WoW Security issues

Apparently there is now an epidemic of hacked WoW accounts. On both the Tech Support and Customer Support WoW forums, there are many requests for help. What’s happening is that accounts get hacked, they don’t have an authenticator, and the hacker puts an authenticator on their account so that they can no longer access it. Then as usual the account gets banned for gold selling.

A couple of recurring themes I saw as I was perusing the messages. 1. Do not use the same password for your WoW account that you use for other places particularly guildlaunch. 2. Do not use google to find the correct website for the Armory because some of the links found will be phishing sites. If you aren’t sure about the website for the Armory, go to and navigate to it there. Just so you know, it’s

Please please don’t think that if you don’t go to ‘those’ sites you won’t be hacked. Adobe products are attacked on what appears to be a daily basis, so if you go nearly anywhere on the web or read pdf’s, you could now have a keylogger. Use a reliable anti-spyware, anti-malware product. I use Microsoft Security Essentials but there are others out there.

And naturally get an authenticator if you care about your account.

That happened to one of my guildmates recently, with an authenticator being put on the account after it was hacked. I’m guessing it’s to slow down the recovery of the account, giving the hackers more time to loot it dry.

(Ironically enough, after a rash of hacked accounts and guild bank lootings, we’d put in place a policy that you only get promoted to a level with guild bank access if you can prove you have an authenticator by showing the core hound pet. And then this person goes and gets hacked and loots our bank and it turns out they don’t have an authenticator, but they got promoted anyway because they happened to be…‘close’…to a guild officer…)


Blizzard is hacking the accounts from their servers to sell more authenticators!


Of course, support costs for hacked accounts make that unlikely… but you never know!

If they were selling the authenticators at a profit, that might be true. But since they aren’t (devices like what they sell usually go for $20 and theirs are $6.50) I’ll assume you were just trolling.

And don’t click on any of those fake e-mails that I’ve been getting from “blizzard” since a couple of weeks or even months…

. . . or react an in-game tell from someone with an official-sounding name urging you to log onto a website.

I am anxious about buying an authenticator, because I’m worried that I will lose it or switch phones and get locked out. How much of a pain in the ass is it if something like that happens?

My understanding is that you should immediately write down the serial number of the authenticator so you can remove it from your WoW account if necessary.

It can be a bit of a pain. You have to fill out a form and fax it along with a copy of your ID. Takes a few days to get resolved.

The itunes and Android versions are free. I highly doubt Blizz is happy about the resource drain resulting from hacked accounts.

Or this yes. If you don’t do that then it’s a real pain.

…and stop buying gold, goddamnit. You’re feeding these assholes.

Happened to me back in October. My WoW account got hacked about a month after I canceled my subscription, but I still had a few weeks of paid time before it ran out. The hacker attached an authenticator too.

Blizzard was pretty good about the situation, and everything was back to normal within a couple weeks. I wouldn’t have cared so much if I hadn’t just linked WoW to my Bnet account.

I didn’t pay anything for the authenticator since it’s on my iPhone, but it’s pretty annoying having to enter an extra code every time I want to log into the SC2 beta.

This happened to me sadly. I hadn’t even had an active account since January, it was a message on facebook from a guildy of mine that let me know. Was a pain to get the authenticator removed, but over the course of a week I managed to get it all taken care of, and bought an authenticator of my own.

Not sure if/when i’ll go back to WoW, but at least customer service said they should be able to replace most of my stuff, even after all this time. I was more worried about losing my Diablo 2 and Warcraft 3 keys I had attached to the account.

Is there really more of an epidemic now than in the past? These things seem to come in waves. We haven’t had many people hacked recently that I’m aware of, but one guy said his account was hacked into repeatedly over the course of a week, and is planning to quit WoW now. You’d think he’d do a virus scan or something, but yeah…

Does he even have antivirus software? I’ve met more than a few semi tech savy people who refuse to get any because they think their browsing habits are safe.

Yeah, we told him to do a scan. I don’t know if he took us up on the advice or not.

I had my account nabbed a few months ago, despite not having played WoW for years. By the time I got the authenticator removed and added my own, I discovered that whoever got into it activated a WoLK trial to do who knows what with my account.

I took a look at my Gmail spam folder the other day (I occasionally drop in there to see if it’s misidentifying anything). It turns out I’m getting at least 2 WoW phishing emails a day. I’ve used that email address on my guild’s website, and when I registered for and I, of course, use it for other things, but those are the only WoW related things.

So, either the email address was exposed somewhere on the guild site (which is unlikely, as Athryn and Loup keep that nailed down pretty tightly) or one of the other sites has some 'splaining to do. I’m betting on the latter.

Same thing happened to me about a year ago. I assumed it was some guy I knew who didn’t like me and was trying to be a dick.

Whoever it was took my character and put it in a guild called “ICritOnYourPizza” and activated a LK trial and started leveling up. Odd behavior; there wasn’t really anything on the character to steal. Why would a gold farmer steal a character like that and begin leveling it up?