Advertisement

The Lawbringer: Account security and you

Mathew McCurley
Updated ·6 min read


Pop law abounds in The Lawbringer, your weekly dose of WoW, the law, video games and the MMO genre. Running parallel to the games we love and enjoy is a world full of rules, regulations, pitfalls and traps. How about you hang out with us as we discuss some of the more esoteric aspects of the games we love to play?

New players will soon be streaming into World of Warcraft come Cataclysm time, as well as old friends and enemies returning from prolonged sojourns. With these new or old accounts becoming active again, as well as a demand for grey market services increasing with a growing player base, account security is going to be on the tip of everyone's tongue again. For good reason, too. World of Warcraft has had one of the most daunting burdens of any MMO to date in dealing with account security, account hacking and a legal nightmare overseas.



Today's Lawbringer deviates into account security, which I personally believe is vital to discuss. This week, I figured it would behoove us to revisit account security and why the grey market is such a nightmare for Blizzard. We'll talk about a few ways you can keep yourself safe, especially with hacking predictably on the rise. Account security begins with the player's habits, and the more you are informed, the easier it is to knock out one more account from the clutches of thieves.

Your relationship with Blizzard, for the most part, is governed by the terms of use and the EULA, two documents you agree to before playing the game. You're paying for the privilege of using a service, an as far as those documents are concerned -- nothing more. Your account security is a combined effort between you and Blizzard, and it helps to be prepared.

Account security issues

Blizzard has its hands full dealing with security issues that crop up in and around World of Warcraft. Just as the aims and goals of computer hacking have changed in the past 20 years, so too have the reasons for hacking online game accounts. With so many hackers in many different nations attempting to steal account information, it is a daunting task to find and stop the attacks. Defense against these malicious attacks, therefore, is the only option.

A lot of people write in to me to ask about account security and hacking, but there is an interesting twist to the question. People want to know the "why" of it all, rather than the "how." Hackers like account information because it is an easy source of gold, items, and sellable items. The old days of hacking for hacking's sake and stealing for the sake of stealing are gone, and a new, profitable motive for account theft is in place. And it's been like this for years.

I enjoy talking about account security because every time my remarks hit new ears, I have potentially saved someone a great deal of heartache and trouble. So that's the aim of all this jazz -- let's save you some time, save Blizzard some phone calls, and make everyone feel a little safer.

Why me?

It isn't personal, really. Getting hacked can feel like an incredibly personal and invasive thing -- kind of like your house getting robbed. Behind the password is your stuff, your things, and your characters.

So ... why you? You might not have done anything terribly wrong, to be honest. Just visiting a website with executables or Flash content that can run programs through your browser can make you vulnerable. You might have been downloaded an executable file that an addon updater ran without knowing it was malicious. You might have picked up a keylogger from somewhere you visited that was compromised.

Whatever the avenue, you got bitten. The best defense, sadly, is to not get bitten in the first place. Other than that, getting those bugs off of your system and out of your life is a pain in the butt.

How to secure yourself

The best defense, in the case of all these malicious attacks, isn't a good offense. Really, the best way to protect yourself is through knowledge and behavioral changes to the way you experience online content. First, you figure out the way hackers can get your information. Second, you do your best to keep away from those potentially dangerous behaviors. Third, you use the Blizzard-approved and provided account security measures.

We've already discussed some of the ways hackers can make off with your personal information -- malicious Flash content, addons with executables from an unknown source, and spyware keyloggers. The problem arises when you consider most of these issues are sometimes beyond your control. That's where behavior comes in.

Your behavior matters

Two behaviors you can change right now that will reduce your amount of exposure to hackers and thieves are very basic. I have a lot to say about auto updaters, but we'll leave that for a lengthier discussion. For now, I recommend installing and updating addons by hand.

Put down the pitchforks -- I know that most of the time auto-updaters work perfectly fine and are innocuous. However, they have been compromised before and occasionally still have files that sneak into their distributions. Usually, these files are removed after one or two complaints, but these types of auto-update exploits do exist.

Installing addons manually is more time-consuming but has fewer potential risks. You won't be running any programs to update your addons, so no executables will be going off without you knowing. Plus, you can run them through a virus scanner. I wrote about installing addons manually in Addons 101.

Second, don't surf to gold selling or gold farming websites. These sites are notoriously full of potentially harmful Flash content and popups that are there to steal your account information, potentially for the very company that you are looking at. That gold you're looking to buy could have been stolen from someone who just didn't have the knowledge that you do.

In fact, don't buy gold. That's a pretty safe way not to get hacked by going to gold sites and giving people your information.

Let's all be responsible

As a community, we can do a lot to help World of Warcraft deal with the hacking problem. It's not all on our shoulders, though. Blizzard's involvement and responsibility is to assist you with information and means to protect your accounts. It is absolutely recommended to get some type of authenticator -- either the key fob from the online store or the authenticator program for the iPhone and Android operating systems.

Blizzard also recently announced an authenticator by phone service, allowing for a different type of account security for those inconvenienced by authenticators. It's not as secure, but it's something, and something is a whole lot better than nothing.

If you're a new WoW player coming in with Cataclysm or an old-timer continuing your epic journey, account security is still a big deal. Don't be scared or feel like protecting your account is a daunting experience; taking a few precautions will allow you to play fearlessly and save you a lot of time on the phone with great customer service people who have heard the same stories far too many times. You're playing an insanely popular MMO -- sadly, this is one of the things we have to deal with.

Read all about Blizzard's account security options here.

This column is for entertainment only; if you need legal advice, contact a lawyer. For comments or general questions about law or for The Lawbringer, contact Mat at mat@wow.com.