|
Ok, so I try to log in to cast some games and I can't! There's an error saying my access patterns have changed, and they think the security of my account has been compromised.
Apparently, if you know someone's Real ID e-mail you can just repeatedly try to log in with incorrect passwords, and if you do it enough it will LOCK their account. Sooooo, obviously if they know your Real ID e-mail, they know where they can send phishing e-mails as well. They pose as Blizzard admins with URLs like battle.net.worldofwarcraft.admin.com.thisisnotaphishingurlipromise.net that some people could be fooled by. I didn't click on them because I'm not a moron, but I could imagine that if someone did they would be lead to a page where they enter their account e-mail and password and BAM the phishers have a brand new account to play with. Look out for it.
How I dodged it: I went to battle.net and tried to log in there, but of course it's locked, so I can't. So I went to change my password instead, and entered my secret question. Blizz sent the familiar password changing e-mail and I was set (everything worked again, account was unlocked). It's kind of frustrating that anyone anywhere can lock your account just by trying to log in one hundred times.
Just letting you know that people are starting to do this and how to fix it instead of losing your account to sneaky thieves.
 
|
I've had the same thing happening to me with my WoW account. Though it was hacked apparently and they've got it locked. I don't really care much but it's still pretty annoying. My bnet account of course was compromised since my password didn't work but I did end up changing my password and now I have to change my email address too. I've been getting some phishing emails as well lolol Be on your toes everyone!
|
You can always get a Blizzard Authenticator to secure your Battle.net account; it's that device you get for $6.50 from the Blizzard store and secure your account with an additional code generated from the authenticator. http://us.blizzard.com/store/search.xml?q=authenticator
I saw -orb- and some other streamers using it and the complete security you get for your account definitely compensate the cost, even more if you have more than one game on your account.
Or juste create a stronger password including more characters, symbols..
But I have to say Blizzard do a great job for lost account, if you can provide your game cd-key, your name and other informations you gave when making your account, I had no trouble getting my account back!
|
Even with the Authenticator, can't they still do failed logins until it locks?
|
On March 15 2011 07:05 forgotten0ne wrote:
Even with the Authenticator, can't they still do failed logins until it locks?
yes, then they can send you a phish link etc... etc....
It gets even worse if you're on a public network and someone is MIM attacks.
|
It wasn't me I swear josh! D: + Show Spoiler + (This is a joke btw, I <3 joshsuth)
Seems like just another random way on b.net to harass people, except with this technique, I don't see an easy way for blizzard to fix/prevent it :/
(Maybe they could set up a system to authorize a single IP address to access an account, optional of course)
|
Wow, thanks for the heads up and the 'what to do' writeup. I'll definitely keep this in mind.
|
Check your email login activity. This happened to me and they had accessed my email as well (same pass).
|
Well the big point about this, I wasn't actually hacked. They don't know my password, they were trying to get me to give it to them via phishing site with a replica of the battle.net homepage.
|
Actually, several people have had this problem today myself included, I don't think it was hacking I think it was something to do with Blizz though I'm not quite sure what.
|
This isn't hacking.
Doesn't even sound close cracking.
It's just nub trying passwords :B
Good save though~
|
Oh the old days of brood war where you can just make over nine thousand accounts
|
|
|
|
|
|
EPT
