Help! My account has been hacked!
by Robin Torres 
Jan 21st 2010 at 7:00PM
Important note: The following guide assumes that you have not put an Authenticator on your account. There are no confirmed cases of accounts being stolen if they are protected by an Authenticator.
Did the thieves put an Authenticator on your account?
If no, then follow these steps:
- Try to recover your password: Attempt to retrieve your password using Blizzard's password retrieval form. If they didn't change the email address registered to your account, you will receive the password in your email.
- Change your password: Immediately change your password to something you don't use anywhere else and is strong (not a word found in the dictionary, has numbers that are not related to any dates that are important to you). I would also recommend throwing in a capitalized letter or two, but Battle.Net passwords are not case sensitive. (Neither were non-Battle.Net WoW passwords, by the way, so this is not a change.)
- Post on the Technical Support forums: Go to the official Technical Support forums and find the latest blue post that has something about the Authenticator being added. As of this writing, the current one is at this link, but they get locked after a while and a new one is started. You don't have to enter an Authenticator code to post in the forums, so post from your compromised account in the thread that you need to have the Authenticator removed.
Even if you have posted on the tech support forums, I still recommend you contact Blizzard redundantly. Just make sure that you mention the other methods you have contacted them as a courtesy.
- Email: You can either email Blizzard directly at WoWAccountAdmin@Blizzard.com or by using their web form.
- Phone: Call the appropriate number for you from Blizzard's Support Number list. You may be put on hold for a while and/or be asked to leave a voicemail.
While you are spending time getting your account back, the thieves are pilfering the guildbank and sending your friends/guildies tells to go see this really cool video you made. Get on your guild forums and/or vent and tell your guildies to demote and ignore your characters until you get your account back.
Follow Blizzard's instructions.
Blizzard will contact you with instructions on how to restore your account. You may have to provide notarized documentation, which can be scanned and emailed or faxed. Follow the directions carefully, as any missing steps or information will result in even more of a delay.
Get an Authenticator.
You can either order the keyfob or download an app for your mobile which is cheap to free. If you do not have a mobile which is currently supported by Blizzard and are having trouble getting an Authenticator shipped to your location, then see if a friend, family member or guildie can get one and ship it to you. The device is the same globally and therefore can be activated on your account, even if it is bought by someone in the U.S. and mailed to you. But please do get an Authenticator so you never have to go through this again.
In before the "only stupid people get hacked" comments: very intelligent, prepared and careful people get hacked every day. As social engineers get more sophisticated, new security holes are opened up in our lives all the time. I don't normally do this when I write about Account Security, but any comments that are insulting will be deleted. If you really feel that strongly about how superior you are to someone who has been hacked, please go tell your mom. I'm sure she'll be very proud of you. But the rest of us are not interested.
Please remember that account safety and computer security is your responsibility! While WoW.com has provided you with resources to additional information, do your homework and make sure you know what you're doing before installing any antivirus or other software.Filed under: Blizzard, Account Security
Reader Comments (Page 1 of 7)
Michael Sacco Jan 21st 2010 8:39PM
Hi Ctrl,
I'm Mike Sacco. You might know me from my stuff here at WoW.com, but what you might not know is that I'm Belfaire, the Blue who originally addressed that very issue on the forums back in '08.
The point of failure in this person's account was not the authenticator, nor was it Blizzard. The person shared their account. Period. You can't use that story -- where someone blatantly lied to avoid embarrassment from their guild and the WoW community over sharing their account and losing control of it -- to decry authenticators, because the story is crap.
Hope you have a good night.
Sparcrypt Jan 21st 2010 7:05PM
Authenticators are handy and all.. but I wish people would just learn a bit about basic internet security.
Saltypoison Jan 21st 2010 7:10PM
And I wish people wouldn't drive like assholes, but some things just never change. Better to at least try and teach them how to reduce the fallout.
Sparcrypt Jan 21st 2010 7:16PM
To clarify, I'm not saying only stupid people get hacked - the correct term is that only people who aren't willing to be a little security conscious do.
Basically think of it like this: taking basic security precautions on your computer is akin to being a good driver - you know the road rules and you follow them, thus greatly reducing the risk of being in an accident.
The authenticator is like putting on your seatbelt and having aribags - you still should be following all the rules but if something bad does happen, or if someone runs into you, your chances of getting through it OK are much higher.
What annoys me are the people who think they can skip first first step, learning some stuff that EVERYONE should know if you do anything at all online. Ask any security professional, the most important factor of computer security is the user themselves, regardless of any technology.
So yes, get yourself an authenticator if you want one... but please, take the time to learn a little as well.
Ilimra Jan 21st 2010 7:21PM
Like Robin says at the bottom of this post, you can know all there is to know about internet security and still get hacked. All it takes is one mistake, one click on an evil link and they can have you. And its getting worse and worse. Authenticators are more than just handy, they are becoming pretty much essential.
