Guild Wars 2

Yesterday I received an email from Battle.net stating that my DiabloIII account had been locked due to suspicious activity and a password change will be required before I will be able to access the account again.

1. I do not have a DiabloIII account, just a wow battle.net account
2. I have not logged into my battle.net account in over a year
3. I did verify that the source of the email was legit
4. Upon attempting to log in my battle.net account it BECAME locked due to suspicious activity
(I was able to unlock it with an account verification and password reset process)

These points tend to indicate a security breach on blizzards systems, or at the very least that they suspect one relating to Diablo III linked accounts.

If you have a battle.net account I implore you to make sure it is NOT the same as any other password including(but not limited to) other games, emails and ESPECIALLY banks. Ideally you want to have a different password for everything you log into (I know I do).

If you want to go one step further, I would encourage you to delete any wow addons and the curse client if you have it and then run a virus scan. I have have guild mates in WoW that have been hacked by using plug-ins(Addons) which is why NCSoft does not allow them and tends to stay very secure because of it.

Maximum security on your account helps make all of ncsoft games more secure for you and everyone else.
Plus, you paid at least $60 for this game, dont let those thieves take that from you

This isn’t Anets problem Ive been getting wow account suspended emails for 3 years even without ever owning a battle.net blizzard account till Starcraft 2 was released and that is on a different email to what I get the spam on.

So yes agreed individual passwords and emails etc also blizzard got there database stolen a month ago which has found its way to the gold sellers it seems.

I never had a WoW account or a Battle.net account and I get emails from them all the time saying my account(s) was banned due to suspicious activity. I don’t even use that email anymore (it’s for spam and sites that like to spam emails) so I’m not worried about it, but I would definitely like to agree with you guys and say do NOT share emails and passwords for anything.

drguild.2045:

This isn’t Anets problem Ive been getting wow account suspended emails for 3 years even without ever owning a battle.net blizzard account till Starcraft 2 was released and that is on a different email to what I get the spam on.

So yes agreed individual passwords and emails etc also blizzard got there database stolen a month ago which has found its way to the gold sellers it seems.

It may not be Anets problem but it definitely concerns them when there are gamers out there that treat a password like a key around their neck thinking “I will have one password for all my games”. It cannot be denied that user information acquired through other game systems is being tested against all other games in an attempt to maximized the exploitation of that information.
I was not accusing Anet or the ncsoft players for the security threats occurring on battle.net or on ncsoft systems, I simply identified a red flag and thought I would bring it to this communities attention since a large percentage of ncsoft games have or had a battle.net account at one point. And used this as a vessel to once again remind my fellow players that their individual security is pertinent to our over all security.

No its a fake email, they mask who it’s from.

You even said your self you haven’t got a Diablo III account, it’s for stupid people who click the link that links to a really random mix of us. someword here blizzards website.

It’s fake, it’s not real, just another misinformed person claiming security breaches…
I get it to my email address that isn’t even a battle account

There’s more to these hacks than ArenaNet is letting on. Gaile and the other GMs are stating that online sources are the cause however, I was hacked yesterday and,

1. I used a brand new email (just created) and never used anywhere before
2. I created/used a 32 chacacter ASCII password (numbers, caps, symbols etc)
3. I verified my email and was watching login attempts (and saw none)

My email was changed and the notification email did NOT give me an opportunity to prevent it.

I’ve come to the conclusion that either the hackers have admin access to ArenaNet systems or buy.guildwars2.com sold my serial key to multiple people and we’re opening hacking tickets making the assignment of it go back and forth. I made a similar post about this yesterday and a MOD deleted it. Why would they delete it?

Angelkitten.3674:

No its a fake email, they mask who it’s from.

You even said your self you haven’t got a Diablo III account, it’s for stupid people who click the link that links to a really random mix of us. someword here blizzards website.

It’s fake, it’s not real, just another misinformed person claiming security breaches…
I get it to my email address that isn’t even a battle account

Wow your name is a good reflection of your disposition lol. No really I work for Verizon for 4 years as 1 of 5 tier2 email/portal support, worked very closely with security every day. Today I am in charge of Frontier Communications chronic third party circuits.
brag brag brag believe me lol

Widowmaker.5812:

There’s more to these hacks than ArenaNet is letting on. Gaile and the other GMs are stating that online sources are the cause however, I was hacked yesterday and,

1. I used a brand new email (just created) and never used anywhere before
2. I created/used a 32 chacacter ASCII password (numbers, caps, symbols etc)
3. I verified my email and was watching login attempts (and saw none)

My email was changed and the notification email did NOT give me an opportunity to prevent it.

I’ve come to the conclusion that either the hackers have admin access to ArenaNet systems or buy.guildwars2.com sold my serial key to multiple people and we’re opening hacking tickets making the assignment of it go back and forth. I made a similar post about this yesterday and a MOD deleted it. Why would they delete it?

You admit in other posts to having had your account compromised multiple times. I suggest scanning your PC for malware using BOTH an updated and reliable antivirus program and something that detects other types of malware, such as Malwarebytes Anti-malware.

You claim that ArenaNet’s databases might have been hacked. I find it odd that hackers would get access to over a MILLION accounts but pick just yours to hack multiple times. Unless, of course, their system wasn’t compromised.

