How can I stop this from happening to me

To quote a phrase from a popular set of books: Constant Vigilance.

As a holder of a WOW Account you are one of the primary targets.  Even bank hacks/phishes have seem to drop off the map.  All I am seeing is targeted to WOW Accounts.

So, as a WOW Account holder it is up to you to keep up the vigilance to protect yourself.

  • Anti-Virus.

Primarily you need Anti-virus.  And beyond that you need to keep it updated.

I’m not going to get into the debate on which one is better or which one is more effective.

They are all pretty effective against known viruses, malware, spyware and key loggers.

They are all pretty ineffective against the ones they know nothing about.  This means new viruses that have yet to hit the definition files.

But, the best anti-virus software in the world will be rendered completely useless if you do not keep it up to date.  Most of them have a pretty good scheduled to ensure it checks for new definitions.  Make sure that is happening, and unless you have concerns about bandwidth costs make sure its checking at least once a week.

  • Anti-Spyware

In addition to Anti-virus I would recommend performing an independent scan using a target anti-malware application, like Ad-Aware, Malwarebytes, Windows Defender or something similar.

These are targeted more to the malware and keyloggers that are out in the wild now, and are typically updated more frequently on those types of hacks than anti-virus is.

(Use both, don’t forgo anti-virus because you have spyware removal.)

  • Common Sense.

It is said that Common Sense isn’t that common, but you need to make sure you use it.  Especially when it comes to the e-mails and messages you will be (if you haven’t already been) receiving.

Remember the e-mails you receive may not be from the source you think they are.

Double, triple, quadruple check the e-mail source before clicking on any links.

Or, better yet, don’t click on links at all.

If it’s actually FROM Blizzard they’ll be linking to the World of Warcraft or Blizzard sites, just type in the addresses manually (Or use a previous bookmark…which is better if you can’t type very well.)

If you get offers for free stuff for absolutely no effort beyond “Just login here and accept your gift” then there is a REALLY Good bet its fake.

If Blizzard really wanted to just give you something for free and no effort they would just send it to you (Which they have done in the past…its not unprecedented.)

There is very little chance that Blizzard will want you to click on their own website to login to their own system to send you an item in their own game when they could just send it to you.

Now, there are a couple of exceptions…like the Core Hound…but they want you to do something ELSE first (Not just login)

Same with the penguin.  They wanted you to change your login from the old style to the Battle.net login…so again, you got something for free for doing something (Not just logging into a website.)

If it is some third-party that will give you something for free for registering, make sure you know and trust the third-party.  And again, don’t be afraid to not click the links.  Most cases these third parties you will know and will be easy to just type in their address, or at the very least find it on Google.

…For example, I got a battle bot pet thing from Mt. Dew by registering with their site.  But I know Mt. Dew and I felt fairly safe registering with them.  BUT, even with that, I had to also login to my Battle.net and agree to join the two accounts.  Mt. Dew didn’t ask me for my WOW Password at all, it was done jointly..

  • Authenticator.

You hear it all the time…”Buy the Authenticator and make yourself more secure.”

This isn’t just some clever marketing message.  This is the truth.

The Authenticator is a proven system that is used by a wide number of financial institutions for high security.

Its method of generating the one use keys have yet to be cracked at all.  The only way a hacker could get in using your authenticator is by a very complex hack called “Man in the Middle.”

This hack requires software installed on your end (A virus typically) that intercepts your communication between you and Blizzard, so when you are typing in your username, password and authenticator key and hit send you aren’t sending to Blizzard, but to a hacker, who then sends it to blizzard on his end.  This way the Hackers get authenticated and not you.

The coordination this takes makes this low risk (Although it does happen) and is high risk for the Hacker…as he is present with an open connection to his machine and is thus opening himself up for detection and potential hacks.

Authenticators are so trusted, and are so virtually foolproof that even the hackers use them.  If you don’t have an authenticator what typically happens these days is the hacker puts one on your account.  The reason for this is two-fold…

One, because the Authenticator is so foolproof it solidifies his hold on the account.  It means you have to go through even MORE hoops in order to prove your account is yours.  This gives the hacker more time to clean you out and do other nefarious things he feels like with your account.

Two, the hacker is attempting to “cheapen” this solution in the eyes of the customers.  They hope to put more distrust in the minds of the Blizzard customers to make them think the Authenticator isn’t that secure because, after all, the hackers are using it aren’t they?  Its kind of hacker reverse psychology marketing trick.

(Like people trying to make you think $19.95 isn’t Twenty bucks.)

