oh dear lord my account was hacked yesterday. how often will blizzard actually restore an account? and if its restored, will i get everything back?

They can restore any amount of times but usually will only do once per account.

well yeah this is the first time i've ever been hacked - im just paranoid and wanted to make sure that they would actually restore it for me. the worst part of this is that im stuck at work all day waiting for a reply from blizzard.

From what most people who've had it restored say, you'll get your toons, your items, maybe gold, no enchants or sockets.

If you had any green "of the xxx" the xxx will be anything on restore.

no enchants or sockets? lol that blows... im pretty sure that i got hit with a phishing site...

from what ive heard they will restore your account with any quest items you have but no drop items.

a while ago a mate of mine got hacked hey got his account back but no gear period his guild ran him through MC (pre BC) and he did it in VC gear LOL.

i might quit if i dont get my gear back. i've been playing since release...

You won't quit if you have been playing for this long.

if you'd been playing for 3 years and lost all of your mains and items what would you do? im probably getting ahead of myself, i havent even heard back from blizzard yet.

A friend of mine recently had his account hacked, he got everything back except mats and gold. The Paladin moderator Leord also received everything back except mats and gold when he was hacked, but he knows of someone who received gold as well as his items when the same thing happened to him, so it probably depends on the circumstances.

good luck, i hope you're able to get everything (or most everything) back!

When i was hacked i got everything back except enchants. That includes all mats gold & things i collected along the way. It took them 3 weeks to restore my gear though.

haha oh god 3 weeks - this is going to be a freakin' marathon of boredom. i can probably get an alt to 60 in the time it takes...

thanks for the support everyone :)

May depend on the disposition of the GM you talk to (Bad day = no gold?)

i might quit if i dont get my gear back. i've been playing since release...

damn man...sorry to hear that you got hacked

damn man...sorry to hear that you got hacked

From the person trying to push a fake website in his own thread.

i think thats the phishing site that i hit... thought it was the account login page. i bet this guy did it to me...

He went and changed his link after I reported him, trying to cover his tracks.

here where you got it
http://wow.incgamers.com/forums/showthread.php?t=405347

that guys post bad links to wow's login page for about 5 min. then changes them to good links.

man, what a bastard. i cant believe i fell for it. i feel like an idiot. the honset truth is that i just didnt think it could happen to me. listen up people - everyone is in danger. dont let the same thing happen to you. never link to any page from the forums that requires your login/pass. if you need to check something in regards to your account, go to the wow main page and link from there.

Don't sweat it mate. Just stay cool and don't take the Blizzard Rep's head off. Just be patient with him and you'll get through it. :thumbsup: Just keep riding. You'll get through the darkness.

man, what a bastard. i cant believe i fell for it. i feel like an idiot. the honset truth is that i just didnt think it could happen to me. listen up people - everyone is in danger. dont let the same thing happen to you. never link to any page from the forums that requires your login/pass. if you need to check something in regards to your account, go to the wow main page and link from there.

I actually can't believe you fell for it either. I still feel deeply for you though. The world would be a better place without scum like that.

Myself and Maticus are about to put together a big sticky regarding the recent phishing crisis. It should help with the situation, however until then:

Do not click on any links from first time posters!

Do not click on any links in a thread that claims to have some sort of Beta access, it's a definate fake!

Do not enter your login details into anywhere but your WoW client and the main official site, make certain it is the main core site. Do not use links from any board or forum to reach it, type the address to the main site in manually.

is there any way that the mods can change the way new users post? like make it so they cant post links until they have made X amount of posts?

As good of an idea as it is, it wouldn't really stop them...
Example:


Get cheap WoW Gold!
go to lolz-gold.com!
Our prices are amazing! $100 for 1 COPPER!!!!!!!!!
Hurry! We have NO GOLD IN STOCK! SO HURRY IN WHILE THIS SPECIAL OFFER LASTS!!
Also, get the BEST powerleveling service on the net!
1-2 in ONLY 1 WEEK FOR ONLY $900!!!!!!
Hurry to lolz-gold.com!!!!!!

All they do is just not put www in front of the website.
www.worldofwar.net <-Linky
worldofwar.net <-No linky

Now, granted that is a lame example, even the most n00bish of players wouldn't do that, but it can be easily applied to the string of WotLK beta scammers we've been getting:

Go to getscammedtoday.com where we have REAL Wrath of the Lich King beta keys for the just recently announced Beta test!

In regards to that, I have to say that at this rate the a real Open Beta will come around but we'll be so cautious it'll be "The Boy Who Cried Wolf" for us.

