Increase in hacking?

90 Draenei Shaman
10040
Is anyone else noticing an increase in the incidence of hackings of late? We've had a few recently in my guild (no one without an authenticator has enough bank access to hurt us) and it seems there are more such reports than usual in the Customer Support forum.
Reply Quote
90 Blood Elf Priest
4490
I have not personally seen any increase, and I have read the customer support forum, some of the things these players do with their accounts and then come to the forum wondering why they got hacked can be shocking

Many of the so called hacks resulted from sharring account information and from playing on computers whoss secruity was questionable

The other big one is going MIA from the game for many months.. The hackers target inactive accounts. So my advice if your active you less likely to be hacked but if you inactive, it increases the risk considerably..

So if you go inactive it might be advised to get an authenticator

About 2 yrs ago I went InActive on my account for about 3 months, when I logged back in I noted my gold was gone... And while Blizz did replace it,, it taught me a lesson get an authenticator.

Blizz does a pretty good job of getting rid of the hackers and bots but they do so in waves.. Maybe it is time for another house cleaning

Another thing that puts players at risk is gold buying..You can think your safe but months go buy and you get hacked or banned. Blizz does have software and ways to tell who is buying gold, they are not going to go around and tell what those ways are, but they do.

Gold buying can increase the risk for being hacked, It often does support the hackers and it is against ToS. Frankly it is easy to make now, so why would anyone spend real money for pixelated money is beyond me..
Reply Quote
I haven't personally but I think pretty much everyone I know has an authenticator at this point. I know my own brush with hackers happened due to a security issue on my work computer when returning from inactivity (when we left battle.net accounts didn't exist and authenticators hadn't been out long and weren't common yet which is why the hubs and I didn't have them).

It was my fault for using the computer at my family's business to set up our battlenet accounts, I should have waited, but on the other hand I am VERY glad that the only thing that keylogger got was our wow accounts for a few minutes...it could have been much worse, so in a way getting my wow compromised may have saved my family a whole lot of money since it alerted us to the keylogger on the computer.

Thanks to wonderful guildies who had stayed in touch with us during our long wow hiatus I learned of the compromise within minutes and was able to login and re-secure my account before they got the passwords changed...then it was just a matter of having items returned by a gamemaster and my fav character restored since the vile scum deleted her :)
Edited by Feyranna on 3/2/2013 6:21 PM PST
Reply Quote
64 Worgen Hunter
450
Buying gold is like buying stolen goods from a crim...... if no one brought stolen goods there wouldn't be a demand for it..... same with if no one brought gold
Reply Quote
90 Draenei Death Knight
4540
Yes, I've had a few issues recently of people trying to target one of my guilds with scams and things. I didn't even make any tickets though, Blizzard just handed back the stolen goods to me. It wasn't anything that important though, but I am glad Blizzard seems to be on top of the matter.
Reply Quote
90 Gnome Warrior
13465
I haven't noticed anything lately, but as anectdotal evidence goes - it does seem to happen in waves.

One such rash of hackings caused us to begin demoting toons to trial rank after a month's worth of inactivity and removal after 3 months inactivity. That has cut down on guild bank losses from hacked toons (although Blizzard always seemed to restore items stolen by hacked accounts, it's a hassle to have to go through).
Reply Quote
90 Tauren Warrior
9435
Another thing that puts players at risk is gold buying..You can think your safe but months go buy and you get hacked or banned. Blizz does have software and ways to tell who is buying gold, they are not going to go around and tell what those ways are, but they do.


No they don't, not really, or it would stop. *most* people get away with it or it wouldn't continue.

And the gold sellers aren't stupid, or Blizzard would have nicked the problem in the bud a long time ago.
Reply Quote
90 Blood Elf Priest
4490
03/03/2013 08:04 AMPosted by Rvalue
Another thing that puts players at risk is gold buying..You can think your safe but months go buy and you get hacked or banned. Blizz does have software and ways to tell who is buying gold, they are not going to go around and tell what those ways are, but they do.


No they don't, not really, or it would stop. *most* people get away with it or it wouldn't continue.

