New acct recovery form CD key questions.

#0 - Sept. 26, 2010, 6:32 a.m.

Hello again !

^_^

No I haven't been playing with the form again :D

I've been talking this up on Live Journal on this post here :

http://community.livejournal.com/worldofwarcraft/8422571.html?view=150843819#t150843819

bloodfyr there raises an important point - what if your computer wasn't clean before filling the form out and the hacker got your secret question/answer and your CD key.

I know the SAQ/A can be changed via a form to Billing with government issued ID. But what if they had your CD key as well?

Couldn't they use that to continually have your account reset using this form ?

What do you guys advise ?

Roraks

#1 - Sept. 26, 2010, 7:22 a.m.

Q u o t e:
Couldn't they use that to continually have your account reset using this form ?

What do you guys advise ?

Not necessarily Bluspacecow. Obtaining a CD key via phishing e-mails and scams has previously been a common practice for them. They key here is your e-mail account, they would first need access to it in order to reset the password and log back in.

The recommended steps are those that are highlighted under Account Recovery Before We Beginâ€¦

Including:

Change the password of your email account.

At the end of the account recovery process, we will send you an email with a link to reset your password. We strongly recommend that you change the password of your email account before reaching this step, because your email account may have been compromised as well.