** Computer Security Recommendations **

#0 - Sept. 19, 2007, 9:16 a.m.
Blizzard Post
Malware designed to target World of Warcraft account owners continues to circulate. We'd thus like to remind players to be especially vigilant of such potential risks and actively work to maintain the security of their computers and accounts.

Below you will find information on how to update, identify, remove, and reduce the threat of malware on your computer.

Table of Contents:

This information is also available here:

#1 - Sept. 19, 2007, 9:16 a.m.
Blizzard Post
The first step in securing your account following a period of unauthorized access is to identity malicious programs installed on your computer system. In order to verify if a key-logger or trojan has infected your computer, it may be necessary to review the processes which are running on your computer. Below, you will find methods to help identify these malicious processes.

    Process Library:

    ProcessLibrary.com is a free tool that provides the latest information about spyware, adware, viruses, trojans, system processes and other common applications. We highly suggest you use this program to have a better understanding of what is currently running on your machine. You can download it for free here: http://www.processlibrary.com/

After identifying possible threats, it is important to remove malicious programs from your computer. We recommend that you continue on to the next step even if you were unable to identify anything out of the ordinary.

Next step (Removing Malicious Programs): http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1&pageNo=1#2
#2 - Sept. 19, 2007, 9:17 a.m.
Blizzard Post
An important step in account and computer security is to ensure that no viruses, key loggers, or Trojans are installed on your computer system. Key loggers are a type of program that can both record your key strokes and access information saved to your computer's clipboard (like your account name and password), and Trojans are a type of program that can allow an unauthorized party to access to your computer system remotely. If these malicious programs are present, your account may be at risk of compromise.

Fortunately, there are many different types of software available to help you identify and (if necessary) remove such malicious programs from your computer system. Please take some time to review the following recommendations to determine what Internet security software may be best for you.

(Disclaimer: Although we recommend Internet security software, we cannot directly support it. Please contact the distributor of the software for information and product support.)

    Antivirus Software:

    Antivirus software is a type of program that scans a computer's memory and storage space to identify and eliminate viruses. We recommend that you install and then run more than one antivirus program while the World of Warcraft launcher open, as some programs may be able to detect what another cannot. To avoid complications with the software, however, please do not run multiple antivirus programs at once.

    • AVG Free
    • Kaspersky
    • Malwarebytes
    • Moosoft
    • NOD32
    • Symantec Security Check
    • Outpost Security Site PRO
    • Trojan Remover
    • Avast!

    Macintosh specific:

    • Symantec Antivirus

    Anti-Spyware Software:

    Anti-Spyware software is a type of program that scans a computer's storage space and services to identify and eliminate programs designed to monitor computer usage beyond the user's acceptance. Among many technical issues, spyware can also cause crashing, minimizing of the game window, and connection issues. We recommend that you install and then run more than one anti-spyware program while the World of Warcraft launcher open, as some programs may be able to detect what another cannot.

    • AdAware
    • Microsoft Windows Defender
    • Spybot-Search & Destroy

    AVG Root Kit:

    Some viruses can embed themselves deep in the system. You can also try the following AVG root kit to check if this may be the case. You can find the root kit in the AVG Internet Security Suite.

After you are confident that all malicious software has been removed, it’s important to keep your computer clean and secure to ensure no further issues occur.

Next step (Protecting Your Computer): http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1&pageNo=1#3
#3 - Sept. 19, 2007, 9:17 a.m.
Blizzard Post
Now that your computer is free of viruses, key loggers, Trojans, and spyware, we suggest taking time to protect your computer from future issues by improving your computer’s security. Be proactive when it comes to computer security.

    Computer Updates:

    If you are using Windows, please ensure that you have the most recent security and service packs installed. These security and service packs often include resolutions for security risks and updates for built-in security software (like the Windows XP firewall). You can access the most current updates at any time by visiting the Microsoft Windows Update page (http://update.microsoft.com/).

    You can also turn on Automatic Updates by completing the following steps:

      1. Click Start, and then click Control Panel.
      2. Depending on which Control Panel you use, Classic or Category, click on System and then on the Automatic Updates tab or click on Performance and Maintenance, System, and then on the Automatic Updates tab.
      3. Select the option you prefer and click "Ok." Make sure that Automatic Updates is not turned off.

    If you are a Mac user, you can check for system and security updates here (http://www.apple.com/softwareupdate/). Apple security updates may also be found here (http://support.apple.com/kb/HT1222).

    Firewall Software:

    Firewall Software is a security system which helps protect a computer or network of computers against external threats (like hackers) from another network (like the Internet). A firewall can prevent your computer from communicating directly with computers outside of your network and, similarly, prevent computers outside of your network from communicating directly with your computer.

    • Windows XP SP2 Firewall (included and enabled by default on all Windows XP systems updated to Service Pack 2)
    • Zone Alarm
    • Sygate

    While firewalls do provide added system security, they can affect connections to our game servers. Please view our Advanced Networking Information page (http://us.blizzard.com/support/article.xml?locale=en_US&articleId=21086) for suggested firewall settings.

    (Disclaimer: Although we may recommend firewall software to assist with computer security, we cannot directly support it. Please contact the distributor of the software for information and product support.)

    Web Browsing Safety:

    It's important to remain cautious of potential security risks even when browsing the Internet. These risks include, but are not limited to, malware (viruses, key loggers, and Trojans) and phishing websites.

    To help combat these risks, please ensure that:

    • Your web browser is up-to-date and running on the latest version.
    • Any built-in phishing filter is active.
    • You complete any Adobe Flash Player updates as they become available.

