"OMG! My account has been compromised! It's not me! It's all Blizzard's fault!"
If the case happens that your account has been hacked, here is a short guide to what you should do.
There are many ways you can have your account stolen from you.
- Failing to update your OS.
- Failing to update programs (such as Flash player, Adobe PDF Reader, etc.)
- Using automated programs to install addons (ALWAYS install your addons manually after checking the files thoroughly.).
- Responding to emails that attempt to phish your account information.
- Going to 3rd party websites and inadvertently providing your account information. (Many people use the same email address for everything, including their WoW account. And they also use the same password. Bad ju-ju!)
What To Do
By using the following checklist, you can ensure your computer is clean and get your account back.
- First and foremost, notify Blizzard to get your account locked so no further damage is done. Blizzard also recommends that you immediately change your password if you're able to. While normally this is good advice, we're torn between getting the password changed and just leaving it as is, just in case you do have malware on your system that is recording keystrokes. If this is the case, changing the password just gives the cretin access to your new password. However, getting that account locked is imperative.
- Once the account is locked and protected, you now need to find the source of compromise.
- Run a full scan of your system using your anti-virus program. Ensure the latest signature files have been updated before running the scan.
- If you haven't already done so, download and install Malwarebytes. Update and follow the procedures found here.
- If, at this point, you still haven't found anything, go to this page and use one or more of the programs listed there.
- By this time, you should have found the culprit. If not, there are a couple of reasons why this may be. First, you replied to a phishing email with your account information. If this is the case, you were the compromise and provided the account information to the parties who stole your account. Always remember, Blizzard will NEVER ask you for account related information. They already know your account information, including your secret question and answer. It's also possible that a website was compromised where you've used the same email address and password. The last possibility, and it's always the worst one, is that you have a bug that hasn't tripped any security tool yet, and nothing you have in your arsenal will get rid of the bug. In cases like that, the only way to really ensure the bug is removed is by doing your 3 R's. Repartition, Reformat, Reinstall. If you elect to do this option, do NOT restore anything from a backup disk you've made. You could easily reinfect your system and you'd be right back to square one.
So, your system is now squeaky clean and you have everything reinstalled and you're ready to go. You'll need to contact Blizzard to get the account unlocked and then submit an email to get your characters and items restored. You should also order an authenticator if you have not already done so. A quicker way would be to determine if your phone is capable of running the authenticator on it. If so, the authenticator is free for iPhones - most other phones cost $.99 to download. Go here to see if your phone qualifies.