Account Security

Posted by Stropp on September 19, 2006 Never, never, never give anyone your password Did I say never? That's right. The biggest mistake you can make is to give someone, especially someone you don't know personally, your password. That's the key to the vault. If you give that away, you can be robbed blind. Do not ever respond to an email asking you for your password. Even if it looks like it has come from Blizzard, rest assured it hasn't. Bliz has repeatedly stated that they will never ask anyone for their password. This type of scam is known as phishing and traps a lot of people into giving up personal information. Very often the email or request look very official using graphics and text that resembles the real thing, sometimes even the real email address is spoofed. Always download Add-ins from a reputable source Make sure that you download any add-ins that you use from a reputable source. Read any reviews about it. Even then check the add-in to make sure that it is koche. If you know how to program, check the Lua code. Even though it is hard for a hacker to compromise you by using Lua, it's worth having a check. Computer security is an ever changing field, and while Blizzard might think they have covered all the bases in securing the client, it's possible a disreputable someone has discovered they really haven't. Another thing to check for is the presence of .exe files (on a Windows system) in your add-in. Not only could these carry a virus or worm, they could be doing something that Blizzard doesn't like. This is usually interfering with the data being sent between the WoW client and the servers. But it also against Blizz's terms of service to interface WoW with external applications. Simply put, having an addin that uses an external executable could get you banned. Regularly run Virus and Spyware checkers Run the latest versions of Virus and Spyware checkers on your computer. Apart from the fact that Virii and Spyware is really, really annoying, it is also a way for someone to compromise your computer. Spyware can be used to steal your WoW password. A keylogger can be installed on your system in such a way that you will never know of its existence. While some spyware is just annoying (evil but annoying) and just intercepts your browsing habit to serve ads, some of it is pure evil and exists to steal your entire identity. This means bank account details, personal information, and your WoW password. A regular scan can save you weeks of misery and despair. Here are a couple of links to check out. Adaware Spybot - Search and Destroy Both of these products have been around for years and have built up a decent reputation. Adaware scans your system for adware but it also sometimes catches other forms of malware. Spybot - Search and Destroy looks for spyware. I've found in the past that both of these programs used together and used regularly, will catch most of the nasties on my system. Make sure you are firewalled Make sure that you have a firewall installed. A firewall puts up a shield between your computer and the internet preventing an attacker from penetrating your computer. For the purposes of this discussion, there are two types of firewall that are available. The first is a software or personal firewall. This is an application that is installed on your computer that stops an intruder from entering your system. All the modern operating systems now include a firewall as part of the operating system. Linux and Apple OSX have a built in firewall, while Microsoft introduced a limited firewall in Windows XP Service Pack 2. Third party firewall applications can also be downloaded and installed. The second type of firewall is a hardware firewall. In actuality they really are software firewalls, but they run on dedicated hardware devices such as routers and network switches. A good example of this is the Linksys router family that use a cut down Linux as the software component. These devices will, if enabled, hide your home network from the outside world providing reasonable security precautions are taken. Regardless of the type of firewall you use, it is important that you get to know how it works. This is even more important when dealing with World of Warcraft. WoW uses a number of network ports to communicate with the game servers, and to download the patches. When you turn on your firewall, you'll need to tell it the ports that WoW needs. Commonsense is the key Being aware of risk and using a little commonsense is the key to avoiding a lot of serious mistakes and it is no different when it comes to securing your World of Warcraft account. Unfortunately, there are a lot of malicous people out there in internetland, and they are after your information either to profit from it, or simply to ruin your day. Taking sensible steps is a good way to ruin their days. Remember the following:
  • Never, never, never give anyone your password
  • Regularly run Virus and Spyware checkers
  • Always download Add-ins from a reputable source
  • Make sure you are firewalled
These four steps will go a long way to securing your system.