So, I have just recovered my password and added an authenticator to my account after being hacked, for the first time in 5 years.
I'm not sure how it happened, as I have AVG and Ad-Aware installed, both of which say my system is clean, and I never open any of the scam emails.
The real kicker is, I have only just reactivated my account after ~7 months not playing. I figure my system must be compromised in some way, and hence the title topic.
Which (preferably free) security programs, other than the two I already have, would you recommend?
- Forums
- World of Warcraft
- General Discussion
- Your security software of choice?
Your security software of choice?Follow
AVG was just OK when I used it, although many folks use it with no problems.
I currently use Avast! and Malwarebyte's Anti-malware
I currently use Avast! and Malwarebyte's Anti-malware
for my standard antivirus, I have been using Eset Nod32 for quite some time, excellent antivirus.
For cleaning things I tend to use malwarebytes + a healthy dose of google.
For cleaning things I tend to use malwarebytes + a healthy dose of google.
Anobix and Brutusbukeye of <Imprimis> of US-Stormscale
Progress: TBC: Clear. WotLK: Clear -25HLK. Cata: 85 and Unsubscribed!
How to Use Rawr
Progress: TBC: Clear. WotLK: Clear -25HLK. Cata: 85 and Unsubscribed!
How to Use Rawr
I use ESET Smart Security 4 (includes firewall). As a paid app, for my 4 home computers, it's fairly economical. I set the firewall to interactive on my pc, so I get notice of any unknown outbound traffic.
I think an outbound firewall that notifies you of new activity is a missing piece in standard windows. If my anti-virus didn't have it, I'd be looking at zonealarm or some other firewall software that would provide it. The fact is that no anti-virus finds all malware, and most wont detect new malware the day it comes out. I strongly recommend improving your personal firewall as well.
I have nothing against free or open source alternatives. I look forward to what other people have found to be useful.
For cleanup, I reach for Malwarebytes as my first choice. ESET has a free Online Scan. HijackThis is also very useful.
Edited, Jun 7th 2010 6:05pm by dadanox
I think an outbound firewall that notifies you of new activity is a missing piece in standard windows. If my anti-virus didn't have it, I'd be looking at zonealarm or some other firewall software that would provide it. The fact is that no anti-virus finds all malware, and most wont detect new malware the day it comes out. I strongly recommend improving your personal firewall as well.
I have nothing against free or open source alternatives. I look forward to what other people have found to be useful.
For cleanup, I reach for Malwarebytes as my first choice. ESET has a free Online Scan. HijackThis is also very useful.
Edited, Jun 7th 2010 6:05pm by dadanox
Wahu - Disc Priest (main)
Get an Authenticator!!
Get an Authenticator!!
Do you alt-tab and browse while playing?
I do, and I think that is how I got hacked. I was on some random site and while waiting for my group to form when I got a pop-up from one of those fake virus scanners that flash your system is infected and try to get you to click links. So I ended IE without clicking anything and went on to my group, then I logged off for the night. Later that night I got the dreaded emails from Blizzard saying my account info was changed, and my account was hacked.
Later on in the week after getting my account restored and running numerous scans with 0 positive results I see the loading message said something like be carful of what sites you visit while logged on to WoW.
The only thing that I can guess is that while logged on your account info is sent to Blizzards servers more than just your initial log in and this can be intercepted somehow. It sounds far fetched but I can’t really think of any other way it could have happened.
On a side note what saved my characters items and gold was the fact that I get my emails to my BlackBerry that I keep on me 24/7 so I responded very quickly to the initial email.
Edited, Jun 7th 2010 5:01pm by swirljello
I do, and I think that is how I got hacked. I was on some random site and while waiting for my group to form when I got a pop-up from one of those fake virus scanners that flash your system is infected and try to get you to click links. So I ended IE without clicking anything and went on to my group, then I logged off for the night. Later that night I got the dreaded emails from Blizzard saying my account info was changed, and my account was hacked.