Really though, scan that pc. Thoroughly.

anonymouse.9053:

Widowmaker.5812:

There’s more to these hacks than ArenaNet is letting on. Gaile and the other GMs are stating that online sources are the cause however, I was hacked yesterday and,

1. I used a brand new email (just created) and never used anywhere before
2. I created/used a 32 chacacter ASCII password (numbers, caps, symbols etc)
3. I verified my email and was watching login attempts (and saw none)

My email was changed and the notification email did NOT give me an opportunity to prevent it.

I’ve come to the conclusion that either the hackers have admin access to ArenaNet systems or buy.guildwars2.com sold my serial key to multiple people and we’re opening hacking tickets making the assignment of it go back and forth. I made a similar post about this yesterday and a MOD deleted it. Why would they delete it?

You admit in other posts to having had your account compromised multiple times. I suggest scanning your PC for malware using BOTH an updated and reliable antivirus program and something that detects other types of malware, such as Malwarebytes Anti-malware.

You claim that ArenaNet’s databases might have been hacked. I find it odd that hackers would get access to over a MILLION accounts but pick just yours to hack multiple times. Unless, of course, their system wasn’t compromised.

Really though, scan that pc. Thoroughly.

You didn’t fully read those other posts then. This is a typical response that’s propogating the problem and allowing support to overlook the real threat….

FACTS:
- This is the 2nd time my account has been taken.
- I had and do have Avast! and Microsoft Security Essentials running on my PC and always scan daily. I even ran a boot-time scan and had no infections.
- I even ran a Key Logger scanner and found nothing
- After the 2nd hack to ensure I didn’t have a root kit I deleted my C drive, recreated it, formatted the drive and reinstalled Windows 7. Now I only have Office and GW2 on it.

The source of the compromise it not me…. For the record I’m an IT engineer for a large company on the top of the fortune 500 list and am MCSE certified. I’m not your average user.

ReginaBuenaobra.6953:

Online games and gaming networks are popular targets for hackers, so it’s important to follow good security practices.

Shame about the company you work for handing hackers access to saved credit card info including the 3 digit code so they can buy away and put people in the poor house.

Good Security Practices?

Widowmaker.5812:

- I had and do have Avast! and Microsoft Security Essentials running on my PC and always scan daily. I even ran a boot-time scan and had no infections.

Never have 2 Anti-Virus programs running at same time, that is asking for trouble, especially when they fight over trying to scan a file to the point it gets passed any attempt to block it.

Same goes for Anti-Malware programs also, just have one installed.

DABhand.2079:

Widowmaker.5812:

- I had and do have Avast! and Microsoft Security Essentials running on my PC and always scan daily. I even ran a boot-time scan and had no infections.

Never have 2 Anti-Virus programs running at same time, that is asking for trouble, especially when they fight over trying to scan a file to the point it gets passed any attempt to block it.

Same goes for Anti-Malware programs also, just have one installed.

These two do not conflict. I’ve researched it and verified it. Of all the comments you could make about the serious issues I posted you comment about that? WoW..

Well I did warn you, mayhap thats how you may have been infected with a keylogger or something similar?

I said that because you have a serious backdoor now on your PC by having 2 AV’s running at once. But hey its your pc

DABhand.2079:

Well I did warn you, mayhap thats how you may have been infected with a keylogger or something similar?

I said that because you have a serious backdoor now on your PC by having 2 AV’s running at once. But hey its your pc

I’m not sure you know what he heck your talking about. 2 AVs does not give anyone a back door lol. At most it causes file locking and could cause a harddrive to fail. Back doors are authored code the create and expose a security vulnerability for an attacker to gain control over a device. Google it before you post like your an expert.

If you want to insist on the idea that ArenaNet’s db has been compromised, even though you are the only one who has mentioned having your account compromised multiple times, that is your choosing.

I have a master’s degree in network security and have worked on security applications at one of the largest companies in the world. None of that means I’m immune to a malware infection, and neither are you.

Widowmaker and anonymouse, I never claimed that NCSoft/Arenanet was 100% secure, and I admit, from the outside it does seem rather convenient that there were even 0.01% of guildwars2 users accounts hacked; however, you and I both know that there are plenty of tricks that (what we call today) “hackers” have in their arsenal that they can use compromise users accounts even from outside NCSoft/Arenanets perimeter . I am neither confirming nor denying any accountability for the compromised accounts, I am simply stating an observation and making a peer to peer suggestion.

I agree with you Alex, and I think you making this thread was a good idea. ArenaNet is not immune to being hacked, and neither are users, regardless of how secure each thinks his/her own system is. But if someone really did breach ArenaNet’s accounts database, I’d expect a lot more compromised accounts. And if someone had access to over a million records, the chances of someone compromising the same account twice is probably about as good as me winning the powerball lotto tomorrow.

Perhaps I should buy tickets.

Widowmaker.5812:

DABhand.2079:

Well I did warn you, mayhap thats how you may have been infected with a keylogger or something similar?

I said that because you have a serious backdoor now on your PC by having 2 AV’s running at once. But hey its your pc

I’m not sure you know what he heck your talking about. 2 AVs does not give anyone a back door lol. At most it causes file locking and could cause a harddrive to fail. Back doors are authored code the create and expose a security vulnerability for an attacker to gain control over a device. Google it before you post like your an expert.

Your example of a backdoor is one example, backdoors are not one type of security risk, they can be any risk that has opened a port to allow data packets to and from the machine, or start an exploit through a running service by amending it via ring 0 from an initial file that has got past defences.

