I'm not sure where this culture of calling your account being compromised and spouting it off as 'hacking' comes from but it's starting to annoy me a little. So I'll just vent, and hopefully clear up a few misconceptions along the way.


Hacking brings up the image of someone isolating your computer, using unexplainable technical wizardry to overcome your defenses thus pushing the blame away from yourself. This is never the case in compromising accounts.

I'd say 1% is a grievance from someone you know that you've somehow annoyed so they go out of their way to make the devastation of your account as horrific as possible. The kind of person who would do this isn't a technical wizard and 'hacked' his or her way into your computer, you've either given them your password willingly in the past, obtained it off some forums or your secret password question, or posed as someone else.

The majority of account compromises are from automated systems. A random fact: Details to a WoW account are actually morth more than credit card details. Credit card details are sold in bulk at $5000 for 1000 card numbers and details on the market, thats $5 per card. A WoW account, on average, is worth around $10 on the market (don't mean to patronizing here, but I have to stress this: a WoW account is worth DOUBLE your credit card details).

A very small number of these cases are exploiting a hole in your operating system. Recently there was a big hoo-haa about Microsoft making a patch to cover a recent hole in windows. Basically it used to work like this: when someone visited a compromised site, their cursor would change into a fluffy animation of a kitty or bouncing football or something. Normally this is fine, but it was possible to insert a Trojan (A file pretending to be something else or embedded into data of another file, like the Trojan Horse) into the data for the animation of your new cursor. This then set up a key logger onto your computer which runs automatically and detects when WoW has started running, it then logs whatever you type and sends it back off to it's origin, thus stealing your password this way. When this exploit was in it's prime, an exploiter compromised the main super bowl website in America and released a keylogger that specifically targeted WoW and nothing else. But that exploit has been fixed now. I must stress: CASES LIKE THIS ARE VERY RARE.

Nearly all cases are from the victim participating in someway. Like clicking on a link and downloading a file. You know those random posts written in bad English that suggest something but don't actually give hard details?

---

Q u o t e:
Hi ther

can someone help me with this pleas ? I dont no wat it is for

http://www.thisisadodgylinkdonotclickonit.com/iamabouttostealyourdetails.html

---

Other examples include post titles such as: "Jennifer Aniston does it in the forest!"


I'm sure everyone has received an email from a 'hot girl' who thinks 'your really handsome' and would like to 'meet you sometime'. Could you add her to MSN cause the address she sent the email from doesn't work! When you add this 'hot girl' they'll want to send you a 'picture' of themselves, when it's actually a virus of sorts.


Another example is Phishing. A link/form is sent to you asking for personal details such as passwords pretending to be Blizzard or your bank. You fill in the web form and send it off giving them your details.


Some Trojans come in Mods for the game as well. Try to use only recognized sites and recognized brands of mods (CT / CTRA from their official website for example).


Power leveling: a company offers to level your character, or a character from your account. you give them your details and they clean out your account and run away with your money.

Giving your friends your account details: While your computer might be clean and free of keyloggers etc. your friends computer may not.


So, you see, all these examples require you to do something stupid. If your savvy about the way you browse the internet you needn't worry about this at all. Hell, I only have basic security (AVG Free, spybot and a few others can be found here http://tinyurl.com/32g6tk ) and I'm perfectly safe because I know im careful which sites I visit and what I click on.

nuff said!

---

"I should probably return to my breathtaking magical city"

http://tinyurl.co.uk/5clk

---

Q u o t e:
tl;dr

---

That is a shame really, because you might regret that you didn't read it if your account happens to get "hacked" at some time in the future.'

To the OP: Thanks for this very informative post Skypheonix :-)

---

Q u o t e:


*waves at nice blue dwarf* Have you ever had anything compromised V?

---

Well in my early PC years just after I left the Amiga scene (before the internet) I once had a virus on my system that randomly deleted files and another one that was changing filenames at random. But later on as I learned more about computers and networks, I learned the importance of PC security and the value of common sense. Since then I have never been compromised :-)

---

Q u o t e:
If a link says: "Vaneras covered in treacle with nelfs" from a random poster in bad english on an english forum. Dont click it!

---

That would be tempting though... I mean to click that link :-)