Later on in the week after getting my account restored and running numerous scans with 0 positive results I see the loading message said something like be carful of what sites you visit while logged on to WoW.
The only thing that I can guess is that while logged on your account info is sent to Blizzards servers more than just your initial log in and this can be intercepted somehow. It sounds far fetched but I can’t really think of any other way it could have happened.
On a side note what saved my characters items and gold was the fact that I get my emails to my BlackBerry that I keep on me 24/7 so I responded very quickly to the initial email.
Edited, Jun 7th 2010 5:01pm by swirljello
InsanityShade wrote:
I'm not sure how it happened, as I have AVG and Ad-Aware installed, both of which say my system is clean, and I never open any of the scam emails.
AVG isn't worth the time spent downloading it, not since sometime late last year. It's so easily spoofed that even if it says all is well, I wouldn't believe it. Use Avast or Avira for your antivirus, install Malwarebyte's Antimalware and run both frequently. If you don't use Firefox, install that and use No-Script and, just because it's handy, AdBlock Plus... but not on here, heh.
Install the very latest version of Flash Player which has some security flaws fixed up, and then delete Adobe Reader altogether and use a program called Sumatra to view any PDF documents instead. Get a good firewall program (mine is built in to the paid version of Avira) and set it to 'interactive', because it will send you alerts when something tries to send outbound traffic.
Finally, DO NOT USE SYSTEM RESTORE. Turn it off and don't turn it back on. The files in a System Restore point are "inactive" and are thus protected from access and manipulation by things like antivirus software. I've encountered several trojans that hide in there, so even if your antivirus software clears the infection elsewhere on the hard drive, it simply re-installs itself from the safety of the Restore Points. If your antivirus software is up to it, it might FIND the malicious code, but it will report that it cannot delete it - so don't use System Restore. I haven't used it in years.
Even all this won't necessarily protect you forever, because "poisoned websites" are becoming more widespread. These are legitimate websites that have malicious code inserted into them by hackers. The code injected on the websites scans the machine of any visiting Windows user to see if any one of a number of separate vulnerabilities are present. Examples of these vulnerabilities can be found in web browsers, instant messaging programs, document readers and media players, and in the last few months some Warcraft-related video clips have been uploaded that deliberately contain this malicious code. (Raolan referred to this in his post yesterday, in which he advised people to upgrade to the latest Adobe Flash Player)
The malicious code then installs a small trojan through any vulnerability it can find, then lies dormant until a user types in data that it is interested in, which could be anything from login details for online banks to games such as World of Warcraft. Unfortunately, these trojans are proving quite tricky to eradicate even if they're actually detected in the first place, and it doesn't help that the affected websites often stay infected for weeks, if not months. Virus-writers are constantly trying to stay ahead of the antivirus software companies, so even the best antivirus software could potentially be overcome by the latest virus.
In short, the days when you were safe simply by not opening email attachments or by not visiting "dodgy" websites are LONG gone. There is no "safe" computer any more, and it's largely a case of prevention and then, when (not "if") that fails, it's often a case of damage limitation before wiping the hard drives and reinstalling from scratch.
Edited, Jun 7th 2010 6:24pm by Krago
Tavarde wrote:
I don't post here to be disagreed with... Oh, and I'll be deleting the OP, I don't need to hear from any more of you. Because you're all 100% wrong anyway.
As of right now I only use Malwarebytes Anti-malware, Microsoft's Security Essentials, and Firefox with NoScript and that other addon that seems to work fine (but you aren't supposed to mention it here or something... but it has already been mentioned above 
).
You can snub your nose at MS's Security Essentials all you want, but it has found stuff on PCs that even Malwarebytes has not.
Also, I would never pay for a anti-virus/malware program unless you know it will do what you want it to do without having to hijack your system to do it. In other words... Don't pay for your virus/malware programs unless you know what you are buying. Research.
Spybot S&D (Search and Destroy) is another good thing to have.
