You are currently browsing the category archive for the ‘Account Security’ category.
Yesterday, I posted that I had canceled my World of Warcraft subscription. Today, I’m still WoW-blogging.
The thing you may not have noticed from my itty-bitty screenshot is this: My account is still paid for & therefore active until OCTOBER. That’s right. I had just renewed, way to make a statement, right?
So, since I have been able to disable Real ID via parental controls – which deals with the issue of addons “grabbing” your Real ID without your permission, I see no reason not to keep playing since I’ve already paid for that time. In fact, unless Cataclysm goes live much sooner than I expect, the forum changes won’t even be implemented by the time my paid time runs out. Three months is a LONG time – a lot of policy changes could occur in that time.
So – for now – I’m going to play like I really believe they will fix this. I will work on my Cataclysm bucket list. I will level shaman #2 & prep her for raiding ICC with my friends. I will keep plugging away at my goal of getting every class to 80.
Is it a cop out to “speak with my wallet” when the actual effect of that statement is so far away? Maybe it is. I can live with that.
Want another way to tell Blizzard what you think of the proposed Real ID changes? Leave a comment on this post on the WoW-ladies LiveJournal community. It doesn’t matter if you’re not a woman – please, go speak there (although it may require a LiveJournal account to post).
And please, if you can, do what I did and tell Blizzard what you think with your wallet. Even if you know you’ll resub before your paid time runs out. That’s ok. But they need to hear it and they might listen to canceled accounts in a way that they won’t listen to forum posts, fansite posts, and blogs.
For reasons I cannot even begin to comprehend, Blizzard has decided that attaching players REAL FIRST AND LAST NAMES to all forum postings (going forward, not retroactively) via RealID is a good idea.
The first and most significant change is that in the near future, anyone posting or replying to a post on official Blizzard forums will be doing so using their Real ID — that is, their real-life first and last name — with the option to also display the name of their primary in-game character alongside it. These changes will go into effect on all StarCraft II forums with the launch of the new community site prior to the July 27 release of the game, with the World of Warcraft site and forums following suit near the launch of Cataclysm. The classic Battle.net forums, including those for Diablo II and Warcraft III, will be moving to a new legacy forum section with the release of the StarCraft II community site and at that time will also transition to using Real ID for posting. (link to full post & thread here)
Now, I’ve been significantly less doom-n-gloom about this whole RealID thing than most people, despite the fact that I have a VERY unusual first & last name combination. But this. This blows my mind.
More so after finding out about this “handy” site on the internet: http://www.veromi.com/
Go ahead. Type in your first & last name. See how many records show up, and how little additional information would be needed to track you down. For me? All you’d need is my first & last name, and for $40, you could find out where I live, my phone number, my credit history and god only knows what else.
Traditionally, I have not been someone who has worked very hard to maintain my privacy on the internet. There are a lot of things on the internet linked to my real name. I’m not hard to track down, if you know a little bit about me. But the idea of that random rogue that I just barely managed to kill in world PvP after he jumped ME being able to track me down through the official WoW-forums? Is completely and utterly terrifying.
I pride myself on being a fairly decent judge of character. I’ve traded emails, phone numbers, and Facebook pages with people I have met in WoW. But the idea of my in-game avatar being linked to my real, full name for any person I happen to stumble across in game to find … I am not okay with this. I am so so very not okay with this.
I had already made the decision not use Real ID in game, not for my own privacy, but for the potential privacy of people I care about who were concerned about others seeing their real name through the “friends of friends” feature. But I feel like this path that Blizzard is going down is a very slippery slope indeed, and I wonder how much longer I’ll be able to play this game if this trend of making personal information completely accessible to their very large playerbase continues.
I’m currently in the third hour of my full Malwarebytes full scan, after clicking a trackback link. That’s right – I ended up on a site with content and behavior that was … questionable at best, malicious at worst because they linked to my blog. And this is why I check all my pingbacks if I don’t recognize them – I’m trying to save my readers from this kind of irritation. And three hours of scan for 20 seconds of being on a potentially unsafe page is quite irritating.
The Blog Azeroth shared topic of the week also happens to be “Raising Awareness”.
I’m actually consistently amazed by how creative the account-stealers are getting: the bad email attempts at phishing, the insertion of keyloggers in streaming video, the ridiculous spamming of the in-game trade channel. But what boggles me more is that people still buy gold.
Do they really not know where this gold comes from? Or do they just not care about anyone but themselves?
Your PSA for today is simply this: When you buy gold, you say that you’re A-OK with account theft. You’re supporting that practice with your IRL dollars.