Robin Torres Jan 21st 2010 7:25PM
Sparcrypt, I'm on the fence about deleting your comments. Here is my issue:
"the correct term is that only people who aren't willing to be a little security conscious do"
You are skating dangerously close to sounding superior when you say "a little security conscious". Besides, being "a little" security conscious won't protect you from being hacked. Fully security conscious, say by getting the safety net of an Authenticator, will.
Sparcrypt Jan 21st 2010 7:25PM
See this is exactly what I mean - I in no way said anything bad about authenticators in my original post, just that I thought people should educate themselves AS WELL - and it's being steadily rated down.
The single most annoying thing about the release of authenticators is the creation of this annoying attitude where you have to love them completely - anyone who tries to suggest that they might only be a part of an overall security solution is written off as elitist and ignored.
Sparcrypt Jan 21st 2010 7:30PM
@ Robin
I can see your issue with what I've said.. but I do disagree with the following:
"Fully security conscious, say by getting the safety net of an Authenticator, will."
That is NOT being fully security conscious - to be fully security conscious you need to educate yourself AS WELL. Surely you must realise this.
As for sounding superior.. that is not my intention. My knowledge of computer security is higher then the average reader of this site, because IT is what I do. What I'm trying to do is convey that people need to look further then just putting an authenticator on their account then assuming that's all there is to do.
Robin Torres Jan 21st 2010 7:35PM
You are right that we should do more to keep our accounts safe -- all of our accounts. That's why the lovely swipe at the bottom links to http://www.wow.com/2009/05/06/wow-rookie-keeping-your-account-safe-and-sound/ for a comprehensive list of how to do just that.
Joel Jan 21st 2010 7:37PM
I feel like I shouldn't have to be saying this, but there are and will be zero-day vulnerabilities in browsers, operating systems, etc that allow remote code execution. The current IE issue is severe enough that Microsoft released an out of cycle patch (See Microsoft MS10-002 http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx)
And yes, I know you can improve your odds by using a different browser, but then you have to look at the zero-day exploits in Flash player, the cross-site scripting bugs that have popped up in pretty much every browser, etc.
The only secure computer on the internet is one that is not connected to the internet.
Mac users (including myself) are lower priority targets only because there are fewer of us; not because the OS is inherently more secure. As soon as it becomes financially viable, OS X will be targeted too. Same for the other *NIX users.
Basic account security should include getting an authenticator. Blizzard cannot start shipping them in game boxes soon enough.
Linden Jan 21st 2010 7:52PM
I agree with you. While having an authenticator means that your WoW account is (currently) bullet proof it doesn't mean you can't rubbish up your system. Learning to protect yourself online doesn't just mean your account, what about your card details etc are you protecting those fully?
Oh and while they can't currently crack open authenticators I wouldn't be surprised if they find a way sooner or later, either through social engineering ("sorry, we think you got a bad authenticator") or coming up with something else. One of the main reasons that authenticators provide protection is that they represent another layer to circumvent, to a scammer there are easier pickings but as more people start using authenticators the scammers will work harder to get round them.
The best security is still knowing what your doing: keep your stuff up to date, be careful what you click in emails or on websites and listen to advice carefully (ie listen and check it).
ctrl Jan 21st 2010 7:50PM
I'm going to have to agree with Sparcrypt here. Putting all your eggs into one basket is never a good idea.
Robin, I approve of what you're trying to do with your post, but threatening to delete comments from people who question you is not doing anything for your credibility. Neither is your lack of research. I linked it below, but i will link it again:
http://www.wow.com/2008/07/24/authenticator-fails-removed-from-account-without-users-permiss/
A link, on your own site, detailing how a hacker used social engineering to bypass an authenticator.
Learn how to protect yourself online, chances are your bank doesn't have an authenticator option.
thain Jan 21st 2010 7:52PM
@joel
The current IE bug with zero day fix, just like 99.99% of all browser faults, rely on you going to a compromised website on the computer that you use for wow.
Suggestion : Do not go to compromised websites, this includes thottbot and alakahzam as both are very liberal in what they let advertisers post as ads. Also if you feel you must venture to the wretched underbelly of the internet, do so on a "safe" computer, get a netbook, never put any information you wouldn't want the entire world to know on it.
Personally I do not want to have to put in two passwords every time I log into wow because everyone else's account has been hacked.
Robin Torres Jan 21st 2010 7:57PM
ctrl, in no way did I ever suggest or put in practice deleting comments that question me. But every time I post about account security, someone says "only stupid people get hacked" which is... well... stupid. And I just warned that those stupid, inflammatory, incorrect comments would be deleted.
About that one case 2 years ago, it was soon after proven to be not accurate:
http://www.wow.com/2008/08/05/authenticator-failure-revisited-blizzard-responds/
Sparcrypt Jan 21st 2010 8:07PM
@ Robin
True, but the only thing you list in your article here is 'get an authenticator' - I would gather very few people read the cut after the actual article, but that's irrelevant I suppose as it's there. I did take the time to look through that article though and I would classify what is covered as very basic.
