Lemmings of the Light

This is a repost from a great IGN article written by Rill_of_WE for people who have suffered a hack. I'd like to precede it with some in-guild instructions:

Officers: When a guildie has been hacked, please demote them and all their toons to Initiate status so they do not have any access to guild bank anymore. If you feel the hacker is communicating with guildies or people outside of the guild, or is botting in well-known locations, you can also use the gkick option to make sure at least the guild is not being given a bad name in the meantime. People can always get back in touch when they have retrieved their account.

Contents

• Step-by-Step Retrieval Process
• An Ounce of Prevention
• Prevention Measures
• Malicious Software Removal Tools
• Sources

Step-by-Step Retrieval Process

1. Clean-up - Run your Virus and Spyware scanners. Make sure that your computer is malicious software free before following the list below. If you get a new password from Blizzard and they restore your account, you risk getting hacked a second time if you don't clean your computer up. (See further down for Anti-Virus, Anti-Spyware help)
2. Retrieve your Password – Once you are sure your computer is cleaned up, it’s likely your password has been changed. Go here and go through the password retrieval process. Alternatively you can contact the account administration team via email wowaccountadmin@blizzard.com . If your password has not been changed, change it.
3. Contact Blizzard – Now that you have your password back you need to notify Blizzard that your account has been compromised. If you emailed them, they know but you might want to speak with a Game Master just in case. Use the in game petition system to do this. Game Masters are the most qualified persons to assist you. Click the Question Mark, click the button that says “Open a Ticket.” Then click the button that says “Issues GM’s can Assist With.” Choose Character then choose Report a Character Issue. Tell them your account was compromised and your equipment taken. Wait and a GM should be with you as soon as one is available. Watch for email and in-game mail because they will likely be giving you more information about what to do next. Alternatively you can contact Blizzard by calling 1-800-592-5499. This is not the best method of contact.
4. Temporary Banning – Your account will be temporarily disabled so that Blizzard can take steps to make sure it’s not the hackers that are contacting them. There are certain procedures that Blizzard will have you go through that need to remain as confidential as possible.
5. Account Restoration – When step 4 is complete, your account will be re-enabled and the restoring process will begin. This can take anywhere from 3-10 days depending on the current workload in the Account Administrations department.
6. When your account has been restored, ticket Blizzard with the time and date of being hacked, so they can restore your gear/items. Also, please make sure they are aware of any guildbank-retrievals done by the hacker so they will restore those items as well.

An Ounce of Prevention…

A list of ways to avoid being hacked and/or banned.

1. DO NOT SHARE YOUR ACCOUNT INFO. Just because your friend did something on your account, doesn't mean you're not responsible for it. Also, you cannot control what malicious programs may be on someone else's computer. Additionally, it is a violation of the game’s Terms of Use.
2. DO NOT DOWNLOAD EVERYTHING YOU SEE. Clicking yes is a good way to ensure you're username and password are stolen. Read up on what you're downloading and installing on your computer before doing so.
3. BEWARE OF STRANGE LINKS. Be careful when clicking links that don't show their addresses. These links are often called "masked links". These links may lead to files that will download, or files that take advantage of security leaks in your computer or browser. Stay up to date on your software and security notices.
4. DO NOT LET OTHERS USE YOUR ACCOUNT. Similar to #1 you may think it is okay to let a friend use your account if you do the logging in for them. This can often result in bans when someone you let use your account doesn't care what they say/do in game.
5. BEWARE OF ADD-ONS. Not all add-ons are safe. Just because you think it does something cool, doesn't mean it’s safe to download. Addons that function within Blizzard's framework, i.e. lua language files that drop into the Interface folder, are generally safe. Beware of addons that require you to run, install, extract ect.(.exe files) Do your research about any Add-on before downloading.
6. DO NOT CHEAT/HACK/BOT/EXPLOIT. These are all against the Terms of Use and accounts found doing so are banned.
7. ACT MATURE. Cursing at someone in game, calling someone a racist name or remarking in a racial way, harassing another player and all other obvious immature things can get your account banned. Just because Johnny Kill-Your-Mob stole your kill doesn't mean you can call him all sorts of horrible names. That can get your account suspended, or banned.
8. DO NOT BUY GOLD. It is oh-so-tempting and you get in game spam for it all the time. It is against the Terms of Use. Don't do it.
9. DO NOT PURCHASE/SELL/TRADE ACCOUNTS. Any account sold, purchased or traded is at risk, even if there is no previous reported negative activity on the accounts. Just because you traded your account or bought an account, doesn't mean the slate is wiped clean. And imagine that, it is also against the Terms of Use.
10. CHANGE YOUR PASSWORDS. Change your passwords at least once a year for everything you use that has a password. Choose a day and make it your password day when you change all your passwords. Also, don’t use the same password for everything. This is a helpful way to avoid all your passwords being compromised if just one of your passwords is compromised.

