Battlenet Account Hacked

Ninjabear

I'm pretty sure that someone has been accessing my Battle.net that I used to play World of Warcraft. I canceled my WOW subscription a few weeks ago, but the service won't end until the end of this month.

Someone has been changing my password and making characters on various servers on my account for the purpose of spamming. They have also tried to transfer one of my characters using their own credit card to pay for it. I'm not sure if this is being down with keyloggers or what, but I've already changed my password twice this week and have informed Blizzard that the account has been hacked.

Any tips on what I can do to find keylogging programs on my labtop?

Is it possible for someone to get my credit card information from my battle.net account?

Fizban140

Just call up blizzard, run a virus scan. It is very likely they just guess it, I hear that happens sometimes.

Rikushix

Make sure that the emails you are receiving about your account being compromised are actually coming from Blizzard. I was in the same boat as you, more or less, and to this day I still receive nigh daily emails from Chinese gold farmers which attempt to spoof Blizzard's noreply email accounts, which say that someone has initiated a email change request and I should go to so and so site immediately in case I've been hacked blah blah blah.

Regarding potential consequences, no one should be able to pull your credit card information just by virtue of being privy to your account. If you go to your billing information on your Battlenet account, your info is mostly starred out, if I recall. Of course, they could use your information to buy games or services through Battlenet...like character transfers, for example. But I don't think your credit card itself has been compromised - especially since they used one of their own to transfer your character.

Nova_C

My account was compromised a few months ago after I signed up for some free MMOs (Perfect World International is the one I think was the culprit). I didn't think very hard about what I was doing and used the same password. Anyway, my WoW account had been inactive for a while and a friend from WoW who I keep in touch with gave me shit for ignoring her in game. I resecured the account and enjoyed a month of free WoW (They had reactivated with their own credit card).

As far as your card info goes, it should be safe. You have to re-enter the card info to do anything aside from the recurring subscription, so they can't use your card for other battle.net services or even WoW services. I ended up getting an authenticator since even though I didn't keep playing WoW, I have SC2 and plan on getting Diablo 3, as well as all the other Blizzard titles I already own and my account has been secure ever since.

Fagatron

Also most people don't know this but it's VERY easy to spoof who an email's from.

Just because they say they're from Blizzard (if they do) doesn't mean that they are.

Ninjabear

Okay, I ran a scan with AVG and Malware. Everythings coming up clean.

Hopefully, I won't have to deal with this crap anymore once my subscription expires at the end of this month.

Siska

Treat any e-mail from blizzard (or from other MMO companies or banks, I get fraud mail from NCSoft) that claims you cheated/got hacked/won a pink elephant with a big bag of salt. Never click links in "blizzard" e-mails... And never ever log in from links provided in an e-mail. Instead go to the battlenet website the normal way, by typing the address, and if there is any truth to the e-mail you'll find information about it there.

Rikushix

Nova already mentioned this but I'll reiterate: unless you plan on never playing any Blizzard games ever again, get an Authenticator. They're free in app form for iPhone, Android and Blackberry, or you can buy a tangible fob for a mere $6.50. Since it generates an 8 digit hashkey every thirty seconds, it's virtually impossible for anyone who does not have your phone to access your account either online or in game. Once you're 100% sure your account is safe (change your account password AND email password), attach the authenticator to your account. In theory, your account is impregnable. Ta daaaaa.

DarkPrimus

I've gotten spam email about my Battle.net account being hacked, but I can log in with my password and nothing is ever changed (I go to Battle.net directly to log in, not through the email), so I've just blocked all the mails I get as spam.

General advice:
NEVER TRY TO ACCESS BATTLE.NET VIA EMAIL LINKS CLAIMING SUSPICIOUS ACTIVITY ON YOUR B.NET ACCOUNT.

If your information is actually being changed and activity is racking up on it, though, then you are genuinely compromised. Sounds like you're already taking the proper steps.

Eat it You Nasty Pig.

If you do wind up needing to interact with Blizzard, you're likely to get much quicker responses from their phone people than from email support.