Account Security
by Techsupport | 15/09/2006 17:30:22 Introduction With the recent increase in threats to players account security, we have produced the following guide to offer some guidance to our players on how to protect themselves from the possibility of someone stealing their account as well as offering information on preventative steps that should be taken to protect yourself and your computer. Should you receive a message when starting up World of Warcraft that a Trojan has been discovered, please refer to the following list on our support website for specific advice on the safe removal of the malicious software: http://eu.blizzard.com/support/article.xml?articleId=19644 If you suspect that your account has been compromised, please report it to our Game Security team through the following web form: http://www.wow-europe.com/support/securitywebform/securitywebform.html ?lan=en Due to the sensitive nature of account security issues our Technical and Billing support departments are unable to assist you with any information regarding the progress of the Game Security team’s investigation or the status of your account. Please do not make posts on this forum regarding a locked account. Posts on this subject are likely to be locked or removed completely in order to protect your account security. Index: 0. Introduction 1. Account Security 2. Phishing E-mails 3. Computer Security 4. Spyware 5. Virus/Trojans/Rootkits 6. Firewalls [ Post edited by Gelmkar ] |
| by Techsupport | 03/04/2007 17:12:47 Updated Trojan definitions We update our FAQ regularly with articles regarding some new Trojans: http://faq.wow-europe.com/en/category.php?id=69 |
by Gelmkar | 06/02/2008 12:17:28 Account Security The security of your account is something that all players should take seriously. What do I need to know? - That you do not share you account with anyone. Account sharing is against the License Agreement that you accept when you first start the game and the spreading of account information increases the risk of theft. - Never store e-mails or files on your computer that contain your password or account information. - Be wary of writing your account information down, as this may allow others to read and possibly exploit. - Be wary of shared computers, such as Cyber Cafés, as there are no assurances that this PC is not infected by a Trojan or other account information gathering program. - If you are ever contacted via e-mail or in-game by someone claiming to work for Blizzard requesting your password, do not give it to them. At NO time will a Blizzard employee request your password. What can I do? - Beware of sites posted in chat claiming to offer free gold. These sites will ask for account information, but are used to steal account information. - Be wary of sites or emails offering access to a Beta for a World of Warcraft expansion. We are not currently operating any beta and will update this post when the situation changes. For now all sites and emails claiming to offer a beta for Wrath of the Lich King or other games should be considered attempts to steal your account information. - Never post your account name on the forums. - Never post your e-mail address on the forums. - Make sure that your password is difficult to guess. It is usually recommended that you choose a password of random letters and numbers that does not have any significance to yourself or anyone and change it regularly. (Avoid using names of pets, telephone numbers that can be easily guessed.) - If you are using add-ons or plan to use add-ons, ensure that the files you are downloading do not contain any files that could steal your information. It should be noted that at no time will add-ons or files stored in the Interface folder contain a executable file with a .exe extension. [ Post edited by Gelmkar ] |
| by Gelmkar | 06/02/2008 12:23:02 Phishing E-mails What do I need to know? To quote the Wikipedia article on what Phishing is In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging,[1] and often directs users to enter details at a website, although phone contact has also been used. http://en.wikipedia.org/wiki/Phishing We have seen an increase recently in the amount of phishing e-mails that appear to look like legitimate e-mails from Blizzard. It is important to remember that no Blizzard employee will ever ask you for your password. What can I do? Checking e-mail headers Another trick used in phishing e-mails is to replace the original source address with an email address that looks as though it came from Blizzard. In situations like this it is important to check the header information of the e-mail as this will reveal the true history of that e-mail: Any e-mails sent from Blizzard will come from a @blizzard.com address, you may see additions such as @e-mail.blizzard.com or @enews.blizzard.com, but the address will always end with the blizzard.com domain. Most email clients will allow you to view more details on the email than are normally shown that will identify the true origin of a mail. For example, Hotmail have instructions on how to do this in Microsoft’s first help article on the left here: http://help.live.com/help.aspx?mkt=en-gb&project=MailFull&quer ytype=keyword&query=Header Gmail have instructions on how to view the headers here: http://mail.google.com/support/bin/answer.py?answer=22454# Please check the support of your email provider or software client for information on how to view the header of mails you receive. A genuine header from Blizzard should contain the following lines: X-SID-PRA: noreplyeu@blizzard.com or Return-Path: <noreplyeu@blizzard.com> Received: from smtp01.eu.worldofwarcraft.com ([XX.XXX.XXX.XXX]) by… Received: from … by smtp01.eu.worldofwarcraft.com … for <Your Email Address>; Tue, 29 Jan 2008 10:46:05 GMT From: noreplyeu@blizzard.com To: Your Email Address Although the mail may come from another address than noreplyeu@blizzard.com, it should always end with blizzard.com and the X-SID-PRA or Return-Path should always match the From address. It should also always be Received: from a domain ending in worldofwarcraft.com, wow-europe.com or blizzard.com. If you have any doubts whether an email that seems to be sent from Blizzard is genuine, please contact us first before replying or clicking any links contained in the mail. Checking web-links With the announcement of Wrath of the Lich King we have seen an increase in the number of mails sent to customers pretending to offer access to a non-existent closed Beta for the expansion or asking you to login to a fake account management page: Blizzard email or scam email?  Through the use of HTML code these emails will provide you with links that may look genuine, but lead to fake websites. Whenever you follow a link from an email, you can see that actual address that it reaches in the Address bar at the top of your web browser. For example right now your address bar will show http://forums.wow-europe.com/thread.html... indicating that you are viewing a thread on the wow-europe forums. If you follow any link in an email make sure that it leads to a wow-europe.com, worldofwarcraft.com or blizzard.com address. If a link directs to any other website, or when you follow it, the address looks different from the one indicated in the email we would urge you to contact us before entering any information. The correct page for European Account login is https://www.wow-europe.com/login/... any other address is most likely a fake designed to steal your account information. More Reading • http://en.wikipedia.org/wiki/Phishing • http://www.microsoft.com/protect/yourself/phishing/identify.mspx • http://www.privacyrights.org/ar/phishing.htm • http://www.banksafeonline.org.uk/phishing_examples.html • http://articles.techrepublic.com.com/5100-10878_11-6056367.html [ Post edited by Techsupport ] |
| by Gelmkar | 06/02/2008 12:24:44 Computer Security What do I need to know? With the popularity of the Windows based operating system, this makes it an easier target for causing disruption for a larger audience, through exploits and programs that can cause serious damage or loss of your data. As new exploits are being discovered on a regular basis, it is important that you take it upon yourself to ensure that you are updated and protected. While it can often seem like a mild inconvenience, a few minutes checking to see you are up to date can save you hours or re-installing or even the loss of important information later. What can I do? It is vital that you keep your Windows based operating system up-to-date. This includes the latest Service Pack, which currently stands at Service Pack 2 for Windows XP and Service Pack 1 will soon be released for Vista, and all security updates released separately through Windows Update. Many potential exploits and holes have been fixed to protect your from many of the dangerous programs out there, such as Trojans and Spyware, etc. It is simple to update, all you need to do is visit the following Microsoft site and check to see if you are currently running the latest security updates. We recommend that you do this at regular intervals: http://windowsupdate.microsoft.com Keeping your system up-to-date is only the first step, please keep reading through the following sections for further information and pointers in enhance your system’s security. [ Post edited by Gelmkar ] |
| by Gelmkar | 06/02/2008 12:25:35 Spyware What do I need to know? Spyware is a general term for a class of software that monitors the actions of a computer user. This software falls into a number of categories: Software that may be installed legitimately to provide security or workplace monitoring, software with relatively benign purposes that may be associated with marketing data collection and software that is maliciously installed, either as a general violation of a user's privacy or to collect information to allow further attacks on their computer or online transactions (e.g. "key logging" to gain passwords). In general, spyware can affect the performance of the computer it is installed on, as quite often this software will attempt to send any gathered information to a host server. This can affect latency or may greatly reduce the speed of your internet. What can I do? The first thing that you should do is to scan all downloaded files including any files you download as potential add-ons for World of Warcraft. This will require a Virus Scanner which we will discuss below. Regular scans of your PC for infection will ensure that there are no programs or files running in on your system, and there are many free programs available that are often updated to reflect new threats regularly. The following software can scan and protect your computer for spyware infections or prevent them from working on your system. Ad-aware SE - http://www.lavasoft.com/ Spybot - Search and Destroy - http://www.safer-networking.org/en/download/ Windows Defender - http://www.microsoft.com/athome/security/spyware/software/default.mspx Spyware Blaster - http://www.javacoolsoftware.com/spywareblaster.html More Reading • http://en.wikipedia.org/wiki/Spyware • http://www.microsoft.com/protect/computer/basics/spyware.mspx • http://www.spywareinfo.com/articles/spyware/ • http://www.spychecker.com/spyware.html |