And the gold sellers aren't stupid, or Blizzard would have nicked the problem in the bud a long time ago.


that is like saying Cops do not catch speeders. Yes you might get away with it most of the time, but you do it often enough you will get caught.

read the Customer support forums , you might learn some things from the MVPs. Blizz does have ways to find out who purchased gold. Are they going to tell you how they do it? No they are not stupid. And it is like any thing they do , it is done in waves. You do not hear about the punishments because no one is going to come out and say they were buying gold or that they got punished for it.]
Edited by Ssinfull on 3/3/2013 9:30 AM PST
Reply Quote
90 Night Elf Druid
5980
People have been alarmed about a recent increase in number of accounts hacked since vanilla days. What actually seems to happen is that either several people in a guild share account info, one of them gets hacked, so all of their accounts are exposed, or a bunch of friends all fall for the same scam at about the same time. This doesn't mean that the total number has spiked, but does mean that an individual sees a lot more in their guild or circle of friends.

If account hacks had actually been jumping as much as people being alarmed on the forums indicated, there would be more hacked accounts than live accounts by now.
Reply Quote
90 Draenei Priest
17345
I haven't noticed an increase in hacking in my guild. We had a guy a couple of months ago who was hacked but it was the first time anyone in guild was for several months.

One thing to think about is...AUTHENTICATORS.

We require all raiders and all officers to have authenticators. Not one of them have been hacked in over 3 years. The one person who was was a F&F ranked member, which does not require an authenticator but which also has no bank access.

Pretty much everyone has a Smartphone anymore and with iPhone and Android the Blizzard Authenticator is completely free. Anyone who has an Android or iPhone and doesn't have one...well, I won't say it.

If someone is one of the few who do not have Smartphones the Keychain Authenticator is only $6.50 at the Blizzard Store. That's about the cost of a six-pack, not that expensive.

While I realize Authenticators aren't a "fool-proof" way to avoid being hacked I can say that I, personally, have had one since about the beginning of Wrath and I have, personally, never been hacked. Many other people I know who have used one for a fairly long time have also not been hacked.

I would recommend to anyone who was hacked that they get one right away.

There are also Free Malware programs that will help to clean "keyloggers" and other "cookie" type files from your PC, which also contribute to this problem.
Reply Quote
90 Draenei Shaman
10040
I absolutely recommend auths and require them for officers. The comment about guildies sharing acct info makes sense, esp as there are groups of real life friends.
Reply Quote
90 Night Elf Druid
5980
03/04/2013 08:26 AMPosted by Malorey
Pretty much everyone has a Smartphone anymore and with iPhone and Android the Blizzard Authenticator is completely free. Anyone who has an Android or iPhone and doesn't have one...well, I won't say it.


I will - it's probably someone who practices reasonable account security and doesn't want to deal with an annoying extra step when playing a video game. The idea that authenticators are somehow needed to play the game without getting hacked is simply absurd. I started playing in 2005 and have lost control of my account zero times in spite of not using one.
Reply Quote
90 Draenei Priest
17345
Pretty much everyone has a Smartphone anymore and with iPhone and Android the Blizzard Authenticator is completely free. Anyone who has an Android or iPhone and doesn't have one...well, I won't say it.


I will - it's probably someone who practices reasonable account security and doesn't want to deal with an annoying extra step when playing a video game. The idea that authenticators are somehow needed to play the game without getting hacked is simply absurd. I started playing in 2005 and have lost control of my account zero times in spite of not using one.


It's a "once a week" extra step for better account security. Not really all that annoying, in my opinion.

Even with "reasonable account security", including Anti-Malware & Anti-Spyware programs and Anti-Virus software things can still get through. I also have all of those things.

It's great that you haven't been hacked. I have never lost my account to any kind of compromise either, not even in the 2 years I played before I started using an authenticator. But it is a fairly common occurrence that can be avoided by taking a couple of simple, and not really very annoying, steps.

For those who have been hacked or known players who were (of which I know a few) and understand how "violated" one feels when something like this happens an authenticator is a simple thing that is obtainable by anyone and which interferes very little with normal log-in practices.

The vast majority of players use add-ons of some kind to some extent. We look at WoW Fansites and Information Sites. We open emails from Battle.net. We do all these things while taking "reasonable security measures" and still have our accounts compromised everyday.

I require Officers and, of course, myself to have an authenticator because of the level of bank access we have. Raiders are strongly encouraged to also have one because they have bank access that is above other "F&F" members in our guild.

