My brother’s account was stolen while it was inactive. The new owner added both expansions and got a DK up to level 80. My brother then got the account back, and was happy it happened.
Or spammers just spam everyone. But it’s entirely possible that someone on wow.com / curse.com has some 'splaining to do. This is why we need capabilities-based email systems.
Botted farming of herbs and minerals, I assume. It may eventually get banned, so they wouldn’t want it to be on an account they paid for.
Spammers just spam everyone, because I never use the email I use for my WoW account anywhere else other than with some close friends and anything that is work related. I’ve gotten a about 2 or 3 phishing emails to it that have made it through the spam filters in the past 5 years.
I had this happen to me, they sold all my gear and changed my professions to mining and herbs. I hadn’t played in almost two years. I noticed my password didn’t work, did password recovery and logged on and noticed all the changes. I contacted Blizzard and told them what happened and a few days later they returned all my stuff to me.
Then comes the part that pissed me off… I logged on and started playing again and was debating restarting the subscription. I log on and then get logged off and it tells me my account is banned since I had two people using it. Well no shit, that’s why I had called, since someone else had been using it. They didn’t fix the ban and by the time it wore off my trial had expired so they don’t get my money.
To the people who’ve gotten accounts stolen: how strong were you passwords?
Of course spammers spam everyone, but they would rarely send out WoW-specific phising emails to a general list, as a matter of efficiency. I don’t get the same WoW phishing emails at any of my other email addresses, and at this one, I get 2-3 per day. Not 2-3 in the last five years.
Keep in mind it doesn’t matter with keyloggers, which apparently are far more popular than trying to brute force passwords. Brute forcing passwords takes actual knowledge and software, while phishing sites, installing trojans, etc means you can just look up this stuff on google and be good to go.
My password on WoW is not very strong but I use an authenticator, meaning even if they guess my password (which is unique to WoW) they still can’t get in.
Authenticators are so cheap that I don’t see why people don’t get one. Yeah, having to enter two “passwords” to log in is a bit of a pain, but it makes your account 100x more secure. Seems like the trade off is worth it.
I’m going to wait until I get hacked to purchase one.
Don’t worry, if you do get hacked, the hackers will surely purchase one for you.
Don’t even think you can brute force it. I kept getting disconnected last week, freaked out that I was being hacked, and started trying to login but forgot to get a new authenticator code and locked myself out of the account. I think I made about 4-5 attempts before I got the popup to call Customer Service to unlock the account.
Good to know that they lock you out after a number of tries.
Ahh, good point.
FYI on the authenticator - android has a free one, not sure about other phones.
I have to admit, one of these almost caught me about a month ago (my account is inactive but I still will activate it again some day so I do care about it). It looked REALLY authentic, even linked to some legitimate Blizzard sites for support and such.
Be careful.
I get 4+ a day on an account I’ve never used for anything wow-related.
iPhone too.
I wonder how many of these folks used the same email address for facebook as battle.net?
I also wonder how many of the social site virus bits lately have had trojans behind them. I checked my spam folder to see what kind of phishing I was getting. I got AION attempts but no wow. Which is rather silly as I never had an AION account. I have a CoX account.
I don’t think the nasty bugs are attacking from what were considered standard sources, things like curse, wowinterface so on. I strongly suspect Facebook and other social network sites (and the adverts/links/spam they tend to accumulate). It is the only similar thing I am finding between the various friends I have that got hacked.
I will revise this theory if for some reason I get hacked.
What gets me is the horrible language use and the crazy idea put forth as a solution. Here is some pain I just got this morning. URLs removed.
Greetings!
Recently, the problem of account invasion is getting worse and worse which cause enormous players’ equipments and virtual currency stolen. This severely damages the benefits of mass players, also causes our company lose a lot of customers.
Our company has to adopt some measures to safeguard our common benefits in order to strengthen the safety of mass players’accounts, and firmly resist the account to be stolen again.Through our company’s research and investigation to xxx customers,we will make the following decisions: we launch a package of updated code strengthen system and dynamic code protection card which can effectively prevent the accounts invaded. We will send this package of code protection system to players free of charge.
Please open this connection: (total crap URL which I won’t post)
If your account passes the check successfully, we will send this package of dynamic code protection card to you in the form of e-mail.
In 3 days after you receiving the e-mail, if you don’t submit your information, we have right to freeze your account, every player is obligated to protect the safety of the account. You must work together with us to be determined to crack down all the behaviors of destroying games.
If you had already authenticator your account, please disregard this automatic notification.
Regards,
The World of Warcraft Support Team
Blizzard Entertainment
Ow, ow, ow, my eyes!
That reads like something that went through google translate.