Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Brother's Account hacked and a mobile authent

Forum Avatar
Dominik
#0 - Dec. 31, 2009, 12:57 p.m.
Blizzard Post
My brother account has currently been hacked and we are unable to kick the player off as they have activated a mobile Authenticator as it seems. We are unable to call blizz now cause the center is closed.

My biggest question is why isnt the authenticator linked to an email activation. U pretty much get screwed and looks like the hackers are picking the appropriate time to jack your account when u can do anything about it.

Any blizz response would be great to try get this guy off but im pretty sure its all been cleaned out. im not home myself so cant ticket a GM myself.

Thx
Forum Avatar
Orlyia
#1 - Dec. 31, 2009, 1:02 p.m.
Blizzard Post
Damages usually occur within the first 5 minutes an account has been invaded, so yeah - the really important thing at the moment is finding the security breach so you can seal it - and this doesn't happen again. Prior to authenticators being added - they used to just change the email address, pretty much the same result - either needs a call to Billing to sort out first.

If an account has been merged to a Battle.net (not your own), or if an email has been changed, or an authenticator added (and it wasn't you that added it), one of your first stops is going to be Billing. They need to get those sorted out first so the rest of the processes can continue.

Billing and Account Services
Phone Support - 1 (800) 59-BLIZZ (1 (800) 592 5499)
Live Representatives Available 8AM – 8PM Pacific Time, 7-Day Support
E-mail Support - [email protected]
    Players in Australia should call 1-800-041-378
    Players in Singapore should call 800-2549-9273
    Players in Chile should call 1230-020-5554
    Players in Mexico should call 001-888-578-7628
    Players in Argentina should call 0800-333-0778
    All other international players should call: (949) 955-0283


Our Billing Support page can be found at http://us.blizzard.com/support/article.xml?locale=en_US&articleId=20606

Now, it's very very important to figure out where the security breach occurred. If they CAN get back in, they WILL be back. That, unfortunately, you can count on.

These two stickies should prove helpful. I'd also recommend doing your scans with the launcher open and some junk entry in the account ID. We've seen some nasty keyloggers pop up lately that don't want to show on scanners unless the launcher is active.

I also highly recommend changing your email password once you are certain your system is secure. They don't need into a system once they can dip into an inbox.

Also, if you have used the same password/ID anywhere else, that is a very dangerous practice - especially on websites, or social sites like Facebook or MySpace. Please do not reuse the same password you've used anywhere else.

Computer Security Recommendations
http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1

Account Compromise Info Center
http://forums.worldofwarcraft.com/thread.html?topicId=14318909866&sid=1

You may also want to look into getting an authenticator for your account. It's no substitute for good security habits, but it will keep anyone else out of your WoW account. Not to mention core hounds make adorable pets!

Blizzard Store
http://us.blizzard.com/store/browse.xml?f=c:6

Mobile Authenticator
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109

Even more core-hound goodness can be found here!

http://forums.worldofwarcraft.com/thread.html?topicId=21726114509&sid=1


I do wish you all the very best.

Forum Avatar
Orlyia
#3 - Dec. 31, 2009, 1:29 p.m.
Blizzard Post
Aye, you'll pretty much want to follow everything I've outlined above.

Also, when this is reported (once you are back in), do make sure to mention the guild bank involvement in your petition so we can have a look at that as well.