It could be you...

One of the thing that most surprises me when it comes to customer service issues that get brought up to us in MMOs is how surprised many people seem to be when their account gets compromised. There is often an overwhelming feeling of 'it won't happen to me' or 'I am too smart to be caught out like that' out there. These kinds of incidents are on the rise and it is almost always due to poor security of some kind at the client end that these things occur. Even people who genuinely believe they are 'safe' don't always understand what new methods these people at their disposal, and how much more attentive you have to be in terms of where and what you browse online.

Of course there are basics:

  • Don't share your account details (ever, you would be amazed how many of these events come from peeople who thought they could trust someone with their log-in)
  • Don't use cheat /third party programs without protection or knowing what they do (some would say you deserve what you get here, in terms of cheats, but there are also valid third party applications however this is a very common way of getting more than you bargained for)
All very obvious you might think?

Don't be complacent out there though. The methods that the griefers, hackers and even criminals out there can use are as sophisticated as ever, and invariably they are playing on that very 'it won't happen to me' approach to snag your account details. You don't even need to knowingly download anything these days. Even going to the wrong website without the relevant security in place can compromise your computer. So even just visiting the more dubious sites out there can compromise your account if you don't know how to protect against a browser forcing downloads onto your machine.

Likewise, while it is very hard, and much more dangerous, for the hackers to go after the official databases, which are generally held in secure data-centers, they can, and do, go after the fan-sites and locations that might hold your details, and try and take advantage of the fact that you might use a password and log-in similar to your game log-in. You would be surprised how many people can be caught out like that.

If you use a site assocaited with a game, make sure your log-in and password is as far removed from your game log-in and password as possible.

Remember there are some simple measures you can take to try and avoid falling foul of these hackers. Jamie Skelton over at made a good list this week in an article on the same subject this week.

What can we do? Although nothing is a guarantee, you can take these steps to protect yourself:

  1. Think smart with your passwords. Don't use the same password everywhere, and make strong passwords. Change them frequently. Don't give them to anyone else.
  2. Be security conscious while web-browsing and reading your e-mails. Make sure you're on a trusted site before logging in or downloading any sort of software.
  3. If your favorite games offer secondary password protection, use it.
  4. Run at least one anti-virus and anti-malware program on your computer on a regular basis. There are free programs (avast!, Spybot, and Ad-Aware are most commonly known), and they don't take up much memory. There's no excuse not to at least take free protection, even if it's not perfect.
  5. If you do get hacked, report it. Don't just let customer service restore your account; give them the details on how you got hacked if you know (and it wasn't your little brother). Also report the incident to the Internet Crime Complaint Center if you're in the States, or to the appropriate agency in your own country. Most of these agencies take reports about spyware and keyloggers, as they are recognized methods of cyber crime.
This is a very real problem out there, and much of it can be avoided if you exercise a little common sense and caution when surfing the web. The threats out there are growing, and becoming more elaborate and inventive with the tactics they use, so it's worth being aware of and bearing in mind if you actively play MMOs.

We do a lot behind the scenes to try and catch these people, as do all our fellow MMO producers, it's an ongoing battle. As long as there is a market out there for people buying and selling third party items, services or such I am sure that this activity will continue. You can also help though by not presuming that it will never happen to you and staying alert.


Borealis Resident said…
As someone who had an account hacked through letting a trojan on my computer I have to say AMEN! More people need to realise that the days of these guys catching only stupid people are long gone (of course I would say that LOL)
Kriger said…
I have a friedn who used to say stuff like that. he always though he was way to 'tech-savy' to get caught out, but sure enough lost his WOW account to just such a scam (at his best guess a now removed website he admits he went to that claimed to have WOW add-ons that allowed you to effectively cheat). None of us are really safe until all developers offer token or additional verification
Chioxin said…
I suppose this is why blizzard implemented that number varification addition to your accounts if you wanted it. Like the Norwegian banks have. You need a randomly generated number every time.

Personally I think that's the best thing to do. I know we SHOULD change out passwords and have complex and different ones per web page. But seriously? Do you know how many things I'm signed up to? I'd need to have a note book where ever I went to keep track of them all =P =)

So I don't know. Sad situation really. A very good read though =)