound like semantics, but there is a huge difference. You can download and unzip all the trojans in the world to your addon folder and they will never do anything. They will just sit there doing nothing. They will not execute when wow loads the addon, because that is not how addons work.
It is only when a user does something other than unzip/extract files to the addon folder that a trojan could possibly do something. Even then it would require the player to run some special installation program, unzip the files to a system directory or something that should be so obvious that it just screams do not do this.
As long as a player only unzips/extracts addons to the addon folder there is nothing that could cause harm. Even suggesting that addons can in some way be the source of problems is spreading misinformation or at the very least being misleading. This is why people fear addons and think the actual code of addons is somehow responsible for their problems and not their own actions. Players need to understand the small, but very important difference in how they could compromise their own account and how hackers might try to trick them into doing something like this.
1) download any addon you want.
2) extract the files into the wow/interface/addon folder.
2a) Do NOT run any install programs, special install instructions, extract files to any other directory.
3) do nothing else and live play without fear of addons being able to do anything malicious.
Follow those simple steps and you will never ever have a problem with addons.
Think what you want Daff, I have friends that have had the exact thing you say cannot happen, happen to them. I have seen it first hand.
You have to remember that not all people that have computers are computer savvy. If they'll fall for a fake email, they'll download and execute a malicious file thinking it's an add-on.
It can and does happen amd pretending it can't happen just helps to further propagate the problem.
Einherjar_LC says: WTB the true successor to UO or Asheron's Call pst!
I just had to comment on this because of a disurbing revelation I recently made.
Here's my story.
I signed up for a WoW 10-day trial a few years ago with a brand new email address. This was before the Battle.net switch over. This email address has never been used for anything but signing up for the WoW 10-day trial.
Well since Cata came out recently I wanted to try the game again to see if anything had changed for the better, so using the same email address, I linked my WoW account to the Battle.net account I created with this email address. About an hour later I received a penis enlargment spam email and I have received 1 or 2 spam emails every day since.
Here's the thing. I have NEVER received spam on that email address before, ever. Only after creating a Battle.net account did these messages start showing up in my mailbox.
I thought that was strange so I created a new email address, new Battle.net account, and the same thing happened.
So either Blizzard's security is breached and there IS someone stealing email addresses and possibly account information as well. Or Blizzard is selling that information to spam companies.
Either possiblity makes me never want to touch another Blizzard game. And I will not until they publicly reveal what is actually going on and show that they have stopped this from happening.
"There is as yet insufficient data for a meaningful answer."
2) extract the files into the wow/interface/addon folder.
2a) Do NOT run any install programs, special install instructions, extract files to any other directory.
3) do nothing else and live play without fear of addons being able to do anything malicious.
Follow those simple steps and you will never ever have a problem with addons.
Think what you want Daff, I have friends that have had the exact thing you say cannot happen, happen to them. I have seen it first hand.
You have to remember that not all people that have computers are computer savvy. If they'll fall for a fake email, they'll download and execute a malicious file thinking it's an add-on.
It can and does happen amd pretending it can't happen just helps to further propagate the problem.
There is no possible way for you describe to have happen. It just isn't possible and for you to suggest it is is just reinforcing false information. LUA addons are 100% safe. You cannot write any malicious code into a wow addon that will steal information.
Sure there are plenty of trojans trying to pass themselves off as real addons, but they are not real addons. Like I said, you can freely extract a billion viruses to you addon folder and they will never ever excute. They will just sit there doing nothing. Windows doesn't just randomly execute programs that are sitting in a folder of the game you play and addons cannot make calls to those types of programs.
Your friends, who you admit are not very savvy, did something else. Perhaps they thought they downloaded a addon, but followed some special instructions, or clicked on an EXE file or any number of other executable file types. Perhaps they used the sweet addon installer that came with the program, but what they didn't do was simply extract an addon to the addon folder and install malicious code that hacked them.
Cool that they are your friends, but non-savvy people don't often understand what or how they did something. They omit important information, because they assume it was safe or just did not understand what they were doing.
Again, LUA addons, 100% safe. Viruses and Trojans pretending to be addons, not safe, but those still require the user to do something wrong.
If I bought an authenticator, I'd be the one crying.
Why someone needs to spend $6.50 for no reason is far beyond even my understanding.
My god I wish I was the genius who invented this "authenticator". I'd be a millionaire selling snake oil to people too dumb to not get phished.
You must not be familiar with VPN authentication technology. It works. Well. It's an additional layer of security. While the physical authenticator fob from Blizzard is $6.50, the iPhone or Android authentication app is free.
