It's not fool proof because I have not checked every single post of every single thread (impossible to keep track of as 1 person).
I did however go through about 1,200 assorted posts across about 8 threads and my pattern still holds true.
Here is the pattern I have found:
In most threads the people who are reporting being compromised have a D3 or SC2 avatar. If you click the little arrow next to their name it shows your FULL btag.
For example mine is fremd#846, however when I edit my post it shows viscrom#1983. That is because my true btag is viscrom#1983.
Another pattern I noticed is a ton of WoW guys saying we're all stupid and got fished. WoW avatars do NOT show the full btag.
Having access to a btag is the GATEWAY to someone's account if there is a vulnerability. That is your unique identifier. With just your btag it would be possible to obtain all of your information if a server vulnerability existed.
So my current theory is that:
1. If you post on the forums and your full btag is posted, you are at risk.
2. If you join a public game and people can see your btag, you are at risk.
3. If you bought or sold anything on the AH, you are at risk (not because of the AH, but because there might a vulnerability that exists that allows people to get your btag).
4. If you friended anyone, you are at risk (they will get your btag).
For the sake of making the game safe, please include if you're posting on a secondary account on the forums (100% separate bnet account) while still having a safe D3 account while still showing a SC2 or D3 avatar.
Even if this is wrong, it's one less thing to worry about. I will say this though, none of my friends have been compromised and the only difference between them and I are I post on the forums and they do not. Half of my friends don't even pay attention to computer security and are generally clueless while I am the exact opposite.
It would be super trivial to make a crawler that just scoops full btags from Blizzard's forums. They could have tens of thousands of btags in a list. Your name might be next.