You can never have too much protection... unless you can't feel anything.
). You can snub your nose at MS's Security Essentials all you want, but it has found stuff on PCs that even Malwarebytes has not.
Also, I would never pay for a anti-virus/malware program unless you know it will do what you want it to do without having to hijack your system to do it. In other words... Don't pay for your virus/malware programs unless you know what you are buying. Research.
Spybot S&D (Search and Destroy) is another good thing to have.
You can never have too much protection... unless you can't feel anything.
Bad old news.
The weakest link in security has always been between the keyboard and the chair.
Security software already attempts to do a lot to prevent security flaws that are users fault and not software fault.
But it's near impossible to have software that controls users. There's plenty of users who will disable their own security software if any given software requires them to disable it in order to function.
So my most honest advice to you and anyone concerned about their security is learn to not be the weakest link of your own security.
Any office with 200 employees has 400 weakest links... and half of them are completely outside reach. This makes someone's job a little frustrating.
Edited, Jun 7th 2010 6:28pm by xorq
The weakest link in security has always been between the keyboard and the chair.
Security software already attempts to do a lot to prevent security flaws that are users fault and not software fault.
But it's near impossible to have software that controls users. There's plenty of users who will disable their own security software if any given software requires them to disable it in order to function.
So my most honest advice to you and anyone concerned about their security is learn to not be the weakest link of your own security.
Any office with 200 employees has 400 weakest links... and half of them are completely outside reach. This makes someone's job a little frustrating.
Edited, Jun 7th 2010 6:28pm by xorq
NOTE: I may post comments about my like/dislike/approval/disapproval of game features.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
Overlord Theophany wrote:
Insults aren't needed
I use Norton. There, I said it.
I know a lot of people hate it, but I've been happy with it since the early 90's and it's never let me down. It's not free, but one license covers all the computers in the house, so it's not the biggest line item in our technology budget either.
Edit: Holy crap, looking over this post I see I'm talking about a product I've been using for nearly 20 years. How did the early 90's get to be so long ago? Who took down my gopher server?
Edited, Jun 7th 2010 9:37pm by teacake
I know a lot of people hate it, but I've been happy with it since the early 90's and it's never let me down. It's not free, but one license covers all the computers in the house, so it's not the biggest line item in our technology budget either.
Edit: Holy crap, looking over this post I see I'm talking about a product I've been using for nearly 20 years. How did the early 90's get to be so long ago? Who took down my gopher server?
Edited, Jun 7th 2010 9:37pm by teacake
teacake wrote:
Edit: Holy crap, looking over this post I see I'm talking about a product I've been using for nearly 20 years. How did the early 90's get to be so long ago? Who took down my gopher server?
Haha. I remember coding inventory programs in basic on MSDOS 1.0, when I wasn't doing Cobol. Wait, that was the 80's...
Wahu - Disc Priest (main)
Get an Authenticator!!
Get an Authenticator!!
teacake wrote:
I use Norton. There, I said it.
I know a lot of people hate it, but I've been happy with it since the early 90's and it's never let me down. It's not free, but one license covers all the computers in the house, so it's not the biggest line item in our technology budget either.
Edit: Holy crap, looking over this post I see I'm talking about a product I've been using for nearly 20 years. How did the early 90's get to be so long ago? Who took down my gopher server?
Edited, Jun 7th 2010 9:37pm by teacake
I know a lot of people hate it, but I've been happy with it since the early 90's and it's never let me down. It's not free, but one license covers all the computers in the house, so it's not the biggest line item in our technology budget either.
Edit: Holy crap, looking over this post I see I'm talking about a product I've been using for nearly 20 years. How did the early 90's get to be so long ago? Who took down my gopher server?
Edited, Jun 7th 2010 9:37pm by teacake
I never used Norton on my own PCs but I've repeatedly had problems with Norton AV damaging MS Office files that get infected with macro viruses.