With 2 AV’s running (which I may add even if it did work flawlessly would never give 100% protection) if they start to scan a file, then one AV is blocked by the other thinking the service is blocking their scan on purpose and it goes back and forth to the point where the file in question now is disregarded.

Yes it is reported MSSE and Avast can work in tandem, but that has never been proven 100% to be accurate, it is Avast trying to get you to use their software in the hopes of buying it later on.

So in essence you may have a security risk doing so, it may not be the real problem for you but its a potential problem you should fix up. I only run MSSE and I rarely get infected if at all, only once from the last 5 months+ due to an IE9 exploit.

Alexixiv.4582:

Wow your name is a good reflection of your disposition lol. No really I work for Verizon for 4 years as 1 of 5 tier2 email/portal support, worked very closely with security every day. Today I am in charge of Frontier Communications chronic third party circuits.
brag brag brag believe me lol

Really not sure how that is relevant, you got an email that your account was blocked for a game you never had right? if you ask me it looks like them guys tried to get your account details and that got your account, no need to start acting like a know it all sir…

I have been getting them emails for the past 3 months on my email and I don’t even have a battle.net account on it. Unless they bought you a free game.

I’m not blaming anyone which is why I wiped my hard drive. What I’m trying to stop is everyone pointing the finger at the consumer. ArenaNet in my case needs to take a serious look at my ticket and figure out how it’s possible my account was compromised the 2nd time with a new email, 32 char PW, and a verified email.

Even if I was compromised there are only 2 stealth methods to steal my account, 1-key logger and 2-root kit. Both are hardly the tools of a game hacker. These are tools of espionage or commerial theft not the tools of kids stealing wow or guild wars accounts.

You would be surprised how easy it is to get your hands on a keylogger or an infector that infects .exe files. Even the source code.

DABhand.2079:

You would be surprised how easy it is to get your hands on a keylogger or an infector that infects .exe files. Even the source code.

I’m not surprised at how easy they are to download but pushing them out into the world undetected, sorting through the billions of lines of code they return unless they’re coded for GW2, and using the data is so specific it’s really unrealistic.

It begs further considerations by ArenaNet and I’m not sure why you’re not conceeding that point if your a Sec expert. Gotta jet to my kids practice. Peace.

Widowmaker.5812:

Even if I was compromised there are only 2 stealth methods to steal my account, 1-key logger and 2-root kit. Both are hardly the tools of a game hacker. These are tools of espionage or commerial theft not the tools of kids stealing wow or guild wars accounts.

You’d be surprised.

Also, password length by itself is not adequate security for a password. For example:

aaaaaaaaaa is a length-10 password. It’s also horrible.

thisisatest is a length-11 password. It is just as bad, because dictionary attacks are trivial to do.

7h1515@7357 is the same length-11 password using leet-speak character substitution (which people seem to think is somehow secure). Password cracking and brute-forcing software has been able to do these sorts of dictionary substitutions for YEARS.

Q2W3E4R5T6^t%r$e#w@q is a length-20 password, using a keyboard pattern mnemonic. Password cracking/brute-forcing software has been able to suss these types of password schemes for years as well.

Add to the mix things like general-purpose GPU computing to greatly accelerate things, and rainbow tables plus years worth and millions upon millions of accounts’ worth of cracked passwords, and today’s script kiddie has at his disposal extremely sophisticated tools and a gargantuan corpus of raw data from which to work, not to mention enough data to do some fairly sophisticated analysis on password choice behavior that allows some rather intelligent guessing as well as advanced mnemonic attacks.

And that’s just the script kiddies. Now, imagine what someone with a profit motive (e.g., businesses whose sole purpose is to steal accounts and convert items into gold or real money, and use the stolen accounts to farm for and/or sell gold) would be willing to do.

Don’t think a length-32 password protects you. If that length-32 password was unique AND actually high-entropy (i.e., random, which means you’d have to use rote memorization or a third-party secure password program, e.g., 1password or keeppass or similar), THEN and only then might you begin to consider yourself safe from the above.

Angelkitten.3674:

Alexixiv.4582:

Wow your name is a good reflection of your disposition lol. No really I work for Verizon for 4 years as 1 of 5 tier2 email/portal support, worked very closely with security every day. Today I am in charge of Frontier Communications chronic third party circuits.
brag brag brag believe me lol

Really not sure how that is relevant, you got an email that your account was blocked for a game you never had right? if you ask me it looks like them guys tried to get your account details and that got your account, no need to start acting like a know it all sir…

I have been getting them emails for the past 3 months on my email and I don’t even have a battle.net account on it. Unless they bought you a free game.

You challenged my observation that it was a legitimate email. I was stating my credentials to back up my claim. You on the other hand are acting like a know it all by making a claim without having the email in your possession. I am well versed in spotting spoofed emails. You should not be so quick to shoot down something if you do not have all the facts to back it up.

mcl.9240:

Widowmaker.5812:

Even if I was compromised there are only 2 stealth methods to steal my account, 1-key logger and 2-root kit. Both are hardly the tools of a game hacker. These are tools of espionage or commerial theft not the tools of kids stealing wow or guild wars accounts.

You’d be surprised.

Also, password length by itself is not adequate security for a password. For example:

aaaaaaaaaa is a length-10 password. It’s also horrible.

thisisatest is a length-11 password. It is just as bad, because dictionary attacks are trivial to do.

