There are a few ways a hacker can get your personal information and your account.
1. You download a file
I had three members of the guild hacked recently after downloading a hack for WoW 3. Downloading cracks for games or mods for games is very risky. Always run scans on the files before unzipping and using. Also, I wouldn’t recommend getting files from sites that aren’t particularly well known.
2. You visit a website and stuff downloads some information to your computer.
I was hit by this last year. Unaware this had occurred, one evening I found myself battling for password changes with a hacker. I managed to win, but a scan revealed a number of keyloggers. It took a week before I was satisfied with cleansing my computer. And now-a-days keyloggers are smarter. Some will only run once the launcher has been activated! If you are scanning your computer for them, its not a bad idea to have the launcher running while you scan in order to raise the chances of uncovering and removing them.
3. You buy gold or an account or hire a leveling service.
First you shouldn’t even buy gold – frequently gold is bought from or attained by hacking other’s accounts. The money or toon you may be buying might have been made and worked for by a friend! But many gold sites get initial information on your account simply by you buying from them. They’ll likely have your email address, the name of a character on your account and your real name. Then they may log your keys and the rest is history. Its not safe and certainly its not healthy for your community.
4. You reply to an ‘official’ blizzard email.
Don’t be fooled. Blizzard will never ask for your account name, password or other private information. The most you may get is a warning about something. Links in these emails should NEVER be followed. Look here at this example:
As you can see, the email was appearing to be sent by “firstname.lastname@example.org” and looked valid enough. However, its ALWAYS better to be safer than sorry and most phishing emails can be revealed by seeing who the mailed-by address was and not just the “from”. Gmail offers the ‘show details’ option as seen in the SS. Click it and the new information will show up.
If this doesn’t thrill you, going to links in the post and hovering your mouse over it should show an address in the bottom corner of your internet browser window. As seen in my SS, the link was named properly. But the actual adress of the link was NOT an official website. If I had visited the site I might have had something downloaded to my pc, or perhaps windows prompting for my login in formation that would have been used for something OTHER than registering a survey.
5. You get a whisper in WoW and go to the website.
There are a number of very false whispers being sent. Free mounts, accounts that are being suspended, gold for sale, etc etc. Blizzard will never whisper you about these things. Certainly not under the names the whispers are sent from. And as far as I know, a Blizzard employee will only whisper with the official blizz icon by their name in blue text. Don’t trust these whispers. Do not follow the links these whisperers try to get you to go to. The only free you will see is the free of your account kind. The only surprise you might get is the surprise of being unable to log in to your account.
OK, so you have been hacked and are locked out of your account. Maybe they have an authenticator and you cannot access your account to reset your passwords. What do you do?
-- My account has been hacked and the hackers put an authenticator on it!!! I can’t even get on my account to try to fix the information!!!! Help! ---
First, go find your software and have your serial numbers available.
Next, call billing and account services. Info is:
Live Representatives Available Mon-Fri, 8am to 8pm PST/PDT
For phone assistance please call: 1 (800) 592-5499 || 1 (800) 59-BLIZZARD
* Players in Australia should call 1-800-041-378
* Players in Singapore should call 800-2549-9273
* Players in Chile should call 1230-020-5554
* Players in Mexico should call 001-888-578-7628
* Players in Argentina should call 0800-333-0778
* All other international players should call: (949) 955-0283
be ready to give them information like your payment type, the number, the account holder name, the account name, possibly the password, and phone and email. I’m sure there is other information they might ask. If you are unlucky enough to have this happen Saturday or Sunday, just do what you can to warn people about the account breach and try not to fret too much. Blizzard replaces the stolen items (though it can take a lot of time).
--- What can I do to protect myself? ---
Most expensive but perhaps one of the most solid ways to protect your account: buy an authenticator. The authenticator has a serial number that is placed on your battlenet account and applies to any account your register to that account. Each time you go to log in, you push a button and a one time, six digit number will appear for you plug into your account each time you log in.
See this thead too from Blizzard: http://forums.worldofwarcraft.com/thread.html?topicId=14318909866&sid=1
Blizzard makes the additional suggestions:
- Complete operating system updates regularly (preferably as they become available).
- If you use FireFox, install NoScript and run it consistently while browsing.
- Run antivirus and anti-spyware scans weekly.
- Select a secure password and change it periodically.
- Never willfully share your login and password. Even friends, family, and significant others can place your account at risk.
- Be aware of "phishing" emails and websites, and do not to respond to any invalid requests. Remember that a Blizzard Employee will never ask for your password.
- Monitor the availability of your email address and do not post it publicly.
There is no way (probably) to make your account absolutely safe. But there is no reason for you to make it easy on the hacker either. Most gold sellers need to get in and out quickly. Showing you are going to make it hard for them is one of the best ways to protect yourself.
It was too late for a few of my guild members, but this knowledge is here for you now. So now you know, and knowing is half the battle. Best of luck!