Some personal recommendations for a secure (by average user standards) computer are;
1. Password your root/admin accounts properly and run as a restricted user. OS's are doing this more for you as they progress, but many people turn this off or use an OS that doesn't do it for you.
2. Keep your OS fully up to date
3. Get decent anti-virus/spyware/malware software. Keep them up to date and run them regularly.
4. Run a browser that supports plugins, such as firefox, and download a plugin that lets you selectively load flash elements of a page, or blocks them completely - flash exploits are where a lot of attacks originate because they can be run via adds even on trusted sites.
5. Bookmark sites such as wow.com and worldofwarcraft.com - use these links to visit the pages always - never ever click on a browser link to them.
6. Run a firewall.
There are of course more and more things you can do, but that will get most people started and reduce the risk of their wow account being stolen to near nothing - basically you'd have to give your account away to lose it.
I again feel I need to clarify my position: I'm NOT AGAINST authenticators. As long as some people find them useful, there isn't anything wrong with them. However they are not and never will be a complete solution and those who preach they are annoy me greatly. You personally aren't doing that as you do include links to other resources, but a very large amount of the wow player base do.
Tell me.. if you ignore all security precautions minus your authenticator and I have fully compromised your machine and am starting at your screen.. what can you do to stop me? Nothing. Once I get your authenticator code I can just log in within 30 seconds then shut your computer down remotely. By the time you reboot and get back on I've already stolen all your gold. Maybe I'll be really sneaky and instead of shutting you down, I'll jump into your router and change all your ISP settings - far as you can tell all thats happened is your internet has dropped out.. how long will THAT take for you to figure out? As long as I don't log out your account I can do as I please until you're back online.
Now thats an extreme example, but technology wise it's certainly possible.
Anyway, I think I have my point of view across.
HunterFromTheStart Jan 21st 2010 8:09PM
Your wrong, sparcrypt. I do know a LOT about internet security. I had not even accessed the account for a few months. Suddenly, I get two emails, one that the wrath of the lich king trial had been activated, and one from blizzard saying the account had been locked for improper usage. I have a full version of MacAfee Internet Security. I keep it updated, and the computer scanned. I don't enter my information anywhere, without checking the web address carefully. If I DO get phished, I immediately change the password. (Has happened to me twice, once on Myspace, I forget the other.)
As far as Authenticators, I still believe that if 90 percent of WoW users got an Authenticator, then the Authenticator would itself become a target.
Robin Torres Jan 21st 2010 8:11PM
Sparcrypt, I link to a post in the first paragraph about how to avoid scams and to an extensive guide about account security in the final swipe. The scope of this post was to give steps about what to do if you get hacked.
Mike Jan 21st 2010 8:23PM
The funny thing about this whole thread of Sparcrypt's is that it fails to acknowledge the most obvious:
Authenticators are a form of security based on public key identification. Anyone who is serious about security will never suggest that you can safely play WoW without fear of compromise unless you use one. Every single post that suggests otherwise is doing a disservice to the author of this article as she is clearly concerned with the reality of compromises and how it can affect anyone.
travis Jan 21st 2010 8:32PM
I feel that this post + replies are too long already, but I feel there's something I need to say.
Pretty much everything you list in your last post is found at
http://www.wow.com/2009/05/06/wow-rookie-keeping-your-account-safe-and-sound/
On another note... I don't see why so many people are against authenticators. I have mine on my phone (so I guess i'm "lucky" I dont have to spend $6.50). I timed how long it takes to enter my 8 digit code: 8 seconds!!!!! lets say you log in once a day, EVERY DAY for a year. That's a total loss of 48.6 minutes per YEAR. Here are the other options:
1) Download/update countless programs to help you protect your actions on the interwebz (I have a feeling that is more like 15 minutes a WEEK, and for you mathematically impaired people, thats 13 hours per year)
2) Get your account hacked. Spend the first hour pulling your hair out trying to get your account back only realizing you have to call Billing and it's 10:00 PM and Blizz is closed. Then spend a few hours over the next few days talking with blizz, and getting your account. THEN waiting a few days for gear/items to come back to your mailbox.
Long story short: I really don't see the big picture with authenticators. They will prob be mandatory soon anyways, and I don't blame Blizz. If your online bank records get hacked online, is that your banks fault that you let your personal information out? No. Your lucky that blizz has probably spent a LOT of money on setting up countless systems to 1, protect your account, and 2, get it back if it gets hacked.
"Long story short" short: GET AN AUTHENTICATOR AND DON'T QQ WHEN THEY EITHER BECOME MANDATORY OR BLIZZ STOPS RESTORING ACCOUNTS.
-Thank you for your time... and stop picking on Robin ;)
travis Jan 21st 2010 8:34PM
** "Pretty much everything you list in your last post is found at" **
@ Sparcrypt