Blizzard is letting everyone get hacked; probably selling accounts to hackers for extra cash; then they turn around and tell you that their servers aren't secure, so please send them more money for an authenticator!
Blizzard is letting everyone get hacked; probably selling accounts to hackers for extra cash; then they turn around and tell you that their servers aren't secure, so please send them more money for an authenticator!
That is bullcrap. Blizzard are very scared of getting bad reputation. It is of course possible than one or a few employees would do it private but if a company like Blizzard actually did it and people found out it would mean the end for the entire company, and they are not that dumb.
Most of the hacked accounts are coming from phising messages and keyloggers anyways, not all but most.
Doesn't solve much but hell it doesn't hurt much either.
Question: Do you sell computers for a living?
3 computers is way too many for an average user. To have a E-SATA harddrive or Icebox with 2 drives in for storages and turn that off when you not use them is a good advice and pretty cheap as well.
Then you should have a good firewall and antivirus as well. And scan your computer on an online scanner every month or so to be sure (http://housecall.trendmicro.com/). And if you are truly paranoid and have a really old computer lying at home (a 386 works) make it into a Linux firewall.
It would hurt me much to use my laptop for downloading and buy another computer for storage. I never got any game hacked. A good firewall/antivirus that is updated helps a lot.
I still think it has more to do with clicking on links in those countless e-mailes (changes in your battlenet account/changes in your password please click on this link!, etc) and just going to sites or downloading things that might have viruses/keyloggers, etc.
I've only been playing these games for 6 years or so and I've yet to be hacked.
I also don't see what the big deal is about that security fob.And I don't believe for one minute that Blizzard is allowing hackers to access accounts. After all, why jeapordize the bogs of money you are going to make from subs and people buying expansions/and downloadable content by allowing some hackers to compromize your integrity and in additon make 6 dollars from those who don't permanently quit.
If lotro or some other company had a security system like that I'd buy "just in case".
I've seen these things used and they work very well. It's an added layer of security for 6 dollars.
And if people are worried, I would go the route of the poster who said have separate computers.
I have one computer for personal business stuff, writing, etc and one for games.
Like Skyrim? Need more content? Try my Skyrim mod "Godfred's Tomb."
Doesn't solve much but hell it doesn't hurt much either.
Question: Do you sell computers for a living?
3 computers is way too many for an average user. To have a E-SATA harddrive or Icebox with 2 drives in for storages and turn that off when you not use them is a good advice and pretty cheap as well.
Then you should have a good firewall and antivirus as well. And scan your computer on an online scanner every month or so to be sure (http://housecall.trendmicro.com/). And if you are truly paranoid and have a really old computer lying at home (a 386 works) make it into a Linux firewall.
It would hurt me much to use my laptop for downloading and buy another computer for storage. I never got any game hacked. A good firewall/antivirus that is updated helps a lot.
You'd be surprised how cheaply one can get a computer to just do banking and have your tax returns.
Essentially, all the important stuff is usually about accessing acounts online. As long as the second computer can open up a secure internet browser then that's all you need.
Like Skyrim? Need more content? Try my Skyrim mod "Godfred's Tomb."
To start things off, im a network admin so i know how to setup firewalls, antivirus and antispyware programs.
Ive been hacked 5 times now. The last time was 3!! weeks after getting my account back after the 4th hack.
Everytime ive been hacked ive completely formatted my hdd and reinstalled everything. im 99.9% sure the problem isnt on my side. Ive had about 20 other mmo's where ive never been hacked, among others LOTRO SW:G Warhammer online, Conan, EVE online, guildwars.
Its gone so far with wow hacks that almost everyone i know has been hacked at least once. (and most of my freinds have been playing wow since the game came out).
BTW hardware authenticators seem just one more way for blizz to make money. NO OTHER game that i know of needs a peice of hardware to make it more secure.
After the 5th hack i finally gave up.
yes this post shows the reality how blizzard treats their clients, i got hacked 1 time on wow, and in aion guild wars, conan Warhammer and ltro, 0 times
so go figure what those greedy people from blizzard does with our money!
To start things off, im a network admin so i know how to setup firewalls, antivirus and antispyware programs.
Ive been hacked 5 times now. The last time was 3!! weeks after getting my account back after the 4th hack.
Everytime ive been hacked ive completely formatted my hdd and reinstalled everything. im 99.9% sure the problem isnt on my side. Ive had about 20 other mmo's where ive never been hacked, among others LOTRO SW:G Warhammer online, Conan, EVE online, guildwars.
Its gone so far with wow hacks that almost everyone i know has been hacked at least once. (and most of my freinds have been playing wow since the game came out).