    FireFox users may also download and install NoScript and Flashblock. NoScript and Flashblock are two free extensions available for mozilla-based clients that restrict the execution of plugins to a list of trusted websites (managed by the user) and block all Flash content from downloading until authorized, respectively. More information about NoScript (http://noscript.net/) and Flashblock may be found here and here (https://addons.mozilla.org/en-US/firefox/addon/433).

    (Disclaimer: Although we may recommend web browser software to assist with computer security, we cannot directly support it. Please contact the distributor of the web browser or software for information and product support.)

    Email Security:

    Ensuring that your registered email address is secure is a very important part of account security. Your registered email address not only serves as a primary point of contact with Blizzard Entertainment, but it also functions as your Battle.net account name. We encourage you to review the security of your registered email address and take the appropriate steps to make it as secure as possible.

    The most direct way to increase the security of your registered email address is to ensure that it is unique to your Battle.net account. If your current email address is not unique to your Battle.net account, we strongly recommend that you take some time to set up a new one. Make sure the username and password for this new email address are exclusive; do not use a username and password that you've used online before.

    Once registered, keep this email address as isolated as you can and do not associate it with any other service besides Battle.net. In addition to increasing the security of your account, this will also help reduce the reception of phishing emails.

    It's important to periodically check your address' filters and rules.

    The first thing to check for is the unauthorized set up of mail forwarding. Some malicious parties will attempt to compromise a registered email address and, if successful, enable this feature. Once set up and enabled, the mail forwarding feature will create a duplicate of every email sent to your registered email address and automatically forward it another email address. This means, for example, if Blizzard Entertainment sent you an email regarding a password reset or your Secret Question/Answer, it would be automatically forwarded to another location. To learn more about unauthorized mail forwarding and how to disable it, please go here (http://us.blizzard.com/support/article.xml?articleId=28585).

    The second thing to check is the "whitelist" (or "safe list") for your email address. The "whitelist" is a list of contacts, managed by the user, from which email is authorized. Emails sent by any contact on this list will not be filtered to Spam, Junk, or Trash folders. Please ensure that both @blizzard.com and @battle.net are added to your email white list. For more information about this process, please go here (http://us.blizzard.com/support/article.xml?articleId=21485).

    Should you be unable to register this new address yourself, please contact our Billing & Account Services Department for assistance.

    Battle.net Authenticator:

    The Battle.net Authenticator is an optional tool that offers World of Warcraft players an additional layer of security to help prevent unauthorized account access. The Authenticator itself is a physical “token” device that fits easily on a keyring.

    The Battle.net Authenticator is able to be purchased directly from the Blizzard Store (http://www.blizzard.com/store). For more information, please review the Blizzard Authenticator FAQ (http://us.blizzard.com/support/article.xml?articleId=24660).

We cannot stress the importance of account/computer security enough. Thank you for taking the time to address any security issues you may be experiencing. If your computer was accessed by an unauthorized third-party and you require further assistance, please review our Account Compromise Info Center for step-by-step instructions.

Next step (Account Compromise Info Center): http://forums.worldofwarcraft.com/thread.html?topicId=14318909866&sid=1
#4 - Sept. 19, 2007, 9:19 a.m.
Blizzard Post
Thank you for taking the opportunity to review this thread in an effort to improve your computer’s security – we truly appreciate your attention to this matter. We understand that this thread is largely reviewed by players whose accounts may have already been accessed by an unauthorized third-party, and would, therefore, like to provide you with an abbreviated look at the steps required to recover and report a compromised account.

    Account Recovery:

    In many cases, a malicious third-party will change the password and/or registered e-mail address tied to a World of Warcraft account in an attempt to make the account inaccessible to the registered user. Should you experience this, our Login Support page (http://www.worldofwarcraft.com/loginsupport/) may allow you to recover your password or change your e-mail address if you are able to provide the necessary information; however, this retrieval process will be disabled if too many password retrievals and/or e-mail change requests are received in a short period of time. If you are unable to successfully recover the account using Login Support, please call our Billing and Account Services Department for further assistance.

        Billing and Account Services
        Live Representatives Available Mon-Sun, 8am to 8pm PST
        For phone assistance please call: 1 (800) 592-5499 || 1 (800) 59-BLIZZARD
        • Players in Australia should call 1-800-041-378
        • Players in Singapore should call 800-2549-9273
        • Players in Chile should call 1230-020-5554
        • Players in Mexico should call 001-888-578-7628
        • Players in Argentina should call 0800-333-0778
        • All other international players should call: (949) 955-0283

    If your account is inaccessible because your account was banned or suspended, please compose a brief e-mail stating that you believe your account has been compromised and send it to wowaccountadmin@blizzard.com.

    For more information regarding account recovery, please review the following thread:


    Initiating an Investigation:

    We understand that you want to return to the game with your inventory intact, and we, too, would like nothing more than to make that happen. Therefore, we encourage you to let us know your account has been compromised as soon as possible by opening an in-game petition. Alternatively, you are more than welcome to e-mail us at wowgm@blizzard.com if you are unable to access your account.

    If an unauthorized character transfer, name change, or re-customization has been initiated by the unauthorized party, please let us know by submitting one (or all) of the following web forms:

    Should you or a loved one witness a compromise in progress, we encourage you to open an in-game petition so that we might begin the investigation process as soon as possible.

    For more information regarding the investigation process, please review the following thread:

For an in-depth look at the steps that need to be taken to recover an account and the characters/items/gold lost as a result of unauthorized access, please review our sticky dedicated solely to this subject here:

Thanks again for your attention!
#5 - Sept. 19, 2007, 9:19 a.m.
Blizzard Post

#6 - Sept. 19, 2007, 9:21 a.m.
Blizzard Post