7h1515@7357 is the same length-11 password using leet-speak character substitution (which people seem to think is somehow secure). Password cracking and brute-forcing software has been able to do these sorts of dictionary substitutions for YEARS.

Q2W3E4R5T6^t%r$e#w@q is a length-20 password, using a keyboard pattern mnemonic. Password cracking/brute-forcing software has been able to suss these types of password schemes for years as well.

Add to the mix things like general-purpose GPU computing to greatly accelerate things, and rainbow tables plus years worth and millions upon millions of accounts’ worth of cracked passwords, and today’s script kiddie has at his disposal extremely sophisticated tools and a gargantuan corpus of raw data from which to work, not to mention enough data to do some fairly sophisticated analysis on password choice behavior that allows some rather intelligent guessing as well as advanced mnemonic attacks.

And that’s just the script kiddies. Now, imagine what someone with a profit motive (e.g., businesses whose sole purpose is to steal accounts and convert items into gold or real money, and use the stolen accounts to farm for and/or sell gold) would be willing to do.

Don’t think a length-32 password protects you. If that length-32 password was unique AND actually high-entropy (i.e., random, which means you’d have to use rote memorization or a third-party secure password program, e.g., 1password or keeppass or similar), THEN and only then might you begin to consider yourself safe from the above.

You forgot packet sniffers
But yes you have a good point, many many tools in a hackers (data miners) arsenal today.

Alexixiv.4582:

Angelkitten.3674:

Alexixiv.4582:

Wow your name is a good reflection of your disposition lol. No really I work for Verizon for 4 years as 1 of 5 tier2 email/portal support, worked very closely with security every day. Today I am in charge of Frontier Communications chronic third party circuits.
brag brag brag believe me lol

Really not sure how that is relevant, you got an email that your account was blocked for a game you never had right? if you ask me it looks like them guys tried to get your account details and that got your account, no need to start acting like a know it all sir…

I have been getting them emails for the past 3 months on my email and I don’t even have a battle.net account on it. Unless they bought you a free game.

You challenged my observation that it was a legitimate email. I was stating my credentials to back up my claim. You on the other hand are acting like a know it all by making a claim without having the email in your possession. I am well versed in spotting spoofed emails. You should not be so quick to shoot down something if you do not have all the facts to back it up.

So, you checked and verified all the Received: headers, and ruled out any potential fake ones as well? These days it’s surprising that people are even aware of Received: headers, let alone how to analyze them properly when examining email origins. Too many people spending too many years using nothing but GUI MUIs and having little to no actual knowledge of SMTP/eSMTP.

Alexixiv.4582:

You forgot packet sniffers
But yes you have a good point, many many tools in a hackers (data miners) arsenal today.

I didn’t forget them, I simply don’t consider them relevant, since actually sniffing a switched network requires administrative access to the switch at either the ingress/egress point or the border of one of the endpoints, and the ability to reconfigure the VLANs to add a span or mirror port, not to mention a way to get all the sniffed data out of the network without anyone noticing a doubling in network traffic. Plus, any half-decent protocol handling secure data (e.g., usernames/passwords) isn’t going to transmit that information in the clear, so the packet payloads would be useless.

Not to mention the fact that if someone had enough access to install a packet sniffer, whoever controls that network has much, much bigger problems than someone sniffing a videogame password. That’s like watching a house burn down and telling the owner he’s screwed because his grass is getting a little high and the HOA might not like it.

And please don’t lump data mining in with hacking. It’s bad enough people misuse the word “hacker”. Let’s not start associating data mining, which is a perfectly legitimate pursuit both in research and in business, with what is these days generally used to describe illegal activities.

Alexixiv.4582:

Yesterday I received an email from Battle.net stating that my DiabloIII account had been locked due to suspicious activity and a password change will be required before I will be able to access the account again.

1. I do not have a DiabloIII account, just a wow battle.net account
2. I have not logged into my battle.net account in over a year
3. I did verify that the source of the email was legit
4. Upon attempting to log in my battle.net account it BECAME locked due to suspicious activity
(I was able to unlock it with an account verification and password reset process)

These points tend to indicate a security breach on blizzards systems, or at the very least that they suspect one relating to Diablo III linked accounts.

If you have a battle.net account I implore you to make sure it is NOT the same as any other password including(but not limited to) other games, emails and ESPECIALLY banks. Ideally you want to have a different password for everything you log into (I know I do).

If you want to go one step further, I would encourage you to delete any wow addons and the curse client if you have it and then run a virus scan. I have have guild mates in WoW that have been hacked by using plug-ins(Addons) which is why NCSoft does not allow them and tends to stay very secure because of it.

Maximum security on your account helps make all of ncsoft games more secure for you and everyone else.
Plus, you paid at least $60 for this game, dont let those thieves take that from you

Always check the email headers in those kind of messages.

Antares.3984:

Alexixiv.4582:

Yesterday I received an email from Battle.net stating that my DiabloIII account had been locked due to suspicious activity and a password change will be required before I will be able to access the account again.

1. I do not have a DiabloIII account, just a wow battle.net account
2. I have not logged into my battle.net account in over a year
3. I did verify that the source of the email was legit
4. Upon attempting to log in my battle.net account it BECAME locked due to suspicious activity
(I was able to unlock it with an account verification and password reset process)

These points tend to indicate a security breach on blizzards systems, or at the very least that they suspect one relating to Diablo III linked accounts.

