Getting hacked is one of the worst things that can happen to a MMO gamer, even worse than getting banned. Since MMO account hacking is an ongoing and profitable business for some people, everyone is in danger of getting hacked at any time. Therefore, we have decided to write an article about why are you getting hacked, what methods are being used, and how to prevent your account from being hacked.

Why is your account getting hacked in the first place

As most of you know, the main reason of MMO accounts getting hacked lays behind the gold selling industry. While some accounts might get hacked by actually being targeted by a specific person, most of them are just random casualties falling into the hands of gold sellers.

Once your account gets hacked, you can be sure it will be used for the following:

– use of bots and other 3rd party software (hacks), milking the account as much as possible, trying to farm as many materials before getting it banned or before you recover it;
– spamming game channels with the hacker’s website and business;
– scamming your friends / guild members for gold or real life currency for fake mounts, pets, materials, gear etc. (depending on the game);
– selling all the gear, pets, materials etc. from your bank and/or guild bank (if you have access to it), then mailing the money to their characters;
– removing all your main professions and leveling any gathering professions instead, so they can use your account to bot materials for them, while they hack other people;
– selling your account to someone else. Most of the time, the buyer who purchases your account is not even aware it has been hacked, and if you ever recover it, he will have paid for nothing. We highly suggest you never buy any used accounts or even new CD-Keys from untrusted sources, because you might end up with the original owner, or even the person who sells it to you, recovering it, and there’s nothing you can do to get it back.

How do they hack your account

There are a few old, but successful ways which can lead to your account getting hacked.

Phishing

Lately, this is the most used technique of hacking accounts. It comes in different forms, but you should always be able to spot one. Phishing is basically an attempt to acquire sensitive information, such as your credentials (username, password, e-mail, etc.), by taking the appearance of a trustworthy entity (i.e. Blizzard). Phishing e-mails can either contain links to websites that are infected with malware, or mask a redirection of the user to enter their details on a fake website that looks almost identical to the legitimate one, thus saving your credentials and providing them access to your account afterwards.

world of warcraft mail scam

(click to enlarge)

Computer Virus

While this may seem hard to believe, a well placed keylogger or trojan virus on your computer, can also allow hackers to find out your credentials, and then use them to rip off your account, selling it or using it to run bots.

Scam

Even if this might be a less frequented method, a lot of people still fall prey to scammers, either via in-game chat or shady websites that are claiming to help you gain different things in-game by farming or leveling it for you (powerleveling your character, leveling your professions, farming materials / gear, etc.).
Here is an example:

hacking whisper in wow

How to prevent getting hacked

Here are some useful advices on how to prevent your account from being hacked:

Authenticators

Some MMOs, such as World of Warcraft and Star Wars TOR, have authenticators, which are a pretty good way to add an extra layer of security to your account. They are available as a physical or mobile security key. Authenticators are usually an eight digit numerical code, which is unique and valid only once.

Phishing

No matter what kind of e-mail you’re receiving regarding your account, never take it for granted as being official. Even if the actual sender looks legitimate, the way of faking any mail as a sender is a very easy one and a few searches away on Google, free for anyone to use it. If you really don’t care about the mail’s topic, we suggest to simply ignore it, even if it’s some actual official advertise. If the mail claims that your account has been suspended (even if 99% of the times it’s a fake mail), you should read it very carefully and do not click on any links. Mouseover the links (see the Phishing image above) and see if they are actual official links and not some shady weird ones. Assuming the mail is actually real, the best way in order to keep yourself safe is to manually go to the website and log in. You’ll find all the necessary information there.

Computer Security

One of the most important things in order to keep your accounts safe is by keeping a clean and safe computer. There are lots of ways you can get infected with viruses designed to steal your credentials and monitor your activity. If you think you might already be at risk, we suggest you perform a clean format and installation of your operating system, then start with a fresh copy of an updated antivirus software and let it scan completely. Once your computer is clean, you should begin and change all your passwords (mail, accounts, etc.).

Here are a few tips on how to keep your computer safe:

  • Use a good and preferably non-free up to date antivirus. Set up a daily scan of your computer. Set auto updates on, for both your antivirus and operating system;
  • Don’t browse untrusted, shady websites – these often are a great deal of threat against your computer’s security;
  • Make sure to keep all your software up to date (flash player, java, video players, etc.);
  • Don’t allow your browser to use any “free awesome” toolbar that may come when installing a program. These can usually cause more harm than good;
  • Don’t download stuff you’re not completely sure of, but if you do, make sure you scan it with your antivirus before running it.

E-Mail Security

One of the biggest and most common mistakes that a lot of people make is using the same e-mail address for pretty much every account (WoW, PayPal, Facebook, etc.). Even worse, a lot of these people are using the same password for all the accounts above. The best way to keep your game account safe is to create a new e-mail account for the sole purpose of that game. Also, remember to use a very strong password, and don’t use it for every site. You should not use your MMO account mail to anything else than just simply logging into the game. Anything else like forum posting, beta sign-ups, etc. should be done on a completely different e-mail address.

All in all, taking these few extra precautions can make the difference between having a secured account and losing your account. Even if most of the time the Customer Support will be able to help you recover your account, you shouldn’t really count on this, and better just make sure you’ve done everything on your end to prevent your account from being hacked. As they say, “better safe than sorry!”.