Account Security: READ THIS NOW

Windzarko

Windzarko

Well-Known Member
We've had a lot of people being hacked recently, so at a guess I'd say that it's on the rise and there's likely a new, nasty kind of keylogger or such out there. As such, I'm going to restate the security advice I've stated in the past, except this time in a sticky and with one extra note:

IF YOU FAIL TO HEED THIS WARNING TO BUFF UP YOUR ACCOUNT SECURITY, YOU ARE A BLOODY MORON AND DESERVE TO LOSE YOUR ACCOUNT.

That nice and friendly message over, here's my personal advice, complete with shiny links for the lazy:

  • Update your Flash plugin. Seriously, if you fail to heed ANYTHING else in this post because you've developed a particularly vicious case of the fuckwit, heed this part. A LOT of the nastiest pieces of WoW-centric malware in the last couple of years have used outdated versions of the Flash plugin as a way to get onto your PC. Plug. That. Hole.
  • Mozilla Firefox. Yes, lots of people keep saying this bit. FOR A REASON. If you use regular Internet Explorer, YOU ARE AN IDIOT. Even the latest versions are insecure and full of securuty flaws. Other browsers aren't perfect, but they're FAR closer to perfection than IE could ever hope to be. If for some reason you refuse to use Firefox, at least use Opera or Google Chrome. I'm not kidding, there is no possible reason you should stick with IE short of mental health condition.
  • Install Adblock Plus for Firefox. Make sure the update options on it are enabled (they usually are), and whenever Firefox prompts you to update the mod itself, DO IT. It may flash up a warning when you first install, but it's safe, so do it. This thing is a godsend. It even lets you permanently block adverts from appearing and sometimes outright remove part of a website with adverts on from your view.
  • Install FlashBlock for Firefox. This little beauty prevents any Flash elements on any page from playing until you expressly give them permission to do so. You can enable all the Flash elements for an entire site if you want (eg: Youtube), and you can ban all of them for sites as well. Combine with updated Flash, and you're sorted.
  • Here's the big one: Spybot Search & Destroy. Install it. Update it. Use the Immunize feature in it to block a LOT of nasties from even getting near your PC. Run a scan. And to me, the single most important part: if it's not on by default, find the option to turn on "TeaTimer". TeaTimer comes with Spybot, and once you turn it on, it sits in the background every time you start your computer up, and it saves you in ways you'll never know. It might at first throw up confirmations and warning when you do stuff, but bear with it. It blocks SO many things from being able to run if they somehow get onto your PC past all your protection.

Those are the bits I'd consider mandatory. Here are some alternatives and/or additional suggestions:
  • Ad-Aware is a good tool for protecting against and removing malware. I'd recommend using it in conjuction with Spybot if you're going to use it. Spybot's TeaTimer seems largely better than what Ad-Aware offers, but Ad-Aware's ability to search for malware sometimes yields results Spybot does not (and vice versa)
  • AVG. A very good anti-virus program to use, and one that (judging from my experience with the full version my parents use), one that's actually worth paying for. If you get AVG, I'd say that Spybot is probably no longer needed, and the two might even interfere with each other.
  • Opera or Google Chrome are decent alternatives to Firefox. I can't speak for Opera that much, having little familiarity with it, but I can say that Chrome is fairly secure and sometimes runs more smoothly than Firefox. Whether it's more secure than Firefox is with the addons I listed above, I have no idea, but if for some reason you refuse to get Firefox, get one of these two instead.

