Hopefully clearing a few things up…

Jun 08 2010 Published by jayras under Posts

I see it all the times in the forums.  I even have it asked me a few times:

How can this possibly happen to me, I scan and update and I never go to any untrustworthy sites…or…and…or…or…and…and

So I can never get hacked.

Everyone can get hacked.  There is no immunity.  There are only safeguards you can put in place that will help you be on the list of those that, so far, have never been hacked.

You play World of Warcraft.  You are on the front lines!!  You take all the safeguards you can and you reduce your risk of being an easy target and you may never get hacked.  But only by perseverance can you say that, keep up the wards, keep up the security.  Keep reading and informing yourself on how to protect yourself.  Never get arrogant and think you are immune.  No one is, you just have levels of risk vs. reward for the hackers.

Here are a few points I get asked a lot:

1. I scan and I scan, I keep my AV Software up to date and I never get viruses.

OK, that is really good practice.  Keep it up.

However, Hackers are doing the same thing.  And they are developing their viruses to get around them.  Look through the Virus DB at McAfee or Symantec.  There is a gap between a new virus outbreak and when the AV Software has updates to combat it.

Some AV Software assists in the by looking at behavior and quarantines anything outside of “normal” Behavior, which can also be affective.

2. I never go to any untrustworthy sites.

Oh really?  Do you use IE?  Do you see Ads?

Then you go to untrustworthy sites.

I saw on the forums last night that this one guild had a dozen members hacked in a week.  Of course he was blaming Blizzard for everything, but one thought occurred to me….

Does the Guild have a website?  Is it on one of the free guild portals?  Oh, it is?  Ads and keyloggers, unfortunately, go hand in hand.

Also, there is this bit of news:

http://www.tgdaily.com/security-features/49744-go-daddy-counters-php-hack-attacks

So, even the “Safe” Websites are not immune to providing you with a neat package that can easily be a key logger.

If you are in a guild, and you see a lot of people hacked in a short timeframe, first thing to ask is “Do you all go to the guild website?  Do you all use IE?”

Yes, I’m picking on IE, but with Firefox (and other browsers) it’s really easy to turn off Ads so they just don’t download.  I’m not talking about “pop-up blockers” that’s the thing of the past and only new, desperate hackers use that trick these days.  No, I’m talking the ad banners that are on the vast majority of websites these days.  Many of them Flash…which is actually ahead of IE in regards to security flaws.

Which is the way to choose the browser you use.  Do a little research, find out which browsers can help you stay free of attacks…look for a browser that has all the features you want and hasn’t been compromised a ton of times.  IE8 is still too new to tell, but again, with Flash and these damned ads you’ll more than likely get hold of something that you won’t like.

3. I haven’t logged in for MONTHS, my account is inactive I couldn’t possibly have been hacked.

This is one of the biggest misconceptions I’ve been hearing lately.

A few days ago I posted a link to Symantec’s blog on how they found a DB with over 2 million gaming logins.

And that was just one DB, there are probably a dozen more like it.  Issue with something like that is it takes a lot of time to go through, even with a bot network.  So, you could have been hacked 6 months ago, and they finally got to you didn’t they?

Of course you are safe, because you change you password once a month.  Don’t you?  Oh?  You don’t…well, how do you know your password is actually safe then?

Comments are off for this post

Ͼ http://www.pthkm.com/xpjylc/ http://www.pthkm.com/bgylc/ Ͼֳ http://www.pthkm.com/pjylc/ ewinֳ http://www.ybewv.com/ewinylc/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ Ŷij http://www.aojxq.com/amdcgl/ bet http://www.lpmwq.com/bet365ylc/ ȫѶ http://www.wfgpb.com/qxwgw/ 188 http://www.ywiql.com/jbb188gq/ bet http://www.nwiza.com/bet365ylc/ 365 http://www.rvodp.com/bet365tyzx/ Ͼ http://www.yjzhv.com/smxpjgw/ Ͼij http://www.utssx.com/ampjdc/ ˹˶ij http://www.bkrft.com/amwnsrdc/ Ͼij http://www.bkrft.com/pjdc/ ƶij http://www.bkrft.com/yddc/ Ŷij淨 http://www.bkrft.com/amdcwf/ ȫѶ http://www.bkrft.com/qxwzx/ ˹ά˹ij http://www.fldwd.com/lswjsdc/ ζij http://www.fldwd.com/lwdc/ ŶijЩ http://www.fldwd.com/amdcynx/ ij http://www.fldwd.com/mddc/ ˹˶ij http://www.fldwd.com/wnsrdc/ Ͼij http://www.yuwew.com/amxpjdc/ ĥij http://www.yuwew.com/mddc/ ijϷ http://www.yuwew.com/dcyx/ ĥƽij http://www.yuwew.com/mdhjdc/ ĥij http://www.hgvnk.com/lwmddc/ Űټ http://www.hgvnk.com/ambjl/ ټϷ http://www.hgvnk.com/bjlyx/ ˰ټ http://www.hgvnk.com/zrbjl/ http://www.dnczv.com/bcw/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/amdc/ ֳ http://www.yjzhv.com/ozylc/ Ŷij http://www.luyouren.com/aomenduchan/ bet http://www.lsylnj.com/bet365/ Ŷij http://www.lsylnj.com/amdc/ ټ http://www.lsylnj.com/bjl/ http://www.lsylnj.com/bcw/ ˹ http://www.lsylnj.com/wnsrylc/ Ͼ http://www.lsylnj.com/xpjylc/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinyulechen/ bet http://www.luyouren.com/bet365/ ټ http://www.luyouren.com/bjl/ Ŷij http://www.luyouren.com/amdc/ Ŷij http://www.luyouren.com/amduchan/ Ŷij http://www.luyouren.com/aomendc/ Ŷij http://www.luyouren.com/aomenduchan/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinylc/ ewinֳ http://www.luyouren.com/ewinylchen/ ewinֳ http://www.luyouren.com/ewinylec/ ewinֳ http://www.luyouren.com/ewinyulc/ ewinֳ http://www.luyouren.com/ewinyulechen/ http://www.dnczv.com/bcw/ ټ http://www.dnczv.com/bjl/ bet http://www.dnczv.com/bet365/ ˹ http://www.pthkm.com/wnsrylc/