In those experiences Norton's destruction of documents turned out to be much more expensive than any virus destruction I've ever got to see myself. Specially much more expensive than it would have been to leave the documents infected, which I can assure you because I personally checked every line of code of the viruses in question of those events.
Ever since then I avoid it like the plague. I remove Norton even when I get it "free" as part of a new PC.
I don't think it's necessary to panic, just take it as a hint to keep updated backups of your office documents, which you should do anyway whether you use Norton or not. But then I wouldn't even have heard about Norton if certain people had backed up their files...
I use Avast, Antivir, Kaspersky and Eset mostly.
While some are better than others, most will be "good enough". But are your definitions updated? And do you know what it means when your security software alerts you?
For a true story that repeats itself... often... I know people who had their AV and definitions updated, and got their computers infected "trying to open some files that a friend sent trough MSN", the AV detected it but they "needed to turn off the AV because it wasn't letting them open the file".
NOTE: I may post comments about my like/dislike/approval/disapproval of game features.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
Overlord Theophany wrote:
Insults aren't needed
I use PC tools Spyware doctor free from google, AVG free, windows firewall, and a router firewall. I have been playing for 4 and a half years and I have never been hacked. My brother and I share our two accounts and he runs the same security as me on his laptop except he has windows washer and lime wire.
Also beware of electronically storing your information if you use P2P software or bit torrents. I remember jokingly I searched Knight Online (Free MMO I used to play) on lime wire and got like 3 text documents with emails, accounts, and passwords.
Also, try changing your password every 2 to 3 months. I was i was phished once with false WotLK beta promises, I just opted in for the beta the next day someone in game refered me to a youtube video displaying a website of a sure-fired way to get into the beta. Well it wasn't, I quickly asked about the site on the O-boards after I submitted my account and password, after a speedy response by an admin I changed my pass very fast. I hope this helps you friend. :D
Also beware of electronically storing your information if you use P2P software or bit torrents. I remember jokingly I searched Knight Online (Free MMO I used to play) on lime wire and got like 3 text documents with emails, accounts, and passwords.
Also, try changing your password every 2 to 3 months. I was i was phished once with false WotLK beta promises, I just opted in for the beta the next day someone in game refered me to a youtube video displaying a website of a sure-fired way to get into the beta. Well it wasn't, I quickly asked about the site on the O-boards after I submitted my account and password, after a speedy response by an admin I changed my pass very fast. I hope this helps you friend. :D
RIP Eienese
May your soul find eternal comfort in the great beyond.
~Dietoliveko
May your soul find eternal comfort in the great beyond.
~Dietoliveko
The Honorable dadanox wrote:
Haha. I remember coding inventory programs in basic on MSDOS 1.0, when I wasn't doing Cobol.
I'm pretty sure I could still write a VMS program with the best of 'em.
Tangentially related but completely true story: when the good ol' world-wide web first emerged, I was working in the IT department of a university. We had a meeting and one of our guys did a presentation on it. This is so new cutting edge doesn't even know about it yet, he says. It's going to change everything about how the world uses technology, he says. We need to get ahead of this and make a site for the school.
Meh, don't put me on that project, says I. I have real work to do. This is gopher with pictures. Nobody needs that. It'll never go anywhere.
He went on to make a bajillion dollars for Cisco at the height of the subsequent boom and is probably retired on his own tropical island right now. Me? Two roads converged in a wood, and I took the one for chumps with no vision.
I stick with Avast, Ad-Aware and Spybot. I also use No-script.
I used to like AVG, but I got tired of virus scans taking a day and a half, getting an annoying administrator privilege message whenever I tried to remove tracking cookies (Seriously...tracking cookies?! I'll take the annoying messages from a virus trying to desperately save it's own life, but come on!), and then not finding anything.
On the other hand, Avast is doing better at finding stuff. I very much prefer it.
I used to like AVG, but I got tired of virus scans taking a day and a half, getting an annoying administrator privilege message whenever I tried to remove tracking cookies (Seriously...tracking cookies?! I'll take the annoying messages from a virus trying to desperately save it's own life, but come on!), and then not finding anything.