BTW hardware authenticators seem just one more way for blizz to make money. NO OTHER game that i know of needs a peice of hardware to make it more secure.
After the 5th hack i finally gave up.
yes this post shows the reality how blizzard treats their clients, i got hacked 1 time on wow, and in aion guild wars, conan Warhammer and ltro, 0 times
so go figure what those greedy people from blizzard does with our money!
Square enix has its own authenticator and soe is developing their own. Not to mention that Blizzard gives the authenticator away for FREE on many mobile devices. HUGE PROFITS THERE!!!! Why can't players see how big a problem this is and companies are starting to fight back?
I suppose blizzard is only trying to make more money with their dial in authenticator security service. Tons of revenue to be made having players call into blizzards 800 number.
If someone has been hacked five times then odds are their email account has been hacked and all the hard drive formats in the world will not resolve that problem. The hacker can just periodically reset the players password and instant access to their account... again. I'm sure they will say he changed that too, because someone who knows how to set up the most basic levels of computer security would of course know to crawl across the room inch by inch searching for traps before entering a room, but I digress.
Anyhow, it is much more likely that blizzard or some employee has been secretly selling players account information to hackers for a few extra dollars. Blizzard either can't catch this employee or enjoys the extra $.25 profit from selling a few physical authenticators. I'm certain that makes up for all the lost subscribers and negative image given from all the hacked accounts as well as all the money they have to spend on extra customer support staff to deal with hacked players. Yep, that makes tons of sense. There is no possible way an honest to goodness network admin could have had their email account hacked and be unaware of that being a direct line to hacking their account. Nope, not a chance there.
Comments
Just as a point of interest, I'm getting fake WoW/Blizzard stuff constantly now too, telling me my account password has changed, or that my account was hacked etc.....and I've never, ever, played WoW. I don't live on the same side of the country as I did 13 years ago when I had a Battle.net account for Diablo, nor the same email etc.
Regardless of the designation, as long as that aircraft is assigned to drop things in the dirt, it's a target, not a fighter. - Robert Shaw, "Fighter Combat: Tactics and Maneuvering"
simply really. At some point in time, you email was collected, sold, and is not in the hands of spammers.
This.
I am scratching my head wondering how someone like the industry relation's manager (don't they have a god-mode always on when it comes to ALL the internet?) got hacked.
From my knowledge, you cannot get hacked unless you give away your account name and password or download a virus.
I don't think I've ever downloaded a virus (well...without KNOWING it was a virus, lol)
I have had some "close calls" like the first time I opened one of those spoof WoW account emails, but right before entering my info I saw it was not the right website. So I can see how people who do not know to ALWAYS check the url bar could get hacked.
But still... I've never been hacked. But I guess I'm different, having over a decade of online experience- especially when I was sending my friend's cousin trojans and flashing my BIOS at 13 years old...lol...
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
LoL... at first I wondered "How did they ALL get hacked in the same month?"
Then it occurred to me... 100% guarantee all of you shared the same downloaded add-on, which had a keylogger/trojan attached :P
Probably sent it to one another, lol...
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
12 million accounts, 11.5 are hacked...nuff said
If I bought an authenticator, I'd be the one crying.
Why someone needs to spend $6.50 for no reason is far beyond even my understanding.
My god I wish I was the genius who invented this "authenticator". I'd be a millionaire selling snake oil to people too dumb to not get phished.
If being a developer means being quiet, mature, well-spoken, and disconnected from the community, then by all means do me a favor and believe I'm not one.
I use the 3 most popular addons (bagnon, gatherer, titanpanel), downloaded from curse, my mates do not use addons at all.
Next to that, we are all IT-nerds and 2 of us are security professionals ... we are the most paranoid people you will ever meet
I do not believe all our accounts were breached.
You know which friends did not get hacked?? ... the ones that did not merge with battle.net yet ...
Same here. Since a couple months I am receiving several WoW account phising emails a day. Some days worse than the others.
It's really easy to spot they are absolute fake. Just hover over the link and you already see a bogus referal link in the bottom of your IE bar.
But the problem here is. That a lot of people seem to be Anti-Microsoft and use other kind of browsers, that don't have this option.
So people don't see it's fake and click the link and don't see the masked referal link... and voila they are screwed.
And most of the time they do not even have to use the site, just clicking the link might already trigger a keylogger install from the website.
I say and keep saying. Use a different browser that actually shows you all this information, without having to click the links.
As same here. I have been playing tons of MMO's the past 8-9 years or so and plenty of other regular online games. And never been hacked! Never.
Cheers
Firefox shows the real url, if you have thunderbird you can see the return-path which will be bla@aol/msn.com instead of blizzard infact firefox warns you from pishing sites, they keep a list, once the url matches you get a warning.
