View Full Version : My first account security compromise?

02-23-2009, 02:29 AM
Hey guys,

Long story short - I was playing around with wowmodelviewer and needed to know what rogue T7 was called, so I searched it on google and the link I clicked on took me to some account selling website. Eeek.

About 10minutes later I receive and e-mail from blizzard saying that it's against the terms of use etc. and that my account is under termination and that I needed to confirm that I am the original owner of my wow account.

So I click on the link in the e-mail (the sender address was no reply at blizzard dot com (separated and spelt out on purpose)) and it took me to a website where it looked like the login screen for account management, so I entered my account name and password, then it took me to a 'details' page with my security question and verification key for WoW and my address etc etc.

I didn't check the website address and it was called something like bitemenow.com/something/something, and now I'm shitting myself like crazy.

I changed my password asap, and forwarded the e-mail address that the e-mail was from to Blizzard and now I'm just praying that nothing happens.

Is there anything that anyone can suggest to me so that my account doesn't get stolen? - Even if it is that but still. Running virus scan atm :mad:

02-23-2009, 02:53 AM
If you've changed your password that is about all you can do apart from contacting a GM requesting that he makes a password reset. I would advise you to do so and then not login until you have bought a Blizzard Authenticator. This little token will ensure that you are the only person able to log into your account even if you told the entire world your password.

Do you have similar login details for your email and wow account?

02-23-2009, 02:56 AM
Yes I do, I'll change my e-mail right now. I've learnt my lesson from having a universal password lol.

My WoW account isn't active so that's a plus I guess.

02-23-2009, 03:05 AM
Well, I'm pretty damn sure the crackers don't want to pay a fee just to get access to your account - they'll just skip forward to the next account. Change email password and order the security token would be your best bet.

You ought to contact Blizzard to get your details changed (question, key, ect) because they have been compromised.

02-23-2009, 03:16 AM
Thank you very much hvidgaard (http://www.tankspot.com/forums/members/hvidgaard.html), put my mind at ease.

I'm waiting for Blizz to get back to me with the e-mail that I forwarded them to see if it is a scam, and when they reply to me I'll ask them if they can change my details.

02-23-2009, 04:53 AM
you're welcome :) but don't assume it to slack on other things you can do! For all we know they have a bunch of stolen CC info they'll just use to open up your account and drain it for gold.

02-23-2009, 09:41 AM
Get yourself a Blizzard Authenticator. Even with your username and password they can't log into your account in the game or on the worldofwarcraft web site.

Over the years I've learned to treat anyone asking for my personal information, account information, etc with extreme suspicion. I'll flat out challenge someone if they ask me for any information. Sadly we all live in a world where that's just how you have to protect yourself.

02-23-2009, 05:57 PM
They're sold out atm :(

I was just in a state of panic because I had been to an account selling website, I ran around the house trying to find my original WoW gamebox for the authentication code zzzz.

Changed my password to something way more secure and my e-mail, let us pray that my account doesn't get jibbed.

02-28-2009, 09:55 PM
Make sure you're running at least basic virus / anti spyware / firewall on your computer. There is a decent chance something got installed on your system (keylogger, etc).

03-19-2009, 06:07 PM
This type of attack is known as phishing, first the attacker will use a technique called spoofing to make a email seem like it came from the trusted site when actually it came from the attacker, these emails are carefully put together to try and convince the reader with social engineering that they must click on the link for a given reason.

The attacker will next encode a URL that seems that it is directing you to your trusted site when it is really taking you the attackers constructed site, designed to look just like the trusted site although the login boxes normally send the information they collect straight to the attacker and the constructed site will respond saying it had some sort of error.

This is a fairly simple attack and one than can be avoided by looking at your URL bar to make sure you are on the site you intend to be, and also remember if you ever query an email don't follow links from it, sites that you don't know although very unlikely can have browser exploits which an attacker can use to execute code to control, key log, proxy your PC to attack other PC's etc...

In terms of blizzard account security i strongly agree with Kolben in purchasing a Blizzard Authenticator just to be on the safe side.

Peace and be safe the Internets a dangerous place.

03-19-2009, 06:24 PM
^^ App Sec ?

03-26-2009, 06:26 PM
Change your password on a different computer that you know is safe.

THE FOLLOWING WILL (PROBABLY) ONLY WORK UNDER WINDOWS XP, if you use windows vista, mac OS or linux you should use a different procedure.

to find out what programs are "talking to the internet" you can open up the windows terminal (Start-->Run and enter cmd) Then type in
netstat -n -p tcp -b | more

You will get a list of programs connected to the internet, with amongst other things the IP address and which port (PID or Port) they are going through. As a general rule of thumb, any program using a port with a number bigger than 10000 can be treated as suspicious, and you might want to consider finding out what that program is.
I went ahead and deleted my IP adresses for (to me at least) security reasons, but you can see the ports listed for firefox.exe on the far right of the terminal.

http://img120.imageshack.us/img120/9301/tshelp.th.jpg (http://img120.imageshack.us/my.php?image=tshelp.jpg)

03-26-2009, 08:28 PM
"Buy a blizzard authenticator" is a nice theory, but so is communism. Like communism it doesn't work in practice.

The things have been sold out ever since I've ever heard of them. They are an ideal and highly secure system that is utterly impossible to actually do.

Regarding other protections, be careful of anti-virus software. A lot of people assume they can't get issues if they have one, but anti-virus software merely protects you from viruses, not other problems.

I've had a lot of success with a program called Malware Malbytes in the past, and recommend it highly. It searches for anything... phishing software, keyloggers, viruses, ad software, etc.

As a final note, we recently had a friendly guild hacked when one of the officers' computers was returned from a service with a shiny new keylogger installed. Guild bank was stripped, and his character nude, all equipment sharded and sold.

Run any checks you need to do any time someone gets access to your machine that you don't know.

There's more money in a WoW account these days than there is in a stolen credit card. Food for thought.