On the other hand, Avast is doing better at finding stuff. I very much prefer it.
"Do you know what "nemesis" means? A righteous infliction of retribution manifested by an appropriate agent. Personified in this case by an 'orrible c*** : me."
Now could I run Avast and AVG free? Or should I stick to the casual, 1 virus protection 1 spyware protection 1 computer firewall and 1 network firewall?
RIP Eienese
May your soul find eternal comfort in the great beyond.
~Dietoliveko
May your soul find eternal comfort in the great beyond.
~Dietoliveko
I have MS Security Essentials actively running, and AVG and Avast configured for scan-only, and Malwarebytes. Firewall (Windows on one box, evaluating a demoware product on the other) set to interactive so that I can see new incoming or outgoing connection requests. Firefox with multiple blockers (ads, scripts, flash, pdf). And another thing that I haven't seen mentioned - if I'm connected to the intertubes, I'm logged on as a user that does not have administrator privelege. I'm getting an authenticator in addition, as soon as I'm done procrastinating...
potsoriginal wrote:
Now could I run Avast and AVG free?
Honestly, you're absolutely wasting your time with AVG. At least 70% of the virus-infested PCs I have to sort out each week are using AVG, about 20% have decent antivirus and that got compromised somehow, and the remainder have either no active antivirus software because they think a no-longer subscribed-to version of Norton (or something) is still protecting them, or they thought they could manage with no antivirus software. Yes, people actually tell us that!
I've seen PCs using AVG with nearly 3,000 infected files on them, and AVG was still reporting everything was just fine and dandy. In fact, the program had been completely spoofed by a virus and while it LOOKED like it was functioning, it wasn't even allowed to actually download updates, never mind perform a proper scan.
Tavarde wrote:
I don't post here to be disagreed with... Oh, and I'll be deleting the OP, I don't need to hear from any more of you. Because you're all 100% wrong anyway.
I use Kaspersky which I've been very satisfied with thus far along with Noscript which isn't too hard to deal with.
A knight is sworn to valor
Her heart knows only virtue
Her blade defends the helpless
Her might upholds the weak
Her word speaks only truth
Her wrath undoes the wicked
...and shows no mercy to those who mock her height!
Shamibell, gnome warrior on Kilrogg
Her heart knows only virtue
Her blade defends the helpless
Her might upholds the weak
Her word speaks only truth
Her wrath undoes the wicked
...and shows no mercy to those who mock her height!
Shamibell, gnome warrior on Kilrogg
I see myself as a security hobbyist. I don't have the credentials or certifications or years of experience to claim expertise, but I do spend time every week learning about the current threats and I do know a trick or two.
Disclaimer aside, virus protection is only as good as the person using the computer. If you have bad habits or download stuff from sketchy sites, you're going to get a bug regardless if you have AVG or the best paid anti-virus software on the market (which, by the way, is Eset's Nod32). Now I do recommend having SOMETHING installed (I prefer Nod32 for paid and Microsoft Security Essentials for free), but it's really all about your habits. Avoid clicking links unless you know where it's going (especially address shorteners!). Torrents are fine if you're getting legit stuff, but if you're pirating software, you're really playing Russian Roulette because virus makers love to throw stuff in pirated software.
I recommend using a web-based email (hotmail/gmail/yahoo/etc.) over your ISP's email client that you download to your computer. I recommend using Firefox and Chrome instead of IE. I recommend using Foxit to view pdf files instead of Adobe. I recommend wiping your machine completely clean at least once per two years.
If you want to visit a suspicious link without endangering your computer, go download Unbuntu, burn it to a disk, and boot into it without installing (it's the "try it first" option). That way even if you visit a website that is littered with viruses and malware, it cannot install to your system. This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
As always, if you want to direct specific questions to me, feel free to send me a PM.
