Concern about account safety

Customer Support
A few days ago my friends account was compromised. The culprit went and opened a ticket claiming they had gotten rid of their phone and had the authenticator on my friends account removed. My friend was lucky enough to have their account recovered but it happened to them a second time.

This evening something similar happened to a guild mate but he was lucky enough to catch it early and took precautions to keep his account in tact.

Why is this even happening in the first place? It seems kind of ridiculous that this person or group of peoples are even using this method to get authenticators removed from user accounts.

Is Blizzard looking into preventative measures to keep accounts safe from this silly scheme? I am legitimately worried that my account could be in danger of being compromised if Authenticators are being removed in this fashion.
Only one responisible for account security is you or ur friend Blizzard trusts us to make sure we keep our accounts safe by not sharing account info running virus scanners spy bot programs best they can offer is the authenticators Which isn't fool proof but secure. Best advice besides authenticator is keep ur reg email and bnet email separate.
It is possible your friend's email is also compromised. They might want to make a new gmail account and use it exclusively for WoW.
In order to remove the Authenticator the hacker had to submit a fake ID. They could only do that if they had the name, address, etc of the person they are trying to impersonate. This points to keyloggers or a phish as being the initial data source for it. If you are worried you can try the following.

1. Clean your PC. Run a FULL (not quick) Malwarebytes scan with the game up and gibberish in the login fields. When done, repeat with an udpated virus scanner.
2. Make a new email JUST for battle.net. Gmail is recommended because you can set up two factor authentication on it for security. If you have a smart phone, set it up on there too so that you see email alerts immediately.
3. Set up SMS Protect. That will prevent anyone from getting in and changing your email. FYI, to change your email they would still need your secret question but SMS makes it even harder.
Is Blizzard looking into preventative measures to keep accounts safe from this silly scheme? I am legitimately worried that my account could be in danger of being compromised if Authenticators are being removed in this fashion.

In order for this to be done they would need your log in information to at least log in on the web to make a ticket. They would also need personal info as well as the SQA or game authentication key. All of this info comes from the users end. Not blizzards. Blizzard is not handing out our info. Having an authenticator is not 100% secure. It is the best current security for your account. However you have to keep your info secure.

Have you enabled SMS protect in account management? This makes it so you get a text with a code before any changes can be made to the account. It also makes it a lot easier when we do need to make changes, like password change for example.
Well, they would not need to log in to make a ticket directly, using the authenticator removal form creates a ticket, but requires that an ID be attached.

What would be more concerning is if a third party is able to create an accurate enough ID with your full name and address, and possibly picture of you, to get it far enough to allow the authenticator to be removed. They would need to know all that and that your battle.net email account is yours. Somewhere along the line, such as via social networks or guild websites, there is enough info on the web to impersonate you to the extent of creating a fake ID.
Same thing happened to me. I have been hacked twice in the last week with an authenticator. After the first hack I changed the password to my account and my email, and had a note added to my account saying "do not remove authenticator without photo id". Someone from blizzard still removed the athenticator. I can not find any virus or malware on my system. Im starting to believe that a blizzard employee must be in on it.
Im starting to believe that a blizzard employee must be in on it.


While I can certainly understand that it may seem that way, we have been told that there is a ton of oversight on every action each employee takes. And I am not sure it would be worth opening the doors to the legal ramifications of doing such things.

I would actually be more worried that an account thief can create an accurate fake ID. That means too much personal info of you is accessible outside of Blizzard's systems.
I would actually be more worried that an account thief can create an accurate fake ID. That means too much personal info of you is accessible outside of Blizzard's systems.


While this is certainly true, most of us have a ton of personal info scattered in bits and pieces across the internet. And the picture on that fake id does not have to be accurate, the fake id has to look 100% legit.
your full name and address

You enter that info combination every time you order something, every time you sign up on a new site, etc.

Someone in my guild had an account stolen this way as well. My guildie didn't know how to fight it so the thief had their account for an extended period of time. I sent the guildie here to start the process, and it took some time but he got his account back.

It seems to me, this kind of attack is not a keylogger issue, at least sometimes. It can start with someone who knows you in real life (as was the case with my guildie). But I'm thinking it's more of an issue of a thief being able to gather information across the internet, and put the pieces together. Gaining access to an email would be only one way to do that. The thief can "prove" their identity and change the email address of the account at the same time they remove the authenticator.

As this seems to be getting more common, I think we need a strategy beyond "keep your computer clean and your information private." Those are both crucial of course. But apparently thieves are targeting authenticator protected accounts more and more, from the number of complaints we are hearing.

What can an individual do NOW, whatever their past activities regarding personal information, to ensure the safety of their authenticator protected account? As a gm, I will coerce my officers (yes I said coerce) to do an extra step occasionally. Should I tell them to change their game email account? What other security measures can they take? What is this about gmail having a 2 factor system of authentication?

And does the SMS Protect make sense when you have a key fob rather than a phone authenticator? And...no way to use it if you don't have a smart phone, right?
But apparently thieves are targeting authenticator protected accounts more and more, from the number of complaints we are hearing.


First thing is that while complaints of this thing may be up, generally, we find out that it's not. The user removed the Authenticator and didn't replace it, it wasn't attached properly, etc.

But overall, yes, they have always wanted to target them. More and more people use the Authenticator, so the number of non-protected accounts are dwindling. Above all, the more they "discredit" the Authenticator, the less people will use them.

03/28/2013 07:53 AMPosted by Nebliina
What can an individual do NOW, whatever their past activities regarding personal information, to ensure the safety of their authenticator protected account?


Overall, nothing. If someone is desperate enough to get into your account, they are going to find a way (or lock your account in doing so; another safety measure that hurts these criminals). There is no way to ensure that your account is safe. All the best security habits on the internet are vulnerable to zero-day attacks. Authenticators are vulnerable to "man in the middle" attacks.

That doesn't mean don't try, of course. Use every security method Blizzard has, because they are fighting the same fight as us. Protect your computer as best you can. But it is always a reactive system. We (and Blizzard) have to react to what they throw at us, and sometimes, it's not going to be fast enough.

Join the Conversation

Return to Forum