| by Gelmkar | 06/02/2008 12:27:01 Viruses/Trojans/Rootkits What do I need to know? What is a Virus? A virus is a program written to cause mischief or damage to a computer system. The majority of viruses do damage, whether to your files, your registry, or even your hardware. Viruses are hard to detect, easy to propagate, and difficult to remove. The most common way to be infected by a virus is via e-mail and downloaded attachments. What is a Trojan? A Trojan is a simple piece of software which may perform a certain action or appear to perform a perfectly normal action but in fact performs another, usually malicious function. They are not viruses but are often used to open a so called ‘back door’ into your computer system that will allow viruses to enter. A Trojan cannot replicate like a virus can but just as difficult to detect often masquerading as similarly named system files or programs, most often these programs will start up when the computer does and as such will keep performing it’s malicious functions. What is a Rootkit? A rootkit is a program that is designed to take control of a computer without the authorisation of the systems owner, typically rootkits are difficult to locate and can only often be discovered if you use specific software to search for them. Rootkits can also act like Trojans and as such can present similar risks should you have any on your machine. Rootkits can sometimes be installed for legitimate purposes, but they often represent a security risk as they can be exploited by virus writers or other malicious individuals for their own purposes. What can I do? It is quite important that you are running some form of Anti-Virus software at all times. This should prevent infection on your system providing that you keep the program updated with the latest virus definitions. Free /Trial based Virus checkers Avast - http://www.avast.com AVG - http://www.grisoft.com CureIt! - http://www.freedrweb.com/ BitDefender - http://www.bitdefender.com/PRODUCT-14-en--BitDefender-Free-Edition.htm l Kaspersky - http://www.kaspersky.com/trials (Trial) Online Virus checkers Online virus checkers can be helpful for troubleshooting for any threats your main program may miss, these utilities shouldn’t be the only protection you have on your system, nothing will protect your system better than a full anti-virus protection suite installed and kept up-to-date on your machine. Trend Micro - http://housecall.trendmicro.com/ Kaspersky - http://www.kaspersky.com/virusscanner Symantec – http://security.symantec.com/ Bitdefender - http://www.bitdefender.com/scan8/ie.html (Requires Internet Explorer) Anti-Rootkit Sofware AVG - http://free.grisoft.com/doc/5390/us/frt/0?prd=arw Gmer - http://www.gmer.net/files.php F-Secure - http://www.f-secure.co.uk/blacklight/blacklight.html SysInternals - http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer .mspx Web Browsers Some of the more common means to get infected with a virus, trojan or spyware can come through normal web browsing, which is why it’s important to make sure you monitor what websites you are visiting, the links you click on and any prompts that may appear that may not be what they seem. One popular program that can greatly enhance your online browsing security is Mozilla Firefox: http://www.mozilla.com/en-US/firefox/ This program allows you install add-ons such as NoScript or Ad block Plus which can offer even greater protection if correctly configured: http://noscript.net/ http://adblockplus.org/en/ The more recent iterations of Internet Explorer also offer improved protection for web surfing. You can download the most recent version here: http://www.microsoft.com/windows/downloads/ie/getitnow.mspx More Reading • http://www.microsoft.com/protect/computer/basics/virus.mspx • http://en.wikipedia.org/wiki/Computer_virus • http://en.wikipedia.org/wiki/Trojan_horse_(computing) • http://www.webopedia.com/TERM/T/Trojan_horse.htm • http://en.wikipedia.org/wiki/Rootkit • http://www.antirootkit.com/ |
| by Gelmkar | 06/02/2008 12:27:58 Firewalls What is a Firewall? A firewall is a hardware or software solution to enforce security policies. In the a real world analogy , a firewall is equivalent to a lock on a door - it permits only authorized users such as those with a key or access card to enter. A firewall has built-in filters that prevent unauthorized or potentially dangerous material from entering the system. It also logs attempted intrusions. In this day and age it is very important to have some form of Firewall protection if you spend any amount of time on the Internet. There are always persons out there who are happy to exploit those who are not protected, steal information and cause harm. What can I do? One of the more useful features of many firewalls is the ability to alert you to any programs or files that are attempting to access the internet. This is good way to alert any user to a possible spyware infection so action can then be taken to block that file and then take the appropriate steps to remove the problem. The following software firewalls can protect your computer from unauthorised intrusions and will warn you before applications already on the system can access the internet. ZoneAlarm - http://www.zonelabs.com F-Secure - http://www.f-secure.com Comodo - http://www.personalfirewall.comodo.com/ Sunbelt - http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Fire wall/ More Reading • http://en.wikipedia.org/wiki/Firewall_(networking) • http://www.interhack.net/pubs/fwfaq/ • http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf 4ch2.htm • http://www.howstuffworks.com/firewall.htm |
News
Spam
Hot: Upcoming Alterac Valley Improvements in Patch 2.4
Most Viewed 
Recent Blizzard Announcements