Disclaimer aside, virus protection is only as good as the person using the computer. If you have bad habits or download stuff from sketchy sites, you're going to get a bug regardless if you have AVG or the best paid anti-virus software on the market (which, by the way, is Eset's Nod32). Now I do recommend having SOMETHING installed (I prefer Nod32 for paid and Microsoft Security Essentials for free), but it's really all about your habits. Avoid clicking links unless you know where it's going (especially address shorteners!). Torrents are fine if you're getting legit stuff, but if you're pirating software, you're really playing Russian Roulette because virus makers love to throw stuff in pirated software.
I recommend using a web-based email (hotmail/gmail/yahoo/etc.) over your ISP's email client that you download to your computer. I recommend using Firefox and Chrome instead of IE. I recommend using Foxit to view pdf files instead of Adobe. I recommend wiping your machine completely clean at least once per two years.
If you want to visit a suspicious link without endangering your computer, go download Unbuntu, burn it to a disk, and boot into it without installing (it's the "try it first" option). That way even if you visit a website that is littered with viruses and malware, it cannot install to your system. This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
As always, if you want to direct specific questions to me, feel free to send me a PM.
Quote:
This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
No. Rule is, if you don't trust the access point you don't use any identity data or you risk identity theft.
There are methods to prevent AP phishing/spoofing/sniffing and so on but it gets advanced and you really don't teach people that because you'd have to spend 18 months teaching them the other things they'd need to know to be able to understand it.
As for the rest of your post, pretty accurrate, it's good.
NOTE: I may post comments about my like/dislike/approval/disapproval of game features.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
Overlord Theophany wrote:
Insults aren't needed
Dilbrt wrote:
I see myself as a security hobbyist. I don't have the credentials or certifications or years of experience to claim expertise, but I do spend time every week learning about the current threats and I do know a trick or two.
Disclaimer aside, virus protection is only as good as the person using the computer. If you have bad habits or download stuff from sketchy sites, you're going to get a bug regardless if you have AVG or the best paid anti-virus software on the market (which, by the way, is Eset's Nod32). Now I do recommend having SOMETHING installed (I prefer Nod32 for paid and Microsoft Security Essentials for free), but it's really all about your habits. Avoid clicking links unless you know where it's going (especially address shorteners!). Torrents are fine if you're getting legit stuff, but if you're pirating software, you're really playing Russian Roulette because virus makers love to throw stuff in pirated software.
I recommend using a web-based email (hotmail/gmail/yahoo/etc.) over your ISP's email client that you download to your computer. I recommend using Firefox and Chrome instead of IE. I recommend using Foxit to view pdf files instead of Adobe. I recommend wiping your machine completely clean at least once per two years.
If you want to visit a suspicious link without endangering your computer, go download Unbuntu, burn it to a disk, and boot into it without installing (it's the "try it first" option). That way even if you visit a website that is littered with viruses and malware, it cannot install to your system. This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
As always, if you want to direct specific questions to me, feel free to send me a PM.
Disclaimer aside, virus protection is only as good as the person using the computer. If you have bad habits or download stuff from sketchy sites, you're going to get a bug regardless if you have AVG or the best paid anti-virus software on the market (which, by the way, is Eset's Nod32). Now I do recommend having SOMETHING installed (I prefer Nod32 for paid and Microsoft Security Essentials for free), but it's really all about your habits. Avoid clicking links unless you know where it's going (especially address shorteners!). Torrents are fine if you're getting legit stuff, but if you're pirating software, you're really playing Russian Roulette because virus makers love to throw stuff in pirated software.
I recommend using a web-based email (hotmail/gmail/yahoo/etc.) over your ISP's email client that you download to your computer. I recommend using Firefox and Chrome instead of IE. I recommend using Foxit to view pdf files instead of Adobe. I recommend wiping your machine completely clean at least once per two years.
If you want to visit a suspicious link without endangering your computer, go download Unbuntu, burn it to a disk, and boot into it without installing (it's the "try it first" option). That way even if you visit a website that is littered with viruses and malware, it cannot install to your system. This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
As always, if you want to direct specific questions to me, feel free to send me a PM.