Also, the Authenticator itself is fairly cheap.  It’s only $6.50 (Plus shipping)

If you happen to have a device that is compatible, you can get the Authenticator app for free on that device (Typically on “Smart Phones” were you are able to download and install an application.)

  • Ad Blocking.

Ads, unfortunately, have been a big source for hackers to get malware onto your system.  Especially flash adds.  Flash has had the worst track record (Yes, worse than IE) for security holes.  But beyond flash Hackers have utilized every trick in the book to use ads to gain access to your system.  Ironically enough there has even been confirmed reports of malware with a keylogger making it onto systems from ads viewed on World of Warcraft’s official forums.

There has also been confirmed keyloggers placed on systems through adds on Alakhazam’s, Curse and other fan sites.  So, in general I avoid using IE, removed flash from my system and use Adblock plus on my Firefox.  Some will go so far as to say use Script Blockers, but that makes the web SOOOO bland and useless that I only advise that for the most experienced of users that know how to properly configure (Which requires constant tweaks) for Script Blocker.

All of these should give you a higher chance of keeping the hackers at bay.  Nothing is foolproof and for every block Blizzard, you or anyone tries to put up, the hacker is looking for ways to circumvent.  It is an unending battle that has been going on for 30+ years and will probably never stop.

2 responses so far

  • Mike says:

    Would like to point out that the software authenticator is free.

    • JayRas says:

      Correct,
      The software authenticatore is “free” if you have already forked over the hundreds of dollars plus the extra $40 a month for the device to use it on.

Ͼ http://www.pthkm.com/xpjylc/ http://www.pthkm.com/bgylc/ Ͼֳ http://www.pthkm.com/pjylc/ ewinֳ http://www.ybewv.com/ewinylc/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ Ŷij http://www.aojxq.com/amdcgl/ bet http://www.lpmwq.com/bet365ylc/ ȫѶ http://www.wfgpb.com/qxwgw/ 188 http://www.ywiql.com/jbb188gq/ bet http://www.nwiza.com/bet365ylc/ 365 http://www.rvodp.com/bet365tyzx/ Ͼ http://www.yjzhv.com/smxpjgw/ Ͼij http://www.utssx.com/ampjdc/ ˹˶ij http://www.bkrft.com/amwnsrdc/ Ͼij http://www.bkrft.com/pjdc/ ƶij http://www.bkrft.com/yddc/ Ŷij淨 http://www.bkrft.com/amdcwf/ ȫѶ http://www.bkrft.com/qxwzx/ ˹ά˹ij http://www.fldwd.com/lswjsdc/ ζij http://www.fldwd.com/lwdc/ ŶijЩ http://www.fldwd.com/amdcynx/ ij http://www.fldwd.com/mddc/ ˹˶ij http://www.fldwd.com/wnsrdc/ Ͼij http://www.yuwew.com/amxpjdc/ ĥij http://www.yuwew.com/mddc/ ijϷ http://www.yuwew.com/dcyx/ ĥƽij http://www.yuwew.com/mdhjdc/ ĥij http://www.hgvnk.com/lwmddc/ Űټ http://www.hgvnk.com/ambjl/ ټϷ http://www.hgvnk.com/bjlyx/ ˰ټ http://www.hgvnk.com/zrbjl/ http://www.dnczv.com/bcw/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/amdc/ ֳ http://www.yjzhv.com/ozylc/ Ŷij http://www.luyouren.com/aomenduchan/ bet http://www.lsylnj.com/bet365/ Ŷij http://www.lsylnj.com/amdc/ ټ http://www.lsylnj.com/bjl/ http://www.lsylnj.com/bcw/ ˹ http://www.lsylnj.com/wnsrylc/ Ͼ http://www.lsylnj.com/xpjylc/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinyulechen/ bet http://www.luyouren.com/bet365/ ټ http://www.luyouren.com/bjl/ Ŷij http://www.luyouren.com/amdc/ Ŷij http://www.luyouren.com/amduchan/ Ŷij http://www.luyouren.com/aomendc/ Ŷij http://www.luyouren.com/aomenduchan/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinylc/ ewinֳ http://www.luyouren.com/ewinylchen/ ewinֳ http://www.luyouren.com/ewinylec/ ewinֳ http://www.luyouren.com/ewinyulc/ ewinֳ http://www.luyouren.com/ewinyulechen/ http://www.dnczv.com/bcw/ ټ http://www.dnczv.com/bjl/ bet http://www.dnczv.com/bet365/ ˹ http://www.pthkm.com/wnsrylc/