Frustrated Player. - Blue Tracker

#0 - June 1, 2010, 8:57 p.m.

My account was "compromised" over a week ago, Blizzard promptly helped me remove the authenticator that was put on my account, which I am grateful for. Unfortunately, after 3 or 4 GM tickets, I have had the worst help with retrieving my gear. My computer is quite safe, I ran multiple scans with multiple programs. When I first got back on my account I petitioned a GM asking for help.. the reason for this is because every single one of my characters has every single piece of gear on them vendored, every single bag was vendored, my guild bank and personal bank are both raided and gone, and my rogue somehow managed to get transferred to a different server, which is where I'm assuming my 7,000gold (before all my stuff was vendored) also went. (Although my ret set on my paladin is for some reason untouched.)

My first petition I was very anxious and sat online waiting for a response. While waiting for a response in town, I got an in-game mail from blizzard stating that they're sorry they missed me because I "appear to be offline". This is just fluff and bothered me, I understand that you're busy but it would be nice to know that I'm a person that matters instead of just another number that needs to be dealt with. This is the opposite of customer support.

My second petition I got another automatic response without talking to a GM, to my frustration. However, this petition told me that my account investigation will be complete within 92 hours (most random number ever). While I do understand that this was a guess, it's now been a week since that response and I have definitely not been contacted.

My last ticket(s) basically got the same automatic responses: "We are unable to give you a timeframe or speak about the investigation." Really? You gave me a timeframe before, did you learn your lesson or what? I'm really just frustrated.

My rogue is still on another server and the rest of my characters and banks are all stripped and devoid of playability. It's been a week now, and my account expires in about week.. if this is not dealt with in the next few days, I will surely be cancelling and never reactivating my account, because this is just ridiculous and poor, poor customer service.

The whole "Make the customer feel like they matter" thing should apply here but I feel like Blizzard must be going by their own rules.

Edit: I'd also like to state that every response I've gotten said there'd be an email with more information sent to the email address registered with my account, yet I've received absolutely zero emails with my last few GM tickets. (Yes, my email is still registered properly to my account.)

Malkorix

#16 - June 1, 2010, 11:04 p.m.

First, I'm sorry to hear that your account was compromised. Before we proceed any farther though, I'd like to address the following:

Q u o t e:
I've gone through a few accounts but I've been playing since day one. Blizzard's customer service has steadily declined. I'm not that ignorant <removed> who thinks it's everyone's fault but mine, but I think Blizzard really needs to realize there's a major hole in account security somewhere, and it might not be user-side. If Blizzard was really so concerned about account security, they wouldn't have put a price tag on the Authenticator, everyone would get one with the game, so don't preach to me about that.

I've addressed this point before:

http://forums.worldofwarcraft.com/thread.html?topicId=25026402807&sid=1&pageNo=2#25

Please take the time to review my response in that thread, as I believe that it should prove enlightening.

In addition, we do take account security seriously, which is why we've adopted the Authenticator to begin with. Unfortunately, the physical token isn't manufactured by Blizzard Entertainment, and it is necessary for us to purchase it from a third party vendor. Thus, it carries a cost, though they are not a profitable item. In addition, we offer the Mobile Authenticator for free to those with compatible mobile devices. You can learn more about the Mobile Authenticator here:

Mobile Authenticator FAQ
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109

Mobile Authenticator Compatibility Page
http://mobile.blizzard.com/support-compat.html/

Q u o t e:
I'd also like to note that maybe one of the worst decisions of all time was for blizzard to make battle.net accounts email addresses. For the general playerbase this means if they ever lose their battle.net account to a scammer, their email address can also fall victim because of it.

A common criticism, but wholly invalid. Actually, a compromising party already had access to see the registered email address on an account. If anything, this change has improved account security by making one's account name changeable - an option which simply was not possible before. This criticism seems to spring from a gut reaction, rather than careful consideration.