Add add onto this, Sandboxie is an excellent web-browser addition, that basically makes it impossible to get a virus while browsing the web. (basically it virtualizes your web browser in a separate box).
Anobix and Brutusbukeye of <Imprimis> of US-Stormscale
Progress: TBC: Clear. WotLK: Clear -25HLK. Cata: 85 and Unsubscribed!
How to Use Rawr
Progress: TBC: Clear. WotLK: Clear -25HLK. Cata: 85 and Unsubscribed!
How to Use Rawr
xorq wrote:
Quote:
This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
No. Rule is, if you don't trust the access point you don't use any identity data or you risk identity theft.
There are methods to prevent AP phishing/spoofing/sniffing and so on but it gets advanced and you really don't teach people that because you'd have to spend 18 months teaching them the other things they'd need to know to be able to understand it.
As for the rest of your post, pretty accurrate, it's good.
About the only way you can really beat a bank's encryption is through ARP table spoofing, which would require admin access to the router. Otherwise, even if you intercept all traffic, it isn't readable. Worrying about something this rare is about as silly as running around worrying a meteor will hit you. It can happen, it just isn't worth your time worrying about it.
Dilbrt wrote:
xorq wrote:
Quote:
This is also really good for going to wifi hotspots where you don't trust the wifi network and want to check your banking.
No. Rule is, if you don't trust the access point you don't use any identity data or you risk identity theft.
There are methods to prevent AP phishing/spoofing/sniffing and so on but it gets advanced and you really don't teach people that because you'd have to spend 18 months teaching them the other things they'd need to know to be able to understand it.
As for the rest of your post, pretty accurrate, it's good.
About the only way you can really beat a bank's encryption is through ARP table spoofing, which would require admin access to the router. Otherwise, even if you intercept all traffic, it isn't readable. Worrying about something this rare is about as silly as running around worrying a meteor will hit you. It can happen, it just isn't worth your time worrying about it.
If you don't trust the AP... means, if you don't trust the AP admins.
If you control the AP, you don't really need to decrypt. There's dozens of different variants of methods of phishing and spoofing. Every minute there's someone setting up a boobytrap AP near a school calling it "Schoolname AP" and grabbing people's passwords.
I've seen things ranging from ISP networks getting compromised to office/cybercafe/etc staff being involved in identity theft operations.
So the least you could do is make sure you're only connecting trough access points that you trust.
NOTE: I may post comments about my like/dislike/approval/disapproval of game features.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
1- They are NOT a complaint. They are a perspective.
2- They are NOT advocacy. They are a perspective.
Overlord Theophany wrote:
Insults aren't needed
FREAK YES!!!!!!! May I recommend Malware Bytes for a 50th time. I got hacked yesterday morning and both AVG free and avast ensured me I was safe. Got my account back last night and woke up to find they had taken my email and account again. Just changed my email, changed my email pass, and change my in game pass all from a safe computer. Downloaded Malware Bytes and it found 3 trojans on a quick scan, ka-WOOTz!!!!
RIP Eienese
May your soul find eternal comfort in the great beyond.
~Dietoliveko
May your soul find eternal comfort in the great beyond.
~Dietoliveko
This thread is full of old people and software geeks.
By the time I end up in a nursing home, there'll be LAN parties every weekend. Crazy.
I use MS Security Essentials. It's not perfect, but I haven't been hacked yet. Probably has to do with the Authenticator as well. I use Malwarebytes for the monthly clean-up. Only problem is, if the anti-virus/-spyware program is too thorough, it deletes all my game trainers because they ping as Trojans.
Funny how the inhabitants of Troy were called Trojans and not Troyans.
By the time I end up in a nursing home, there'll be LAN parties every weekend. Crazy.