If you have a battle.net account I implore you to make sure it is NOT the same as any other password including(but not limited to) other games, emails and ESPECIALLY banks. Ideally you want to have a different password for everything you log into (I know I do).

If you want to go one step further, I would encourage you to delete any wow addons and the curse client if you have it and then run a virus scan. I have have guild mates in WoW that have been hacked by using plug-ins(Addons) which is why NCSoft does not allow them and tends to stay very secure because of it.

Maximum security on your account helps make all of ncsoft games more secure for you and everyone else.
Plus, you paid at least $60 for this game, dont let those thieves take that from you

Always check the email headers in those kind of messages.

yes, I have my headers to always display

mcl.9240:

Alexixiv.4582:

You forgot packet sniffers
But yes you have a good point, many many tools in a hackers (data miners) arsenal today.

I didn’t forget them, I simply don’t consider them relevant, since actually sniffing a switched network requires administrative access to the switch at either the ingress/egress point or the border of one of the endpoints, and the ability to reconfigure the VLANs to add a span or mirror port, not to mention a way to get all the sniffed data out of the network without anyone noticing a doubling in network traffic. Plus, any half-decent protocol handling secure data (e.g., usernames/passwords) isn’t going to transmit that information in the clear, so the packet payloads would be useless.

Not to mention the fact that if someone had enough access to install a packet sniffer, whoever controls that network has much, much bigger problems than someone sniffing a videogame password. That’s like watching a house burn down and telling the owner he’s screwed because his grass is getting a little high and the HOA might not like it.

And please don’t lump data mining in with hacking. It’s bad enough people misuse the word “hacker”. Let’s not start associating data mining, which is a perfectly legitimate pursuit both in research and in business, with what is these days generally used to describe illegal activities.

I agree with you on the misuse of the term hacker, but I didn’t misuse the term data-miner as that is a very common means of aquiring information used to compromise a system. Data mining was not intended to be used as a reference to an action specifically malicious, just stating that it is in many cases all you could call the thieves. Hacker just seems to give them too much credit.

On the point of a packet sniffer, very few system are immune to being compromised and, you are right, that they typically need admin level of access on the equipment between the DSLAM switch and the router; however, unless it is run by a bunch of robots then humans still manage most network operation centers and are in charge of network architecture, meaning each employee is capable of unintentionally providing the needed information to breach a network. Hell, many companies dont even secure their employees PCs properly and many have company laptops that they carry home and use as a personal PC OFF of the vpn.

I can tell you from experience that unless a packet sniffer is put into place to target large numbers of users it often will not trigger any alarms on the network unless the one who put it in place was very sloppy. Typically the way we identify a packet sniffer is because a user reports slow speeds and after all typical transport checks have been made (provisioning and port speed yada yada) we then begin to look for things of that nature.

>Widowmaker

Ok, I’m not here to dispute your background or education. Just want to be clear on that. But you made a mistake in your post about how your account could be hijacked. You mentioned only Keyloggers or Rootkits can get you. Other people chimed in and talked about PC security, AV conflicts, etc. Did anyone consider that your internet connection might be compromised? My apologies if someone brought it up, because this thread was tl;dr. :P

You can have the most secure PC, but if you’re wireless, someone nearby could be using a packet sniffer. Or worse (and probably more rare), is that your hard line connection could be tampered with, and someone could be seeing your data. For cable internet customers, it’s not hard to piggyback off of a neighbor’s line if you know which connection to tap into. Happened to me, and I only knew because I caught the guy next door trying to push the wiring back into the outlet. Cable company had to install a special outlet cover prevent break-ins.

Smooth Penguin.5294:

>Widowmaker

Ok, I’m not here to dispute your background or education. Just want to be clear on that. But you made a mistake in your post about how your account could be hijacked. You mentioned only Keyloggers or Rootkits can get you. Other people chimed in and talked about PC security, AV conflicts, etc. Did anyone consider that your internet connection might be compromised? My apologies if someone brought it up, because this thread was tl;dr. :P

You can have the most secure PC, but if you’re wireless, someone nearby could be using a packet sniffer. Or worse (and probably more rare), is that your hard line connection could be tampered with, and someone could be seeing your data. For cable internet customers, it’s not hard to piggyback off of a neighbor’s line if you know which connection to tap into. Happened to me, and I only knew because I caught the guy next door trying to push the wiring back into the outlet. Cable company had to install a special outlet cover prevent break-ins.

You speak some truth, in most cases that level of security violation is exactly what you experienced, just a free loader looking to get some free service, most underhanded individuals looking to gold-farm don’t do house calls, but yes we were discussing packet sniffers.

@mcl.9240: Dood, you…are not…my nemesis

Do not forget to see the IP of the e-mail if possible. (search for advanced option, or something like that and search “received from:” “sent from:” etc)
You can mask your e-mail with anything you want, so you can receive a fake mail masked as a real. It’s called “SPOOFING”…
You can even receive e-mail from yourself… lol
Some e-mail providers do not give the sender IP, like google, SO is better to keep your eyes open to see if the e-mail you get its real.

By the way thanks for the info, it have to do with Anet because I’m sure theres lot of people who use the same credentials in GW2 AND Battle.net

I get the WoW phishing emails sent to my main email account all the time. Funny thing is, I have never played that game and my Battle.net Account is under another email address. Just dont click any of the links and for the love of (insert your random deity here) do not use the same password for everything.