Edit: And again, good luck with getting your account back, mate. I hope you do get as much of it back as possible.

man, what a bastard. i cant believe i fell for it. i feel like an idiot. the honset truth is that i just didnt think it could happen to me. listen up people - everyone is in danger. dont let the same thing happen to you. never link to any page from the forums that requires your login/pass. if you need to check something in regards to your account, go to the wow main page and link from there.

Actually, as long as the links go to Blizzard's pages (and you *do* need to pay attention to the location bar, and where the link goes, not just where it "says" it goes -- the text on the page can say anything; the link itself does not have to go where the text in the page says), you are OK.

rule of thumb #1: *never ever* *ever* *everever* go to blizz's site via somebody else's link.
*never*
*ever*...

*ever*!

there are many ways to obfuscate links to parade as something they are not.

rule #2: never ever enter your login details on any webpage or email except in the game client, and on blizzard's own _SECURE_ page. in fact... use the "manage account" link in the wow client login screen to get to the secure login page.

rule #3: blizzard employees will never ask you for your password.

rule #4: avoid exe addon installers, too many trojans/backdoors/keyloggers slip in that way.
[edit: can't type . exe aparently :p]

can't be too safe these days :/

rule of thumb #1: *never ever* *ever* *everever* go to blizz's site via somebody else's link.
*never*
*ever*...

*ever*!

there are many ways to obfuscate links to parade as something they are not.

Actually, it is very easy to spot the "obfuscated" links. Just look at the domain name. if it isn't "blizzard.com", "worldofwarcraft.com", "wow-europe.com", or "wowarmory.com", there should be a huge red flag that pops in your head.

rule #2: never ever enter your login details on any webpage or email except in the game client, and on blizzard's own _SECURE_ page. in fact... use the "manage account" link in the wow client login screen to get to the secure login page.

That's a safe, and sure thing, true enough.

rule #3: blizzard employees will never ask you for your password.

Always good to remember.

rule #4: avoid exe addon installers, too many trojans/backdoors/keyloggers slip in that way.
[edit: can't type . exe aparently :p]

can't be too safe these days :/

Basically was my point, anything with an executable is questionable.

Actually, it is very easy to spot the "obfuscated" links. Just look at the domain name. if it isn't "blizzard.com", "worldofwarcraft.com", "wow-europe.com", or "wowarmory.com", there should be a huge red flag that pops in your head.






Wrong. I was at Defcon this year and they can spoof that field to. It was crazy. They infect the web server itself. So if they hack Blizzard.com's website, they can run java script from that site and send all your info on the backend to their server. The whole time you looking at your address bar and it says http://www.blizzard.com And yes, they hacked some serious url's at that conference.

Wrong. I was at Defcon this year and they can spoof that field to. It was crazy.

Depending on web browser, sure. Like I said before, don't use IE.

They infect the web server itself. So if they hack Blizzard.com's website, they can run java script from that site and send all your info on the backend to their server.

There is a number of things that can be done to restrict that, like the NoScript extension mentioned previously in the thread.

The whole time you looking at your address bar and it says http://www.blizzard.com And yes, they hacked some serious url's at that conference.

Which goes back to using a competent browser, one not so heavily riddled with security flaws & holes. Getting one not so heavily used also reduces the chances, but just simply not using IE reduces the primary security weaknesses and vulnerabilities you have a thousand fold.

I've done computer security, in civilian and military markets, I've dealt with such things far more than I really care to think about (many, many hours wasted on recovery from viruses/etc at work). It is one of the primary reasons I simply do not use anything made by Microsoft. That gets rid of 99.9999% of the problems. The rest is just some common sense and paying attention to what I'm doing.

The browser can be as secure as you want, all you need is someon that decides to run a script because www.blizzard.com (http://www.blizzard.com) wants him to. They think "sure, i can trust blizzard" because im on www.blizzard.com (http://www.blizzard.com) . My point has nothing to due with the type of browser.

The browser can be as secure as you want, all you need is someon that decides to run a script because www.blizzard.com (http://www.blizzard.com) wants him to. They think "sure, i can trust blizzard" because im on www.blizzard.com (http://www.blizzard.com) . My point has nothing to due with the type of browser.