For the general member of a guild I probably wouldn't say anything unless they actually were hacked, but for GL's and Officers, and Raiders to some extent depending on the bank access, authenticators are a "necessary" extra step for that next layer of added security.

For example...

If my personal account were to be compromised, it isn't just my personal property in-game that would be effected. The entirety of our Guild Bank could be absconded with, including all the funds there-in; The guild could be transferred to another server; All members in the guild could be removed. Basically, everything the members of my guild worked to create would be gone, or could be gone.

So if I took your stance of "I don't want to deal with an annoying extra step when playing a video game" what am I to tell the members of my guild when they send me a /tell asking what the bajeezits happened?

"Oh, sorry guys...I couldn't be bothered with a once a week, 3 second, annoying extra step so, Good Luck to you!"

I don't think so. I get that this is a game but I have a bit more pride in what my members helped to create than to put them in a place where there is even the slightest chance something like that could happen. In my opinion, any GL should care about what the members of their guild helped to create.

An authenticator takes all of 2 minutes to set up. The extra approximately 3 seconds it takes to log in the code once a week is really nothing at all and can hardly be called an "annoying extra step".
Edited by Malorey on 3/4/2013 1:30 PM PST
Reply Quote
90 Night Elf Druid
5980
03/04/2013 01:21 PMPosted by Malorey
It's a "once a week" extra step for better account security. Not really all that annoying, in my opinion.


The thing is, you don't get to decide how I choose to spent MY time, or what I find annoying. I do. And the implication that I'm doing something terribly wrong by not sharing your exact preferences is simply asinine. Each adult is allowed to make their own decisions about what security precautions are reasonable for their level of risk and annoyance, and they're not wrong for making a rational choice that is different from yours - especially when your 'rationale' is simply an unsupported (and factually incorrect) statement of opinion.

03/04/2013 01:21 PMPosted by Malorey
I require Officers and, of course, myself


That's completely and utterly irrelevant to what I was discussing, which was your insult to me and other people who make a choice different than yours. I have not, one single time, said that I have any problem whatsoever with someone using an authenticator, or requiring them for people who have gbank/officer/etc membership. I simply object to anyone, like you, who says (or obviously implies) that people are somehow wrong for choosing not to use one.

An authenticator takes all of 2 minutes to set up.


So what happens when I take a break from WOW, then come back months or years later and don't remember where I put the tiny device? That's more than 2 minutes to sort out. Or if I use the smartphone version, but replace my phone in the interim then have to call Blizzard and fax ID to get things sorted out when I come back? You may play WOW continuously, but not everyone is you.

03/04/2013 01:21 PMPosted by Malorey
If my personal account were to be compromised, it isn't just my personal property in-game that would be effected.


It is for me, and so would just take a ticket and a few days wait to sort out. Hardly the end of the world. However, since I don't use my battle.net credentials anywhere but the game, and I log into the game on two known computers plus the forums on one other, I would realistically only be compromised if my computer were to be compromised. I have all kinds of personal information (banking info, identification, work history, contacts, personal writings) that I worry about someone compromising WAY more than a WOW account.
Reply Quote
90 Draenei Priest
17345
03/04/2013 01:59 PMPosted by Karamoone
An authenticator takes all of 2 minutes to set up.


So what happens when I take a break from WOW, then come back months or years later and don't remember where I put the tiny device? That's more than 2 minutes to sort out. Or if I use the smartphone version, but replace my phone in the interim then have to call Blizzard and fax ID to get things sorted out when I come back? You may play WOW continuously, but not everyone is you.


If you have any kind of cellphone and don't change the number you can easily set up the SIM Security feature with Blizzard which allows you to remove a lost authenticator, reset your password and several other things with a simple text. Might take about 10 minutes if the texts come/go slowly but generally would be much less than that.

---------

I don't care if you have an authenticator, how many PC's you log into or whether or not you need any security measures at all. The OP asked if others had noticed a rise in account compromises, I simply gave her my thoughts on the matter and what I, personally do to secure my guild and account. I, personally (i.e. me, my personal thoughts on the matter, how I personally feel about it), believe that since authenticators are free to anyone with a Smartphone and rather inexpensive for anyone who doesn't that IF YOU HAVE BEEN COMPROMISED in the past or IF YOU ARE A GL OR OFFICER IN A GUILD you should have one.