Important things to remember:
  • Never ever ever EVER EVER EVER use Norton or any other Symantec product. EVER. If your computer has it, BURN THE COMPUTER. Norton does NOT count as protection, Norton counts as a massive bullseye for hackers. If you use it and claim to be protected, YOU ARE A MORON.
  • DO NOT USE INTERNET EXPLORER. Yes, leave it installed on your PC, preferably updated to the latest version. But use Firefox, Opera or Chrome. Seriously, do not use IE. If you get hacked and you were using IE, IT IS YOUR OWN FAULT AND I RESERVE THE RIGHT TO LAUGH AT YOUR SELF-INFLICTED MISFORTUNE.
  • Get an Authenticator. Be it the actual physical thing, or one of the digital versions. Worried it might cause trouble? Losing your account is more trouble for you, and for me when I have to deal with hackers using your account to thieve from my guild bank.
  • DO NOT USE INTERNET EXPLORER.
  • Try and keep everything up to date. This includes the basic security features of windows and updating IE, but it also means updating any of the things I've suggested above. Firefox, its addons, Flash, Spybot, whatever. Update them all. If it prompts you to update, do it. If it doesn't, then actively go about checking for updates periodically. Most of them come with their own updater tools, so you have no excuse. Oh, and with Spybot, after each update, do the Immunize again to give yourself proper coverage.
  • DO NOT USE INTERNET EXPLORER, FOR THE LOVE OF ALL THAT IS GOOD IN THIS WORLD.
  • Learn to surf safely. Don't download dodgy things. Don't ever download or run a .exe file unless you know for sure what it is. If in doubt about the trustworthiness of a website, don't use it until someone can confirm for you that it's safe.


I'm sure other people can suggest security tips and link to the stuff I didn't link to but mentioned.

Also... offended or upset by any of what I say here, or the tone I say it in? Tough. Beef your security up to keep yourself, and be quiet :p . Account security is an important thing, and much of what I've said above will help with more than just WoW. I personally have a very hefty Steam account and an EVE account to worry about as well, and apart from my Authenticator, all of what I do helps those accounts as well as my WoW one. Still want to complain? Have a cup of concrete, and harden the fuck up.
 
thatbloke

thatbloke

Junior Administrator
I would suggest, rather than Flashblock, you use NoScript isntead.

As well as preventing any flash running without your say-so, this prevents ANY javascript on the page from running, and also any other kind of plugin object (e.g. java) from running.

This does break alot of pages but you just enable the right websites using its menu and everything is nice and shiny afterwards.

This also will prevent websites that have been compromised from redirecting you, because they use javascript to do it...
 
Windzarko

Windzarko

Well-Known Member
thatbloke said:
I would suggest, rather than Flashblock, you use NoScript isntead.

As well as preventing any flash running without your say-so, this prevents ANY javascript on the page from running, and also any other kind of plugin object (e.g. java) from running.

This does break alot of pages but you just enable the right websites using its menu and everything is nice and shiny afterwards.

This also will prevent websites that have been compromised from redirecting you, because they use javascript to do it...
Click to expand...

This, can't believe I forgot it. You can find NoScript through Firefox's built-in addon search function (Tools > Add-Ons).
 
Tetsuo_Shima

Tetsuo_Shima

In Cryo Sleep
Thanks, Zark. Although I'm not a WoW player, I think a lot of this stuff would be useful to stop my Guild Wars getting molested. If something happened to the master ranger Captain Crumb, well, I just don't know what I would do!
I've never had any sort of problems using IE, through other things being hacked or IE breaking in general, but since you've suggested it I might as well go Firefox.
 
Windzarko

Windzarko

Well-Known Member
No worries, mate. Regardless of game, I can understand the fear of losing a character you've had for a long time, put a lot of work in on, and had a lot of fun with.

For anyone newly converting to Firefox, I'd suggest looking through the options after you start it up and seeing if there's any features you don't like/want so you can disable them and speed it up a little. There's also an add-on called Vacuum Places (and Vacuum Places Improved or Plus or something) which is a good idea to get, as periodic use of it can help keep Firefox relatively fast and not slow down (process-wise, not connect-wise) over time.
 
thatbloke

thatbloke

Junior Administrator
While WoW is certainly the main target, these tips will apply for ANY game. I have alot of stuff and access to various points in EVE that would cause a lot of damage were it to be compromised - similarly, my Steam account is worth over £1000 according to the Steam Calculator...