Pi*1337/100 = 42
They can't keep that up, because these criminals are using several new url's each day.
They constantly create new url's. Take a good look in these phising emails you get. They seem to be constantly registering new url's each day, to avoid detection.
Seeing as there are an ungodly amount of posts here anyway, I dont imagine many people going this far down to read the following. I have played WoW since '05 never really had a problem with it, in fact, I took a trip to europe recently and went to log onto my char for a moment (the life of a gl isnt always fun) to settle a problem. Well, thats when the message that my account had been locked popped up and to check my email. Upon inspection, blizzard had detected that my account was being accessed from a different country and locked my account to protect it. Going through the emails instructions and unlocking it only took a minute, but it made me feel good to know that these sort of protection measures are in effect.
Were all put in the ground one day, why must this dark opera play out this way, sorrow the chord and suffering the melody
This is a fascinating thread. I learned a few tricks to securing my account that I didn't know before.
Firstly, I understand the frustration of having your computer & account violated. I've had a few computer invasions over the years and each time it feels like I've been groped. Luckily for me, none of my game accounts been hacked thus far. I am not a techie so I cannot offer any advice.
I started playing subscription MMOs since 2002 (?). With WoW I started in 2006 and play on & off till present day; currently my account is inactive and I think my toons are still clothed. I never got an authenticator but I do use game cards half the time. I hate the new system where your user name is your email. Ever since they changed the system, I got so many phishy emails. I think Blizzard is to blame for a few issues like the new Battle.net log in. Maybe someone is selling our data since many inactive accounts were hacked.
It would suck if I had to make an email for every MMO I decided to play or try out. So many emails & passwords to remember... What I'd like is more MMOs using other OS besides Win & Mac. Maybe we should blame Bill Gates for having a monopoly on the gaming industry. And his OS is #1 target for hackers.
What suprised me the most is that having played multiple MMORPG"s over a 10 year period and never got an account hacked beside WOW and that was within a few days after they switched to battle.net and also the spam mail started then, makes ya wonder if it was leaked by blizzard or their employee's to make extra $$.
Think what you want Daff, I have friends that have had the exact thing you say cannot happen, happen to them. I have seen it first hand.
You have to remember that not all people that have computers are computer savvy. If they'll fall for a fake email, they'll download and execute a malicious file thinking it's an add-on.
It can and does happen amd pretending it can't happen just helps to further propagate the problem.
Einherjar_LC says: WTB the true successor to UO or Asheron's Call pst!
I just had to comment on this because of a disurbing revelation I recently made.
Here's my story.
I signed up for a WoW 10-day trial a few years ago with a brand new email address. This was before the Battle.net switch over. This email address has never been used for anything but signing up for the WoW 10-day trial.
Well since Cata came out recently I wanted to try the game again to see if anything had changed for the better, so using the same email address, I linked my WoW account to the Battle.net account I created with this email address. About an hour later I received a penis enlargment spam email and I have received 1 or 2 spam emails every day since.
Here's the thing. I have NEVER received spam on that email address before, ever. Only after creating a Battle.net account did these messages start showing up in my mailbox.
I thought that was strange so I created a new email address, new Battle.net account, and the same thing happened.
So either Blizzard's security is breached and there IS someone stealing email addresses and possibly account information as well. Or Blizzard is selling that information to spam companies.
Either possiblity makes me never want to touch another Blizzard game. And I will not until they publicly reveal what is actually going on and show that they have stopped this from happening.
"There is as yet insufficient data for a meaningful answer."
There is no possible way for you describe to have happen. It just isn't possible and for you to suggest it is is just reinforcing false information. LUA addons are 100% safe. You cannot write any malicious code into a wow addon that will steal information.
Sure there are plenty of trojans trying to pass themselves off as real addons, but they are not real addons. Like I said, you can freely extract a billion viruses to you addon folder and they will never ever excute. They will just sit there doing nothing. Windows doesn't just randomly execute programs that are sitting in a folder of the game you play and addons cannot make calls to those types of programs.
Your friends, who you admit are not very savvy, did something else. Perhaps they thought they downloaded a addon, but followed some special instructions, or clicked on an EXE file or any number of other executable file types. Perhaps they used the sweet addon installer that came with the program, but what they didn't do was simply extract an addon to the addon folder and install malicious code that hacked them.
Cool that they are your friends, but non-savvy people don't often understand what or how they did something. They omit important information, because they assume it was safe or just did not understand what they were doing.
Again, LUA addons, 100% safe. Viruses and Trojans pretending to be addons, not safe, but those still require the user to do something wrong.