I use MS Security Essentials. It's not perfect, but I haven't been hacked yet. Probably has to do with the Authenticator as well. I use Malwarebytes for the monthly clean-up. Only problem is, if the anti-virus/-spyware program is too thorough, it deletes all my game trainers because they ping as Trojans.
Funny how the inhabitants of Troy were called Trojans and not Troyans.
Please "talk up" if your comprehension white-shifts. I will use simple-happy language-words to help you understand.
*queue X Files theme music*
No one is safe.
I recommend purchasing an authenticator whether you have been hacked in the past or never before. Just a word of warning first to anyone else that is in the OPs situation.
My back story first:
I have played this game since Vanilla and thought I was safe enough. I thought hacked accounts only happened to people that didn't update their Internet security and checked out gnome pron on the interwebz. I keep an up to date Security system and manaully sweep for keyloggers etc with a separate scanner too, both have been mentioned in other posts already. I thought I was relatively safe until I was hacked about a week ago. The hacker pillaged my brother's WoW account and my one too. We had separate WoW accounts that were linked through the one email address. It had never posed as a problem until the transition from WoW account logins to battlenet account logins came into effect thereby merging our linked accounts under the one login name and password. I never owned an authenticator and once the hacker realized I had been online when they tried to infiltrate my account said hacker put his own authenticator on my account to prevent me from stopping him or at least slowing him down. Long story short I am now waiting for all my gear (My pally has nothing but pvp gear since he can, conveniently for the hacker, disenchant gear that cannot be vendored) to be returned by a GM.
Made me chuckle that the hacker inadvertantly helped me reach the 50 pet achievement by adding the core hound pet to my collection, but I suppose it was the least he could do while he went about skimming my accounts...
Back on the topic at hand. The funny thing is I went to the BlizzardStore website to buy an authenticator online (I own a Nokia that isn't listed as authenticator-worthy >_<) and stopped myself. I came to the realization that I may have in fact played right into the their hands. Credit Card in my hand I was about to input my details into the very same computer who's entire security system had been rendered useless only a week earlier.
Stop and think for a minute about what else may have been compromised before going about updating your Security system online after being the victim of a hacked account. My two copper!
No one is safe.
I recommend purchasing an authenticator whether you have been hacked in the past or never before. Just a word of warning first to anyone else that is in the OPs situation.
My back story first:
I have played this game since Vanilla and thought I was safe enough. I thought hacked accounts only happened to people that didn't update their Internet security and checked out gnome pron on the interwebz. I keep an up to date Security system and manaully sweep for keyloggers etc with a separate scanner too, both have been mentioned in other posts already. I thought I was relatively safe until I was hacked about a week ago. The hacker pillaged my brother's WoW account and my one too. We had separate WoW accounts that were linked through the one email address. It had never posed as a problem until the transition from WoW account logins to battlenet account logins came into effect thereby merging our linked accounts under the one login name and password. I never owned an authenticator and once the hacker realized I had been online when they tried to infiltrate my account said hacker put his own authenticator on my account to prevent me from stopping him or at least slowing him down. Long story short I am now waiting for all my gear (My pally has nothing but pvp gear since he can, conveniently for the hacker, disenchant gear that cannot be vendored) to be returned by a GM.
Made me chuckle that the hacker inadvertantly helped me reach the 50 pet achievement by adding the core hound pet to my collection, but I suppose it was the least he could do while he went about skimming my accounts...
Back on the topic at hand. The funny thing is I went to the BlizzardStore website to buy an authenticator online (I own a Nokia that isn't listed as authenticator-worthy >_<) and stopped myself. I came to the realization that I may have in fact played right into the their hands. Credit Card in my hand I was about to input my details into the very same computer who's entire security system had been rendered useless only a week earlier.
Stop and think for a minute about what else may have been compromised before going about updating your Security system online after being the victim of a hacked account. My two copper!
Recent Visitors: 0
All times are in CDT
- Forums
- World of Warcraft
- General Discussion
- Your security software of choice?
© 2018 ZAM Network LLC