Just to confirm 2 things
If you do not have a battlenet account they do sometimes tend to lock you after logging on after not using it in a while.
They will never ask you for details in emails like most companies and even if you think the email is a legit one never go through any links in the email.
Battlenet was hacked before and diablo was hacked a few weeks back.
For those saying they would see more hacking if arena was hacked there was no upsurge in diablo 3 after the breach, but it would be a very good place to get emails for other games coming out.

Pictish.3410:

Just to confirm 2 things
If you do not have a battlenet account they do sometimes tend to lock you after logging on after not using it in a while.
They will never ask you for details in emails like most companies and even if you think the email is a legit one never go through any links in the email.
Battlenet was hacked before and diablo was hacked a few weeks back.
For those saying they would see more hacking if arena was hacked there was no upsurge in diablo 3 after the breach, but it would be a very good place to get emails for other games coming out.

Yes, never open any link from your email if you can avoid it, and in most cases you can.

Alexixiv.4582:

@mcl.9240: Dood, you…are not…my nemesis

My nemesis is Captain Hammer. (Couldn’t resist!)

Seriously though, I’m always going to disagree with anyone that says “Don’t worry about [method of getting your account data], no one does that/it’s too complicated/that never happens/etc.”

Assume nothing; secure everything. It’s better to be worried about things that probably won’t happen than to not worry and have your account compromised.

I’m getting suspicious emails about my non-existent WoW or AION accounts all the time – they remain in my spam-folder until I feel like deleting them in a bulk.
As I have moved my GW2 account to an all-new email address (and I don’t have any sort of account on either of those games, merely had a trial period on WoW years ago), I’m not worrying all that much. Hackers always try to get your data randomly by sending out emails like these I suppose.

On a side note, I always take gleeful pleasure in reporting goldspammers in GW2 – never fails to lighten up my day when they are stupid enough to contact me ingame

lozerette.2153:

Alexixiv.4582:

@mcl.9240: Dood, you…are not…my nemesis

My nemesis is Captain Hammer. (Couldn’t resist!)

Seriously though, I’m always going to disagree with anyone that says “Don’t worry about [method of getting your account data], no one does that/it’s too complicated/that never happens/etc.”

Assume nothing; secure everything. It’s better to be worried about things that probably won’t happen than to not worry and have your account compromised.

Best to stop using computers altogether then; nothing is actually secure.

Or, live in reality with the rest of us. Actual risk assessments take into account the likelihood of a given attack vector. In this particular case, the likelihood of someone using a packet sniffer (and the likelihood of the account information being contained in packet payloads unencrypted) is vanishingly small.

If you truly believe that there is a real possibility that there are packet sniffers at every hop between you and any particular destination, you must never shop online, or use online banking, or log into any websites…except that you had to log into this website just to post that response. So someone here is being hypocritical, and it’s not me.

I have only played WoW for 4 months back in 2005-2006 (time of TBC release) and back in 2009 my account was hijacked without me knowing and I received an email from Blizzard about “gold selling” (I’m assuming players has been reporting my characters for gold selling spam), I checked the email to see if it had any suspicious links and it was all to Blizzard’s official sites so I logged in and realized my WoW account was active (remember, I only played 4 months and this is 3 years later) so I logged in and noticed I had 6 or so more characters created across different servers (I only had 2 at the start) and one had that dumb Mr. T head.

I changed the password to something I can’t even remember and got Blizzard to permanently lock the account because I have no interest in playing WoW, but to know that my accounts that remains in games over the years can still get compromised. I was also told by active WoW players that Blizzard had some inside job guys giving out information to gold sellers at one point.

That and SOE’s breach last year were the only time time I’ve ever had an account issues, and now that email linked to that game back in 2006 gets flooded with emails about Diablo 3, AION, Runescape, WoW and some other games of which I’ve only ever used that email address in WoW and no other games (and I only have played 2 of those listed games). So this kind of stuff bothers me, I hardly purchase anything online nowadays as well, I don’t even go to ebay, I do all my purchasing at my local stores.

mcl.9240:

lozerette.2153:

Alexixiv.4582:

@mcl.9240: Dood, you…are not…my nemesis

My nemesis is Captain Hammer. (Couldn’t resist!)

Seriously though, I’m always going to disagree with anyone that says “Don’t worry about [method of getting your account data], no one does that/it’s too complicated/that never happens/etc.”

Assume nothing; secure everything. It’s better to be worried about things that probably won’t happen than to not worry and have your account compromised.

Best to stop using computers altogether then; nothing is actually secure.

Or, live in reality with the rest of us. Actual risk assessments take into account the likelihood of a given attack vector. In this particular case, the likelihood of someone using a packet sniffer (and the likelihood of the account information being contained in packet payloads unencrypted) is vanishingly small.

If you truly believe that there is a real possibility that there are packet sniffers at every hop between you and any particular destination, you must never shop online, or use online banking, or log into any websites…except that you had to log into this website just to post that response. So someone here is being hypocritical, and it’s not me.

lol you are blowing this way out of perspective. I never implied a frequency of packet sniffers being used, simply that it is still a possibility and that they are still used…
and no I do not believe that there are packet sniffers at every hop, just stating that they are out there and to say that it isnt a concern is ignorance that I refuse to submit to.