What you are talking about is called XSS (http://noscript.net/features#xss), which once again, like I just explained, getting NoScript (for FireFox) will eliminate this as a problem, so, once again, the browser you get does matter (there is no equivalent for IE). Your point is the same point I've brought up before, that for every lock, there is a key, and all there is to do, is constantly work at building a better mousetrap. My point is that when the better mousetrap exists, why continue to use the worse one? Just because the problem will persist and never be completely protected against, that's no reason to throw the safeguards aside.

wow they really take their time responding. its been two days. they responded to me immediately when i sent the request for assistance from the wrong email address, but i sent a request from the correct address over 24 hours ago and still havent heard from them.
*sigh* maybe its time to think about quitting for real... not sure if i have the willpower to start another new character from scratch.

don't quit, it not the end you'll get most your stuff back.
i like starting new toons, it gives you a brake, and how often can you ding 15 times in one day, lol

don't quit, it not the end you'll get most your stuff back.
i like starting new toons, it gives you a brake, and how often can you ding 15 times in one day, lol

Quoted for Truth. It can be rather fun to go from that level 67 which you ding once per week or so, to go to a new level 1 and be like:
"Wow. I forgot about leveling up! It does exist!"

But really man, stay with it. Blizzard likes your patronage (more cash for them). They'll restore your character, with your major items intact. Just keep trying.

Quoted for Truth. It can be rather fun to go from that level 67 which you ding once per week or so, to go to a new level 1 and be like:
"Wow. I forgot about leveling up! It does exist!"

Heh I did that. Problem is, I now have 2 70's, a 61, a 48, a 45, a 40, a 30, and a 25. Eventually, the fast leveling stops on all of the characters...

Reported due to gold-selling spam.

Reported due to gold-selling spam.
Please don't quote the spammer next time, it meant I had to edit your post to delete the quote because it held the links too.

Please don't quote the spammer next time, it meant I had to edit your post to delete the quote because it held the links too.

I realised that after I quoted it and, just before you deleted the quote, I had actually edited out the links. :grin:

Ah well. At least he's joined the perma ban club :grin:

They can restore any amount of times but usually will only do once per account.

Blizzard will restore more than once per account. More like 4-5 times per account.

Wrong. I was at Defcon this year and they can spoof that field to. It was crazy. They infect the web server itself. So if they hack Blizzard.com's website, they can run java script from that site and send all your info on the backend to their server. The whole time you looking at your address bar and it says http://www.blizzard.com And yes, they hacked some serious url's at that conference.

They don't have to infect the external server...they can do it by changing or implementing a hosts file on your own comp.

You'll never know it unless you check your own hosts file....A site URL could look like blizzard.com and really go to wellsfargo.com. You'd never know unless the page looked different, or you checked the hosts file.

ahh, the wonders of a system that does not rely on a hosts file. Oh, and doesn't run on a platform that such malware is ever built for.

you people who don't use windows think your so leet. lol jk

hay DR. any news on your account?

you people who don't use windows think your so leet. lol jk

hay DR. any news on your account?

Windows, Unix, and linux all use hosts files, and can be attacked through them.

1. Get a mac
2. have fun

no moar phishing sites!

WAHOO! Great news everyone, i just got my characters back this morning! They restored EVERYTHING! HKs, honor, Sockets, Enchants, Gold... everything! It was a good day for justice today :)

Thanks a lot for all of the support, everyone :D

This is excellent. Not only has phishing attempts fallen to one thread in five days, one of the victims from it has had a full recovery. Truely good news. :grin:

im so happy im like vibrating. stupid being stuck at work all day. im sure not getting any sleep tonight! :D

Congrats, good to hear.

Windows, Unix, and linux all use hosts files, and can be attacked through them.

Except for when you've built the system to not use a hosts file, period. Even if someone wants to somehow get a hosts file on my system, my networking subsystem doesn't pay any attention to it. Good ol' --no-hosts options :)

:happy: GRATS!

WAHOO! Great news everyone, i just got my characters back this morning! They restored EVERYTHING! HKs, honor, Sockets, Enchants, Gold... everything! It was a good day for justice today :)

Thanks a lot for all of the support, everyone :D

Good news :) Yay. Does that mean we can't burn you, cos you're a witch? Awww go on..

im so happy im like vibrating. stupid being stuck at work all day. im sure not getting any sleep tonight! :D

Congratulations! Have fun tonight but start limiting your fluid intake at around 4pm so that you don't have to make pesky potty trips which detract from actual gaming time.

Our Guild Leader used to ask us all what we were drinking during a raid and would then "yell" at us to stop because he was only allowing 2 bathroom breaks so we all better go before we leave. It was always good for a laugh.

Just make sure you're changing your PW regularly. I know I'm guilty of not doing that as often as I should.

Congratulations! Have fun tonight but start limiting your fluid intake at around 4pm so that you don't have to make pesky potty trips which detract from actual gaming time.

lol im way ahead of you. why go to the bathroom when you can bring the bathroom to you? Thats right, im building an apparatus. Complete with gears and tubing and hydraulics. nightmarish? yes. handy? you betcha.