After my recent super-fun hacking, I’m overly cautious. Wasting three hours of my time now so that I don’t have to deal with three days of post-hack stress later? Totally worth it. Wasting three hours of my time so that my blog doesn’t get the reputation of being unsafe? Totally worth it. I don’t want what happened to me to ever happen to anyone else.
Now for the telling you stuff you already know portion of this entry:
- If you don’t already own an authenticator (or have the authenticator application for your phone, if it’s available), stop what you’re doing, and go remedy that. Seriously.
- Keep your virus software up to date, your firewall up, and get the free version of Malwarebytes. If you stumble across anything remotely suspicious in your web-browsing, do the scan. Do not log into WoW or the forums or the Armory or anything else until the scan comes back clean.
- If you do log in while you suspect your computer might have been compromised, the first thing you should do after getting a clean bill of house is to change your password and the email address associated with your account. Consider opening a Gmail account just for this purpose – Gmail has a great feature where you can forward all email to any other account you check regularly, and then automatically delete the original.
Do not support gold sellers by buying gold, or leveling services, or gold-making guides. Do not support gold sellers by making it easy for them to hack into your account. Right click & report spam when you see their ads in trade. If a guildie or friend is online and acting suspiciously, and you cannot confirm that it is actually them, ticket immediately – they’ll thank you later. Do not share account information – no matter how careful you are, you cannot expect anyone else using your account to treat it with the same level of care – not to mention, it’s against Blizzard ToS.
Until the day comes that the sale of WoW-accounts and in-game gold stops because there’s no one buying, every honest WoW-player is a target. All the hard work you do in game is at risk if you are lazy about safeguarding your account.
It’s funny what you can talk yourself into sometimes.
While my account was still suspended, I convinced myself that it couldn’t be that bad. That maybe my account was one that just got sold, and whoever had it was just screwing around on it. That it was caught really quickly, and everything was going to be fine.
Now that I can get into the game, I’ve gotten a chance to assess. It’s pretty bad.
There doesn’t seem to be a whole lot of rhyme and reason to what they took and what they left behind. Krikket still has her weapon and shield – both vendor-able drops. However, at this point, in what they left me for gear, I’m about 140 points under hit cap, so that alone will keep me out of the raiding game until my gear gets restored, or I give up and re-farm half a bazillon badges. And I don’t want to say that I don’t believe in Blizzard customer service, exactly, but with nearly a dozen effected characters, I figure my odds of getting her stuff restored first aren’t that great.
I kept telling myself that the things that mattered were still there: the characters, and Krikket’s achievement points, mounts and pets. But I forgot about the other part of it, that also matters very much: the ability to play to the best of my abilities with my friends. And that I don’t have. I may have to give up my plans to see all of ICC, and do Ulduar hardmodes, and this feeling that I’m going to be so far behind until Cataclysm is really upsetting.
I’ve had single player games develop critical errors in save-files when I’d put in a lot of time, and was close to the end. I’d rage or cry or do whatever it took to get it out of my system, and then I’d do one of two things. I’d start over (or from the last good save), or I’d decide the game was flawed and uninstall.
Shit happens, and you don’t always get to finish what you start. Sometimes, there is no choice but to start over or walk away. I get that. I’m just not sure which I’ll do here if it comes down to it. Hopefully, all my shiny pixels will show up back in my mailbox. But I can’t help thinking about what the hell I’m going to do if they don’t.
This is the big one: Sometime last night, I got hacked.
My account is currently suspended, all of my characters have had gear stuff switched around (poor Sunlyte is wearing nothing but her heirloom chest and shoulders!), and I cannot even imagine the royal clusterfuck it’s going to be getting this straightened out. On the upside, none of my high level characters were deleted, although they’re likely broke. I’ve emailed Blizzard and tried to call them like a dozen times (how great is a customer service line that hangs up on you instead of giving you an option to hold, seriously?), but so far, nothing.
Which unfortunately gives me a lot of time to think about the other things that are stressing me out.
Today was the day I planned to push Norrah through the last part of painful (to me anyway) Azeroth leveling.
While the servers were down for maintenance this morning, I did my normal routine of websites – Yahoo.mail, Livejournal, Gmail, GoogleReader,Facebook, this blog, & our guild website. Then I remembered that I was going to post some strats for the more complicated Ulduar 10-man hardmodes. I found some written strats for FL+4, hard mode IC, and a Tankspot video of 10-man Freya+3.
Shortly after that? My computer basically exploded.
Apparently something I did this morning got me infected with Antivirus Soft. Holy error messages! It took me a couple of reboots to even get control back (ohai program that shuts down Task Manager), and I’m still virus scanning.
No matter how well protected your computer is, and how “safe” you think the sites you visit are – you can never be too prepared.
