Stropp's World

Games And Gamery

Account Security

Posted by Stropp on September 19, 2006

Never, never, never give anyone your password

Did I say never? That’s right. The biggest mistake you can make is to give someone, especially someone you don’t know personally, your password. That’s the key to the vault. If you give that away, you can be robbed blind.

Do not ever respond to an email asking you for your password. Even if it looks like it has come from Blizzard, rest assured it hasn’t. Bliz has repeatedly stated that they will never ask anyone for their password. This type of scam is known as phishing and traps a lot of people into giving up personal information. Very often the email or request look very official using graphics and text that resembles the real thing, sometimes even the real email address is spoofed.

Always download Add-ins from a reputable source

Make sure that you download any add-ins that you use from a reputable source. Read any reviews about it. Even then check the add-in to make sure that it is koche. If you know how to program, check the Lua code. Even though it is hard for a hacker to compromise you by using Lua, it’s worth having a check. Computer security is an ever changing field, and while Blizzard might think they have covered all the bases in securing the client, it’s possible a disreputable someone has discovered they really haven’t.

Another thing to check for is the presence of .exe files (on a Windows system) in your add-in. Not only could these carry a virus or worm, they could be doing something that Blizzard doesn’t like. This is usually interfering with the data being sent between the WoW client and the servers. But it also against Blizz’s terms of service to interface WoW with external applications. Simply put, having an addin that uses an external executable could get you banned.

Regularly run Virus and Spyware checkers

Run the latest versions of Virus and Spyware checkers on your computer. Apart from the fact that Virii and Spyware is really, really annoying, it is also a way for someone to compromise your computer.

Spyware can be used to steal your WoW password. A keylogger can be installed on your system in such a way that you will never know of its existence. While some spyware is just annoying (evil but annoying) and just intercepts your browsing habit to serve ads, some of it is pure evil and exists to steal your entire identity. This means bank account details, personal information, and your WoW password. A regular scan can save you weeks of misery and despair.

Here are a couple of links to check out.

Adaware
Spybot – Search and Destroy

Both of these products have been around for years and have built up a decent reputation. Adaware scans your system for adware but it also sometimes catches other forms of malware. Spybot – Search and Destroy looks for spyware. I’ve found in the past that both of these programs used together and used regularly, will catch most of the nasties on my system.

Make sure you are firewalled
Make sure that you have a firewall installed. A firewall puts up a shield between your computer and the internet preventing an attacker from penetrating your computer.

For the purposes of this discussion, there are two types of firewall that are available. The first is a software or personal firewall. This is an application that is installed on your computer that stops an intruder from entering your system. All the modern operating systems now include a firewall as part of the operating system. Linux and Apple OSX have a built in firewall, while Microsoft introduced a limited firewall in Windows XP Service Pack 2. Third party firewall applications can also be downloaded and installed.

The second type of firewall is a hardware firewall. In actuality they really are software firewalls, but they run on dedicated hardware devices such as routers and network switches. A good example of this is the Linksys router family that use a cut down Linux as the software component. These devices will, if enabled, hide your home network from the outside world providing reasonable security precautions are taken.

Regardless of the type of firewall you use, it is important that you get to know how it works. This is even more important when dealing with World of Warcraft. WoW uses a number of network ports to communicate with the game servers, and to download the patches. When you turn on your firewall, you’ll need to tell it the ports that WoW needs.

Commonsense is the key

Being aware of risk and using a little commonsense is the key to avoiding a lot of serious mistakes and it is no different when it comes to securing your World of Warcraft account. Unfortunately, there are a lot of malicous people out there in internetland, and they are after your information either to profit from it, or simply to ruin your day. Taking sensible steps is a good way to ruin their days.

Remember the following:

  • Never, never, never give anyone your password
  • Regularly run Virus and Spyware checkers
  • Always download Add-ins from a reputable source
  • Make sure you are firewalled

These four steps will go a long way to securing your system.


  1. 88 More ‘How To’ Articles - Group Writing Project Submission Part 2 Said,

    [...] Account Security by Stropp [...]

  2. Jersey Girl Said,

    Thx for the advice…it amazes me people would give out their passwords!

  3. Matt Said,

    Great tips! I am an IT guide by trade and I am just amazed to hear what peopl have done with their passwords.

  4. MamaDuck Said,

    I’m always surprised at people who readily give out their passwords and other personal info! Our how-to is up as well if you’d like to check it out!!

  5. Stropp Said,

    Thank you all for the comments.

    Actually I don’t find it surprising that people give out their passwords. It’s all a matter of trust really, and con-men have been doing it from the dawn of time. Phishers, in particular, make themselves look like someone you trust, Blizzard, your bank, etc. If you think it’s an organisation that you trust it is easy to send your personal details.