Prevention Measures

When an account is compromised, it’s usually because of one of three things.

1. Sharing Account Information - It’s against the Terms of Use. Don’t do it.
2. Phishing – Phishing usually comes in the form of email or in game scams. Blizzard will NEVER ask you for your username and password via email, in-game mail, or in-game whispers. Be wary of scams.
3. Keylogging – Some websites can be infected with keyloggers that will automatically download using a script. A keylogger logs your keystrokes.

To combat these things, here are some preventative measures...

• Blizzard Authenticator
  The Blizzard Authenticator is an optional tool that offers World of Warcraft players an additional layer of security to help prevent unauthorized account access. The Authenticator itself is a physical “token” device that fits easily on a keyring. Once activated, the Authenticator will provide you with a digital code that will be required upon login. The code changes, is unique and is valid only once, thus providing an extremely good security measure. You can purchase your Blizzard Authenticator at the Blizzard Store for 6 euro's/4,80 pounds.
  Blizzard Authenticator FAQ

• Using a different webbrowser than Internet Explorer
  Firefox is a browser similar to internet explorer. It has fewer security holes and a multitude of addons that can be installed to improve security and functionality. You can download it here.
  Two very good addons for this browser to help you improve security:
  • No Script Addon
    No Script disables scripts on a website unless you say that it's safe. Some websites can be infected with keyloggers that will automatically download using a script. No scripts is your first line of defense against malicious scripting. Download it here.
• Ad Block Plus
  Ad Block Plus blocks those annoying flashing banner ads you see everywhere. It can be a most enjoyable addon to have and can also help protect against keylogging. Download it here.

• Always keep your anti-spyware, anti-virus, and firewall software up to date!

Malicious Software Removal Tools

Name
Website
Services: AV (Anti-Virus), AS (Anti-Spyware), All In One
Cost: Fee, Free, or Both

Name: Norton
Website: http://www.symantec.com/index.jsp
Services: AV
Cost: Software Fees

Name: McAfee
Website: http://www.mcafee.com/
Services: All in One
Cost: Software Fees

Name: Zone Alarm
Website: http://www.zonealarm.com/
Services: AS
Cost: Software Fees, Free Version

Name: Trend Micro
Website: http://www.TrendMicro.com/
Services: All In One
Cost: Software Fees, Free Scan

Name: Kaspersky Lab
Website: http://www.kaspersky.com/
Services: All In One
Cost: Software Fees, Free Trial

Name: AVG
Website: http://www.grisoft.com/
Services: AV
Cost: Software Fees, Free Version

Name: Adware Alert
Website: http://www.adwarealert.com/
Services: AS
Cost: Free

Sources

Blizzard Entertainment
http://us.blizzard.com/support/article.xml?articleId=21449
http://us.blizzard.com/support/article.xml?articleId=20572
http://www.worldofwarcraft.com/legal/termsofuse.html
http://us.blizzard.com/support/article.xml?articleId=24660&rhtml=true

GameAmp
http://wow.gameamp.com/guide/viewGuides/2357.php!orderBy=

IGN WoWVault forums
http://vnboards.ign.com/wow_general_board/b19789/101999813/p1/?62