So I got hacked...

#0 - Oct. 10, 2010, 1:13 a.m.

I have 2 accounts one that was active and one that was activated by whoever hacked me using a prepaid card. I used the Blizzard recovery feature and it worked great for one account, but the account that was reactivated, it did not work, even though I got emails saying the items had been recovered.

This causes several problems. I don't want the second account activated at this time and I don't care if it is deactivated again, but if I can not reequip all my items before the account is closed again, they will be deleted from my mailbox in 30 days. I have some very good gear on these characters and also have thousands of gold on them and it will be lost if I can't get them back onto my characters in the next 30 days.

Second, FOR GODS SAFE LEARN TO FORMAT THESE EMAILS! They have a serious wall of text problem that makes them nearly impossible to read. I don't mind the items be all bunched together, but there is no spacing between these and other parts of the email.

Finally, the email says this: "Please keep in mind that each account is permitted a limited number of instances in which the GM staff may assist with the recovery of virtual property or progress that has been lost. Although we understand that the occasional mistake can be made, we encourage players to exercise caution and minimize such situations to avoid future need of restorations and GM assistance."

I could make my account much safer if I could use something OTHER THAN MY EMAIL ADDRESS THAT IS ALL OVER THE INTERNET for my user name. As for keeping my account information safe, I have no addons installed, I have NEVER given my password to anyone (of course EVERYONE I HAVE EVER SENT AN EMAIL TO HAS MY USERNAME), I Have done a virus scan, a rootkit scan, a spyware scan, I'm currently running a full windows defender scan (because it's about the only scan I have not run), but so far there have been no problems found. Everything about this screams that Blizzard has failed to keep my account information safe.

P.S. Don't even think about telling me to get an authenticator.

Orlyia

#30 - Oct. 11, 2010, 7:54 a.m.

Sorry, I not only think about it - I'm going to heartily recommend you get an authenticator :)

Really, they are the very best extra layer of security you can provide an account. This would NOT have come from our end, Kinee, although pinpointing where a security breach is can sometimes be a daunting proposition.

Malware is common, but not by any means the only way these thieves trick players or outright steal their account information.

Using the same passwords anywhere else is risky, especially websites.

Make sure all your applications are up to date, Flash in particular has updates frequently.

Make sure you are using sufficient scanners (updated) to detect the various types of malware running around. Not all scanners are going to catch all infections - and NO scanner will catch something until it's been identified in the wild and patched to look for it. No one can protect against a zero day exploit if they are unlucky enough to stumble across one, see my point above about authenticators :)

Phishes are another very common way they get hold of player information as well as fake look-alike websites that mimic ours and popular addon sites, with sponsored links no less.

Above all, never, ever, ever deal with these people that offer gold, paid services like powerleveling or one of the newer scams running about - RAF mounts. One of their very favorite targets is their own 'customer'. Not saying you have or ever would - but some people don't realize just how dangerous even being curious and browsing such a site they see advertised is.

We are seeing a LOT of compromised email accounts, it's incredibly important to make sure of your email security as well. Battle.net has an advantage over our old system. Simply changing your email effectively changes your account name. That was never possible under the old system.