  6. Working at Home on the Internet Said,

    [...] 28. Account Security by Stropp [...]

  7. Change your thoughts » Blog Archive » How to posts - loads of them Said,

    [...] Account Security by Stropp [...]

  8. Questallia » Problogger’s ‘How to’ Group Writing Project List Said,

    [...] Account Security by Stropp [...]

  9. Mark Choon » The Biggest, really humongous, ‘How To’ list ever assembled in 4 days! Said,

    [...] Account Security by Stropp [...]

  10. Ask blushgirl - Romance Advice, Tips and Dating Site Reviews » Blog Archive » Day 2 How-To Article Love Said,

    [...] Account Security by Stropp [...]

  11. Business Related How To’s - Web Site Design, Internet Marketing, and Search Engine Optimization Services Said,

    [...] Account Security [...]

  12. Chewing Pencils: Helping you make money from drawing cartoons! Said,

    [...] Account Security by Stropp [...]

  13. Kristonia Ink! » Full List of ProBlogger How To Contest Submissions Said,

    [...] Account Security by Stropp [...]

  14. Cell Phone Know How » 343 How To Posts Said,

    [...] Account Security by Stropp [...]

  15. Stropp’s World » Archive » Keylogger Scam Said,

    [...] The other day I wrote about Account Security because a few members of the Ministry of Offence were having problems that seemed to indicate that their accounts had been hacked. This got me thinking about account security in general and how it applies to World of Warcraft in particular. [...]

  16. MegamiAoi Said,

    Great Post Stropp!

    There is so much the average user will not know or understand, therefore, it is great to see people take the time out to help them understand some basic principles in using PCs. Lets hope more people will become aware of their PC’s software and hardware environment and learn how to use it more efficiently to protect what they keep inside it.

    =o) Cheers for the post!

  17. Stropp’s World » Archive » Confounding the Spammers Said,

    [...] I started this blog a bit over two months ago now, in mid-September. A couple of days after I started, I submitted an article (Account Security) to Problogger for a writing contest at the time. What was interesting was the number of trackbacks I got from other blogs simply listing the contest entries. There were a lot of links to my site. [...]

  18. Salvatore Said,

    Unfortunately blizzard isn’t concerned about security or they would make passwords case sensitive and allow you to use alt characters in your password (alt characters render key loggers useless if you use them in your password).  The fact that blizzard doesn’t even let you use all special characters and that there is no lock out policy make a hackers job a piece of cake. 
    I’m a IT specialist and my account was hacked, I use a firewall, antivirus client, and scan real time and manually for spyware daily to include Spybot.  None of my addons had executables and were well known addons downloaded from a reputable site.  Until blizzard increases the account security these account hacks will continue, even to those that protect there information.

  19. Stropp Said,

    Sorry to hear about your problems.

    You are right about passwords with special characters. Other text entry fields in WoW can use special characters. I’ve seen a lot of character names with accents and the like.

    Are you sure you cannot use them?

  20. Salvatore Said,

    Only Punctuation.

  21. Stropp’s World » Archive » Yoiks and Away - Reflections and Directions Said,

    [...] Darren Rowse at Problogger is once again holding a writing competition for bloggers. His last competition, on How Tos, was held just after I started blogging, and I entered a post I wrote called Account Security. This time around, the topic is about Reviews and Predictions. It’s pretty timely. As I’ve been thinking about what to write on this subject, it occurred to me that I’ve also been thinking a lot lately about where I want to go with this blog and the web. It seems a perfect match up. [...]

  22. Daniel Said,

    I’m with Salvatore on this one. I also am in the IT industry and have all the latest anti-spyware, anti-virus, hardware and software based firewalls. I certainly have not disclosed any of my details to anyone yet the account is still vulnerable. Blizzard needs to address this quickly.

  23. Stropp Said,

    Hey Daniel, Salvatore,

    Please don’t take offense at this, but did either of you guys visit a gold sellers website, or buy any gold from one?

    I’ve been reading that this is one of the ways that WoW accounts are being compromised. Some of these sites execute scripts when the buyer enters their details to make a purchase.

     

  24. Stropp’s World - A Blog about World of Warcraft, MMORPGs, and Games. WoW! » Blog Archive » New Keylogger Warning Said,

    [...] In fact it’s probably a good idea to be careful what you do on the net in anycase. Always make sure you have a good firewall installed, and use an anti-malware program to check what your computer is downloading. You should always be aware of your account security. [...]

  25. CJCM and IT » Blog Archive » Problogger’s Group Writing Project Said,

    [...] Account Security by Stropp [...]

Add A Comment

Subscribe to the RSS Feed For These Comments

BlogHistory



MainCategories