Alexixiv.4582:

mcl.9240:

lozerette.2153:

Alexixiv.4582:

@mcl.9240: Dood, you…are not…my nemesis

My nemesis is Captain Hammer. (Couldn’t resist!)

Seriously though, I’m always going to disagree with anyone that says “Don’t worry about [method of getting your account data], no one does that/it’s too complicated/that never happens/etc.”

Assume nothing; secure everything. It’s better to be worried about things that probably won’t happen than to not worry and have your account compromised.

Best to stop using computers altogether then; nothing is actually secure.

Or, live in reality with the rest of us. Actual risk assessments take into account the likelihood of a given attack vector. In this particular case, the likelihood of someone using a packet sniffer (and the likelihood of the account information being contained in packet payloads unencrypted) is vanishingly small.

If you truly believe that there is a real possibility that there are packet sniffers at every hop between you and any particular destination, you must never shop online, or use online banking, or log into any websites…except that you had to log into this website just to post that response. So someone here is being hypocritical, and it’s not me.

lol you are blowing this way out of perspective. I never implied a frequency of packet sniffers being used, simply that it is still a possibility and that they are still used…
and no I do not believe that there are packet sniffers at every hop, just stating that they are out there and to say that it isnt a concern is ignorance that I refuse to submit to.

The post you’re responding to was in response to lozerette, not you.

There are all sorts of tools “out there”; you would not sleep nights if you were aware of some of the tools I’ve seen. A packet sniffer is one of the least effective and most effortful tools to use to compromise an account in the manner you’re concerned about. And as I’ve mentioned several times, the account information used in game and for the website is not sent in the clear, so the attacker would need to crack that encryption first.

But, if you want to be paranoid, be paranoid.

But if you’re going to be paranoid, do it correctly. For example, what’s the Shannon entropy of your password for the game? For the dozens (or hundreds) of accounts at various online vendors, websites, and services, you of course have completely random, unique passwords that you have memorized and do not ever write down, and unique email addresses for each one(preferably using a secure, offshore, fully-encrypted anonymous email system such as SecureNym)? And you route all your traffic through encrypted tunnels, with random egress points around the world (e.g., Tor)? You encrypt the contents of your hard drive, run all software in a sandbox, and have a plan in place to destroy the hard drives and RAM in your computer at a moment’s notice, preferably using something fast-acting like thermite (yes, information can be recovered from unpowered RAM these days)?

And of course you only use computers from a windowless SCIF to avoid things like people bouncing lasers off your windows to use vibrations to detect keyclick patterns that can be used to determine what you’re typing? And I’m certain you check all your power cords regularly for unknown devices, inside and out, since minute fluctuations in power can be used by passive devices to decode exactly what you’re doing on the computer?

Were you aware that there’s a book available in libraries and bookstores that contains the full plans, parts lists, and schematics for building a dedicated crypto cracking machine for under $10,000 that can brute force the encryption used to secure banking transactions? Were you aware that book is over 10 years old, and the hardware today would consist of a few high-end graphics cards?

There’s paranoid, and then there’s paranoid. You’re not doing paranoid very well. But hey, don’t take my word for it. It’s not like I’ve got 20+ years in the industry, including being responsible for the computers that ran one of the larger (partially nuclear) power grids in the nation, having a security background that predates the WWW, and having held various government security clearances in the past.

I used to be a system administrator for large unix servers, and worked for Sun Microsystems for years. I also was part of a project group some years ago that went around residential blocks with laptops to scan open networks and so forth, the results were incredibly shocking- waaaaaaaay too many insecure networks, and same goes for the email/login/password method on the internet… there’s way too many of those that uses simple or uses the same ones across different sites/games.

Putting blame on the general public aslide, Anet still should’ve added a layer of security, nearly every single game that requires an account to login has security of a sort.

mcl.9240:

Alexixiv.4582:

mcl.9240:

lozerette.2153:

Alexixiv.4582:

@mcl.9240: Dood, you…are not…my nemesis

My nemesis is Captain Hammer. (Couldn’t resist!)

Seriously though, I’m always going to disagree with anyone that says “Don’t worry about [method of getting your account data], no one does that/it’s too complicated/that never happens/etc.”

Assume nothing; secure everything. It’s better to be worried about things that probably won’t happen than to not worry and have your account compromised.

Best to stop using computers altogether then; nothing is actually secure.

Or, live in reality with the rest of us. Actual risk assessments take into account the likelihood of a given attack vector. In this particular case, the likelihood of someone using a packet sniffer (and the likelihood of the account information being contained in packet payloads unencrypted) is vanishingly small.

If you truly believe that there is a real possibility that there are packet sniffers at every hop between you and any particular destination, you must never shop online, or use online banking, or log into any websites…except that you had to log into this website just to post that response. So someone here is being hypocritical, and it’s not me.

lol you are blowing this way out of perspective. I never implied a frequency of packet sniffers being used, simply that it is still a possibility and that they are still used…
and no I do not believe that there are packet sniffers at every hop, just stating that they are out there and to say that it isnt a concern is ignorance that I refuse to submit to.

The post you’re responding to was in response to lozerette, not you.

There are all sorts of tools “out there”; you would not sleep nights if you were aware of some of the tools I’ve seen. A packet sniffer is one of the least effective and most effortful tools to use to compromise an account in the manner you’re concerned about. And as I’ve mentioned several times, the account information used in game and for the website is not sent in the clear, so the attacker would need to crack that encryption first.

But, if you want to be paranoid, be paranoid.