Q u o t e:
But we'll do it at our own pace and we'll make sure to not bother extending customer service hours when a <removed> ton of people lose their accounts. We don't want to do you any favors, what's that benefit us?

We are working through the queue of reports and investigations as quickly as we possibly can. There is no room for leisure in these investigations and our 24 hour, 7 day a week staff are working as hard as they can to process every investigation swiftly and accurately.

Q u o t e:
Back in Vanilla, if the server was down or even super laggy for a day, you'd get a one day reimbursement for your account. Since then, especially with each major content patch, the game's been unplayable for entire days before, yet no reimbursements are handed out any longer.

This is simply incorrect, on both counts.

Q u o t e:
Edit: Also, I've done my research. Like I said, my account is secure. When I petitioned the GM's there wasn't a 10 day wait, the 8-10 day wait projection wasn't anywhere. It's a recent thing but that doesn't mean if I petitioned 7 days ago that I need to wait 8-10 more days. Either way, my computer is secure.

I am truly sorry, but if this were a fact - if your system and account were secure - then this compromise would not have occurred =(. Typically, if there is no trace of the origin of the compromise on your system, then this compromise resulted from a phishing attempt. Regardless, if you are to take appropriate measures to protect your account security in the future, it is crucial to accept that the source of the compromise occurred due to some circumstances within your control.

Malkorix

#23 - June 2, 2010, 12:16 a.m.

Q u o t e:
I infer from the messages both ingame and at the login screen that security as become more of a priority this is most likely due to an increase in compromised accounts in my opinion. This may or may not be the case but it did seem that was the case when I talked to the customer service rep in billing and due to my own personal experiences with restoration.

In either case it doesn't matter and is not worth arguing about . I put an authenticator on my account like I would suggest anyone that gets hacked to do the same.

Actually, I would like to state that these notification messages are shown because of an increase in the amount of phishing messages we've seen and to increase the level of general awareness regarding these security threats. After all, until the number of accounts being compromised has been reduced to zero, we'd like to see less of them. The presence of these messages is not directly related to an increase in compromised accounts though.

The volume of compromised accounts fluctuates, as is to be expected.

Q u o t e:
I put an authenticator on my account like I would suggest anyone that gets hacked to do the same.

A decision I heartily commend!

Malkorix

#28 - June 2, 2010, 1:29 a.m.

Q u o t e:
The increase in account hacks is concerning, and I honestly don't think that everything that can be done is being done. I'm not suggesting that Blizzard needs to eat the cost of an authenticator, but they could start including them with every disk that ships starting with Cata and include the authenticator in the price of the software.

Actually, there is a finite number of finite number Authenticators available to us at any given time; in fact, they used to sell out quite frequently. It is for this reason that including the Authenticators with each retail copy was not practical. If you would like to see this become an option in the future, please feel free to contribute a constructive post on our Suggestions forum to let us know.

If a Battle.net Authenticator isn't a good option for you, then perhaps a free Mobile Authenticator will do the trick:

Mobile Authenticator FAQ
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109

Mobile Authenticator Compatibility Page
http://mobile.blizzard.com/support-compat.html/

Q u o t e:
I'm curious how everyone knows that Blizzard wasn't compromised? Unless you are a Blizzard employee, I don't think you can say with any confidence that Blizzard did or did not get hacked.

I have commented on it, actually. I linked related threads in an earlier post in this thread =).

Q u o t e:
Now, that's not to say that the compromise isn't on my end; I can't say how it my account got compromised.

First, I'd like to say that it's not necessarily a good idea to rule out phishing as a source of ingress. It seems to be amongst the most common methods via which accounts have been compromised of late. Also, it's important to use more than one kind of scan; many popular anti-virus measures do not pick up and will miss many forms of spyware, which can include keyloggers. Finally, when performing a scan, it's important to have your World of Warcraft client open, with gibberish typed into the text entry fields. Some of these malicious programs 'hide' until the client is open.

Regardless, I hope our staff are in a position to help you make a full recovery and return to World of Warcraft very soon.