I feel dirty

Q u o t e:
Over a week ago, it finanally happened to me. My account got compromised.

I haven't been on my machine for about 4 days, logged on Saturday morning only to find out that my account was disabled. Upon further inquiries, I found that someone got into my account. Monday morning I got an email from Blizz that they changed my password and I was able to log in to survey the damage.

It was awful.

Gold, gear, everything. Gone. The utter stress, anxiety and anger I felt that weekend was unparrelled.

I had this character for 5 years. I have a few alts, but never got any passed 40s. But this Character was important to me and it got violated. Pillaged. In essence, <removed>.

What got me the most was this happened during memorial weekend. I've always told myself that if my account ever got hacked, I'd leave.

Account compromise is not an inevitability, Kharkus, though I'm deeply sorry that your account security was violated. I can imagine how stressful and upsetting this situation was for you, but I'm happy to hear that your account is in queue for investigation. No restoration is ever guaranteed, but you can rest assured that our staff will do everything they possibly can to help.

Q u o t e:
Authenticator is not an option for me solely for the reasons of all the horror stories i've read about misplaced authenticators. Not to mention the added extra steps in my already too long access entry into the game.

Please forgive me for saying so, but it might be unwise to dismiss acquiring an Authenticator. It would be amongst the very best steps you can take to prevent this situation from occurring again in the future. In addition, you can avoid a 'horror story' scenario by simply writing down your Authenticator's serial number and keeping it in a safe location. You can even avoid incurring any costs if you have access to a device compatible with our Mobile Authenticator. The causes not to acquire one tend to evaporate in the searing light of practicality.

As to the inconvenience of inputting an Authenticator number prior to logging in? Personally, I feel that the slight inconvenience is a constant reminder of the extra hurdle I've put in the path of those who would attempt to compromise my account. The peace of mind is worth it.

Q u o t e:

So I sit here at a loss. It's been over a week and I haven't heard much. I haven't closed my account as yet as I'm waiting to see if my items can/will be restored or not.

Is there a chance I won't get my gold and items back? Or is this a lost cause?

That depends on the circumstances. Our staff might be able to help you get back on your feet and playing anyway, even if a full recovery isn't possible.

You'll find out when we do: when your investigation is complete. I wish you luck on a full recovery.

Q u o t e:
If they have my name, address, secret answer, and phone number.

They'd still need to have your Authenticator Serial number. Without that information, more elaborate identity verification steps are necessary before an Authenticator will be disabled.

Q u o t e:



That is EXCELLENT.

I was literally prepared to cancel my 5 year account, but friends told me to hang on, that Blizz will fix it.

So I'm much more hopeful today than yesterday that my account will be back to normal. It was depressing logging in to see him stripped bare with nothing but pvp gear on.

So I rolled up a new toon on another server, just to keep my mind busy till this get's resolved.

So I'm hopeful.

Very hopeful indeed.

I'm delighted to hear that you're feeling better, and I really do hope that our staff are in a position to help.

Q u o t e:

Out of curiosity, what elaborate forms of identification would we need? I recently lost my Authenticator, and I want to be prepared when I call in. Also, even though I lost my authenticator, I'm gonna put another one on from the iPhone app. They are completely worth it. I was hacked once too, and felt violated and terrible. The authenticator was a worthy investment.

If you are requesting the removal of a legitimate Authenticator from your account, and you don't have the serial number, then you'd more than likely need to fill out a Terms of Use form, and supply legal identification:

Battle.net Terms of Use Form
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26361

Q u o t e:


No, I never did. My neighbor freaked when I told him and he didn't log on again until he ran a full diagnostic scan and it came up clean.

My wife ran several scans as well as several malware software some folks here recommended and didn't see what was affected but I did see some repaired items.


It's odd, because like other posters here, I rarely if ever surf the net on my home computer, primarily to avoid getting hacked. I never open an email if I don't know the person and never click on links on the forums.

So I'm at a lost as to how this happened. Could be anything.

All I know is I can't bear to go through this again.

It can be tough to find the source of a compromise, and if it originated with a successful phish, then there won't be any traces to refer back to.

It can help to run a battery of scans, and to have the World of Warcraft client open with gibberish typed into the text entry fields as well, since some of the keyloggers are sneaky enough to hide until those conditions are fulfilled. It's also probably best to restrict your log-ins strictly to systems that are under your control, and which you can secure personally.

Q u o t e:
FOR THE BLUES! I SALUTE YOU!

The best advice I personally can give anyone is plain and simple.

This is the voice of experience as I was keylogged and hacked by a gold site 2 weeks into playing.
No I did not buy a single thing from said gold site.

Ok Best tips :

1: Never even out of curiosity go to any hack, gold selling, exploit or cheat sites, or youtube videos about the above involving wow. You can get a keylogger from viewing a web page and currently from an exploit of adobe flash player on youtube. I was hacked by looking with curiosity at what a gold seller site does after seeing the Ni Hao video. Stupid noob thing to do.

2: If you run a pc and windows , get Microsoft security essentials and always let it be active. It has caught the most minute things on web pages. As the Blues always say.. Malwarebytes every other month for me is the way to go. Haven't found anything but hey that's good huh?

3: GET AND USE AN AUTHENTICATOR. Stated loudly because it is still the best line of defense other than being safe online. 2 seconds of extra login.. 1 year no hacks!

4: and the one I have seen as well.. if you don't have an authenticator or even if you do, never share your account info with anyone. I have seen former guildies screaming about how some friend of their brother or sister stole their account , because said dumbass had taped their name and pass on the monitor.. DUH!

5: if you get an email that says it's from blizz saying your account is suspended, click this link for more info.. DONT! Just get out of your mail, and go login.. if you get in.. it's not suspended.
If you get an email from blizz saying that you have gotten a beta key, do not follow any link or url address on it.
Go to the wow homepage, go into account management, there will be info there.

6 :NO BLIZZARD site has a login page asking for real name, password, account name, and authenticator serial. if it isn't battlenet and you aren't sent there from an official Blizzard page, Don't enter 1 thing get the hell out of there and run a malware viral check.

7: Always get your addons from a reliable website like curse.com. And if there are hotlinks to addon sites on the top or sides of the search engine you looked them up on, do not use those links. 80% at least of them are goldsites, or exploits putting maleware on your rig,

Whew.. Wish i could post this a million times or put it as Page one on the Blizzard/ Wow Website and game manuals. Of course people will ignore it and go.. it wont' happen to me. I don't need to spend 6-7 bucks for an authenticator, its too much hassle or too much extra to bother.. I'm safe.

then we'll keep seeing threads like this.. because as Ron White Says.."You can't fix stupid."

I salute you back - there's some great advice in there ♥!