I never once, at any time, said that every single person who plays WoW should have one. But, in my opinion, being that they are free to most it should be something that is at least considered, especially if you've been compromised in the past. If you choose not to have one, it's your account not mine. I don't care one way or the other really.

I don't feel that it is insulting to anyone, or that it should be insulting to anyone, that my personal opinion is that an authenticator is something to consider and the reasons I believe that to be true. Nor did I say that I wanted to choose how anyone else spent their personal time in-game or determine for them what is or isn't annoying. I simply said that IN MY OPINION there is little annoyance to using an authenticator.

I apologize if my opinion, my personal opinion that matters to no one but me, and my decision to express that opinion in any way offended you or anyone else. That was honestly not my intention.
Edited by Malorey on 3/4/2013 2:19 PM PST
Reply Quote
90 Blood Elf Priest
4490
Kara I had your attitude for 6 1/2 years I played with no authenticator.. I never went Inactive.. til that one summer when I got sick and I spent 3 months aways from the game.. I came back to an account stripped of gold.. I was lucky that is all they took.

yes I have an authentictor now.

One advantage I do not have my account locked when I play from different Ip addresses.

But maybe your like me, it will take you being hacked to learn the lesson.. I hope you continue to be lucky... but eveyones luck runs at some point in time.

You have an option to do something about it now..

What would happen I wonder if Blizz turned around to their subscrbers and say we have asked you long enough to get the authenticator, we even made it free for those with cellphones... as of this date, if you get hacked.. do not ask to have your gold restored or your toons gear restored, or even your account returned to you.... Wonder how many people would decide then to act responsively?? or Quit the game because it was simply too much trouble

But your right it is your right NOT to use the authenticator... and if and when you do get hacked.. well it will be my right to laugh and not to feel any remorse that it happened.
Edited by Ssinfull on 3/4/2013 4:08 PM PST
Reply Quote
90 Draenei Shaman
10040
I'm with Ssinful and Malorey on this one. Back when I got hacked....mid-wrath...it took days and weeks to get restorations, not hours. It was an awful experience, as many of you know. That's when I started hanging out in the Customer Service forums.

The first thing I noticed was, I had lots of company. Practically the only issue CS dealt with was hackings. Every person who got hacked started their own thread, and you could follow along the process over the time it took. Typically, the first post was....Blizzard you got hacked, and my gold is all gone and my toons are naked, fix this. The response would be "no, someone put something nasty on your computer, a keylogger, and you have to find and get rid of it." The customer would say "no no, it could not possibly be me, I work in IT and know what I'm doing, (or I never go to bad sites, or I never do anything but wow from this computer, blah blah blah). There would be some back and forth between the people helping in CS and the hacked customer, and usually someone else chiming in "no one gets hacked unless they are stupid about account security".

Eventually, the victim would grudgingly agree to run some scans, and always, always, they found the keylogger or trojan or whatever bit of malicious software had been installed on their computer from outside. Sometimes they had to be hacked 2 or 3 times back to back, but eventually they found the problem on their own computer. At that point, many began to see the value in an authenticator.

After reading hundreds of threads like this, I concluded that indeed, internet security was not all that straightforward and easy. So I've been pushing authenticators a bit, and on my friends and family I push a bit harder.

Now authenticators are commonplace, and hackings are not. Instead of dozens of threads at any one time about being hacked, there are maybe one or at most 2 and many weeks none. But I saw 2 posts in a week, and 1 the week before. That's why I started this thread.
Edited by Nebliina on 3/4/2013 5:23 PM PST
Reply Quote
90 Draenei Shaman
10040
On a related but lighter note:

http://us.battle.net/wow/en/forum/topic/7979898364
Reply Quote
90 Blood Elf Priest
12810
I haven't noticed an increase - but they do seem to come in waves, just like the cracks and exploits that bot things like mining. Someone develops a new and improved keylogger/trojan/phishing scheme, and some people get caught when it's released.

I found out the hard way that "reasonable security" isn't enough - while my more sensitive info remained untouched, my account was compromised via a keylogger embedded in an ad prior to the authenticator option. And it took three runs, one with the login screen open and filled with gibberish, to trigger the little bugger so malwarebytes could even find it to remove it.

Now if only these folks that come up with these little programs would apply their skills to something more legal and productive...
Reply Quote

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]