You must not be familiar with VPN authentication technology. It works. Well. It's an additional layer of security. While the physical authenticator fob from Blizzard is $6.50, the iPhone or Android authentication app is free.
My advice to everyone.
1 pc for uploading/downloading/the web = virus = who cares. (scan then trasfer to data storage pc for viewing/further editing if needed)
1 pc for gaming
1 pc for data storage
use Truecrypt
Use Yahoo.com addy's for Gaming aka gamer1@yahoo.com, gamer2@yahoo.com, etc.
Doesn't solve much but hell it doesn't hurt much either.
Blizzard is letting everyone get hacked; probably selling accounts to hackers for extra cash; then they turn around and tell you that their servers aren't secure, so please send them more money for an authenticator!
That is bullcrap. Blizzard are very scared of getting bad reputation. It is of course possible than one or a few employees would do it private but if a company like Blizzard actually did it and people found out it would mean the end for the entire company, and they are not that dumb.
Most of the hacked accounts are coming from phising messages and keyloggers anyways, not all but most.
Question: Do you sell computers for a living?
3 computers is way too many for an average user. To have a E-SATA harddrive or Icebox with 2 drives in for storages and turn that off when you not use them is a good advice and pretty cheap as well.
Then you should have a good firewall and antivirus as well. And scan your computer on an online scanner every month or so to be sure (http://housecall.trendmicro.com/). And if you are truly paranoid and have a really old computer lying at home (a 386 works) make it into a Linux firewall.
It would hurt me much to use my laptop for downloading and buy another computer for storage. I never got any game hacked. A good firewall/antivirus that is updated helps a lot.
I still think it has more to do with clicking on links in those countless e-mailes (changes in your battlenet account/changes in your password please click on this link!, etc) and just going to sites or downloading things that might have viruses/keyloggers, etc.
I've only been playing these games for 6 years or so and I've yet to be hacked.
I also don't see what the big deal is about that security fob.And I don't believe for one minute that Blizzard is allowing hackers to access accounts. After all, why jeapordize the bogs of money you are going to make from subs and people buying expansions/and downloadable content by allowing some hackers to compromize your integrity and in additon make 6 dollars from those who don't permanently quit.
If lotro or some other company had a security system like that I'd buy "just in case".
I've seen these things used and they work very well. It's an added layer of security for 6 dollars.
And if people are worried, I would go the route of the poster who said have separate computers.
I have one computer for personal business stuff, writing, etc and one for games.
Godfred's Tomb Trailer: https://youtu.be/-nsXGddj_4w
Original Skyrim: https://www.nexusmods.com/skyrim/mods/109547
Serph toze kindly has started a walk-through. https://youtu.be/UIelCK-lldo
You'd be surprised how cheaply one can get a computer to just do banking and have your tax returns.
Essentially, all the important stuff is usually about accessing acounts online. As long as the second computer can open up a secure internet browser then that's all you need.
Godfred's Tomb Trailer: https://youtu.be/-nsXGddj_4w
Original Skyrim: https://www.nexusmods.com/skyrim/mods/109547
Serph toze kindly has started a walk-through. https://youtu.be/UIelCK-lldo
yes this post shows the reality how blizzard treats their clients, i got hacked 1 time on wow, and in aion guild wars, conan Warhammer and ltro, 0 times
so go figure what those greedy people from blizzard does with our money!
Square enix has its own authenticator and soe is developing their own. Not to mention that Blizzard gives the authenticator away for FREE on many mobile devices. HUGE PROFITS THERE!!!! Why can't players see how big a problem this is and companies are starting to fight back?
I suppose blizzard is only trying to make more money with their dial in authenticator security service. Tons of revenue to be made having players call into blizzards 800 number.
If someone has been hacked five times then odds are their email account has been hacked and all the hard drive formats in the world will not resolve that problem. The hacker can just periodically reset the players password and instant access to their account... again. I'm sure they will say he changed that too, because someone who knows how to set up the most basic levels of computer security would of course know to crawl across the room inch by inch searching for traps before entering a room, but I digress.
Anyhow, it is much more likely that blizzard or some employee has been secretly selling players account information to hackers for a few extra dollars. Blizzard either can't catch this employee or enjoys the extra $.25 profit from selling a few physical authenticators. I'm certain that makes up for all the lost subscribers and negative image given from all the hacked accounts as well as all the money they have to spend on extra customer support staff to deal with hacked players. Yep, that makes tons of sense. There is no possible way an honest to goodness network admin could have had their email account hacked and be unaware of that being a direct line to hacking their account. Nope, not a chance there.