But if you’re going to be paranoid, do it correctly. For example, what’s the Shannon entropy of your password for the game? For the dozens (or hundreds) of accounts at various online vendors, websites, and services, you of course have completely random, unique passwords that you have memorized and do not ever write down, and unique email addresses for each one(preferably using a secure, offshore, fully-encrypted anonymous email system such as SecureNym)? And you route all your traffic through encrypted tunnels, with random egress points around the world (e.g., Tor)? You encrypt the contents of your hard drive, run all software in a sandbox, and have a plan in place to destroy the hard drives and RAM in your computer at a moment’s notice, preferably using something fast-acting like thermite (yes, information can be recovered from unpowered RAM these days)?

And of course you only use computers from a windowless SCIF to avoid things like people bouncing lasers off your windows to use vibrations to detect keyclick patterns that can be used to determine what you’re typing? And I’m certain you check all your power cords regularly for unknown devices, inside and out, since minute fluctuations in power can be used by passive devices to decode exactly what you’re doing on the computer?

Were you aware that there’s a book available in libraries and bookstores that contains the full plans, parts lists, and schematics for building a dedicated crypto cracking machine for under $10,000 that can brute force the encryption used to secure banking transactions? Were you aware that book is over 10 years old, and the hardware today would consist of a few high-end graphics cards?

There’s paranoid, and then there’s paranoid. You’re not doing paranoid very well. But hey, don’t take my word for it. It’s not like I’ve got 20+ years in the industry, including being responsible for the computers that ran one of the larger (partially nuclear) power grids in the nation, having a security background that predates the WWW, and having held various government security clearances in the past.

Holy essays batman, cool your jets,
simply being educated is not the same being paranoid. Every individual should determine the extent that their content should be secured based on their contents value to the world. We are protecting civilian email accounts, virtual possessions, and credit card information typically not exceeding $10k in available funds. This does not justify the extravagant methods you highlighted above… you ok man, sounds like you might need a hug?

Teknobug.3782:

I used to be a system administrator for large unix servers, and worked for Sun Microsystems for years. I also was part of a project group some years ago that went around residential blocks with laptops to scan open networks and so forth, the results were incredibly shocking- waaaaaaaay too many insecure networks, and same goes for the email/login/password method on the internet… there’s way too many of those that uses simple or uses the same ones.

Putting blame on the general public aslide, Anet still should’ve added a layer of security, nearly every single game that requires an account to login has security of a sort.

Heh. Wardriving. Peter Shipley and I pioneered that particular area. I had a working wardriving (actually warwalking; I’m not certain, but I may have coined that term back then) rig that you could fit in a pocket and take into buildings as well back in 2000 or so, based on a Windows CE handheld running Linux, or a Libretto 50ct. I’ve long since sold the handheld, but I still have the setup I used on the Libretto.

It was particularly amusing since I lived in the heart of Silicon Valley at the time, and could walk into or drive past every big name tech company you could care to name: Intel, AMD, Sun (my ex-wife worked at their HQ for a decade), nVidia, ATi, Cisco (which I lived a block from), Polycom (and if you don’t think they’re a big tech company or a worthwhile target, go into just about any corporation’s meeting rooms and have a look at what’s on the table), and myriad other instantly-recognizable tech companies.

…and then there were the various security conferences full of fairly well-known attendees, and their woeful approach to personal security. Let’s just say I was surprised to discover that 1) the range of stock, unassisted Bluetooth antennas is greater than I thought, 2) Steve Wozniak was only a few rooms away from me at the Alexis Park and didn’t really care to secure his Bluetooth setup, and 3) that he still had an AOL account. Which is amusing, since that year several of the talks were specifically about Bluetooth security.

Alexixiv.4582:

Holy essays batman, cool your jets,
simply being educated is not the same being paranoid. Every individual should determine the extent that their content should be secured based on their contents value to the world. We are protecting civilian email accounts, virtual possessions, and credit card information typically not exceeding $10k in available funds. This does not justify the extravagant methods you highlighted above… you ok man, sounds like you might need a hug?

If you were educated on the subject, you’d realize that worrying about packet sniffers in this context is foolish. Which has been my entire point all along, and you seem to have missed it repeatedly.

mcl.9240:

If you were educated on the subject, you’d realize that worrying about packet sniffers in this context is foolish. Which has been my entire point all along, and you seem to have missed it repeatedly.

If you were paying attention, you would realize that he wasn’t saying “worry about packet sniffers,” only that it is a tool available to people today. If you re-read the initial post, you’ll see that he was agreeing with you.

Everyone, calm down. Take a deep breath. Walk outside for a bit. (Unless it’s eleventy-billion degrees, then just look out a window or something.)

I swear, you techno-geeks and your pride… (said the techno-geek.)

lozerette.2153:

mcl.9240:

If you were educated on the subject, you’d realize that worrying about packet sniffers in this context is foolish. Which has been my entire point all along, and you seem to have missed it repeatedly.

If you were paying attention, you would realize that he wasn’t saying “worry about packet sniffers,” only that it is a tool available to people today. If you re-read the initial post, you’ll see that he was agreeing with you.

Everyone, calm down. Take a deep breath. Walk outside for a bit. (Unless it’s eleventy-billion degrees, then just look out a window or something.)

I swear, you techno-geeks and your pride… (said the techno-geek.)

Back from my walk… how was your walk mcl?