NoScript is indeed awesome and should help protect against most hijacking attempts should you somehow become targeted.
 
G

Gombol

Guest
Also don't forget the most obvious one: the emails you get, weither they look legit or not, ALWAYS check the site they link to, as most will link to a fake version of the us site, using the REAL looking URL. *nod*


For the record, I only said this cause emails are being made more and more offical looking, and someone might not read it properly.
 
thatbloke

thatbloke

Junior Administrator
I have had alot more game-related phishing emails coming through recently - I'm wondering if this is somehow related
 
G

Grafol

In Cryo Sleep
Another Way to show hackers to stay off your account, find where they live punch Them in there face and yell, STOP HACKING ITS LIKE PUNCHING, IT HURT SOME PEOPLES, keep doing this untill the chineese has learned english ;)
 
Windzarko

Windzarko

Well-Known Member
Grafol said:
Another Way to show hackers to stay off your account, find where they live punch Them in there face and yell, STOP HACKING ITS LIKE PUNCHING, IT HURT SOME PEOPLES, keep doing this untill the chineese has learned english ;)
Click to expand...

No offense, Grafol, but this is meant to be a constructive thread; please keep daftness out of this. People not taking their computer's security seriously and not heeding the warnings and advice of myself and others in the past has led to FAR too many people getting hacked in the past, be it their WoW account, or their EVE/Guild Wars/Steam/whatever accounts.

To be blunt; drop the silliness and complacency, make your computer as close to a digital fortress as you can, and then you can be silly about it, but not in this thread.
 
E

Elincia

New Member
Stupid question incoming ( I have little pc knowledge :( )

What is so bad about IE? ( EDIT, didn't ready carefully enough and found the answer already!)
(My parents use IE on their pc and are not willing to change to chrome( which I use myself on my laptop) or any other internet thingy.)

And what can I do to protect my pc while using IE (since I cannot change it without getting a ban from our good pc :P)

( I do use all the other things named in this toppic :) )
 
Huung

Huung

Well-Known Member
Elincia said:
Stupid question incoming ( I have little pc knowledge :( )

What is so bad about IE? ( EDIT, didn't ready carefully enough and found the answer already!)
(My parents use IE on their pc and are not willing to change to chrome( which I use myself on my laptop) or any other internet thingy.)

And what can I do to protect my pc while using IE (since I cannot change it without getting a ban from our good pc :P)

( I do use all the other things named in this toppic :) )
Click to expand...

You tell your parents it's like walking down a dark alley with a "Rape Me" sign on their back and their pants down.

Failing this, go into lengthy, techie detail about how terrible it is, then switch to Chrome as the default browser, and see if they actually notice it's changed. If and when they do, claim you did it weeks ago as a test, and your point is proven that they aren't reliant on IE as they didn't even realise they weren't using it.

All of this is tried and tested, and it worked.
 
Zooggy

Zooggy

Junior Administrator
Staff member
Hoy, :)

Elincia said:
what can I do to protect my pc while using IE
Click to expand...

Evangelics aside, the above is still a valid question. Anyone care to muster a response that doesn't dodge the question altogether?

Cheers,
J.
 
Huung

Huung

Well-Known Member
Zooggy said:
Hoy, :)



Evangelics aside, the above is still a valid question. Anyone care to muster a response that doesn't dodge the question altogether?

Cheers,
J.
Click to expand...

Other than doing all the aforementioned there is nothing you CAN do extra. If a hole appears in your boat and you're unwilling to plug it, it doesn't matter what extra measures you take to insure any other holes are plugged up, that one hole will eventually be the one which sinks you.
 
BiG D

BiG D

Administrator
Staff member
Just make sure windows update is keeping IE at the latest version and you'll be fine. IE isn't the security hole it used to be.
 
You must log in or register to reply here.
Top