Originally Posted by
tekstorm
With the current rumors going around that Blizzard is planning on shipping cataclysm with an authenticator and making it mandatory to use you may be thinking, "I don't have to worry about my account ever being hacked with my handy authenticator!"
Wrong.
Why you ask? Most scammers are adapting to the use of authenticators. These scammers would just pray that you download their keyloggers or malware and download the logs from your PC at a later time. The days of the lazy scammer are over. These individuals are now using massive botnets to infect for not only your wow accounts but your financial information as well.
How does it work? A botnet is a collection of compromised boxes that can be collectively used to launch attacks and infect even more computers. These botnets use IRC (Internet Relay Chat) to gather data from malware and keyloggers.
Here is how they get your WoW account, the hacker sits in an IRC channel let's say on undernet's network and from there his botnet has logged into the channel as well and is sending him streams of data. First he sees you log in and he gets your account name and password. He already has battle.net loaded up on another screen waiting for you to log in again. The next time you log in he steals your new authenticator code and immediately copy pastes it into battle.net.
Authenticator codes are valid for 30 seconds!! That is all the time they need to get into your wow account and change the password, plus remove your existing authenticator.
This same method can be used with banking accounts. Several banks use authenticators as well.
Don't give in to a false sense of security. Never enter your account e-mail address on a gold selling site or account trading site. Even if just for a quote! All they need is your account name and they can run a cracker to figure out the password. If not they can just use some social engineering with blizzard to get it.
Free Software tools to use:
malwarebytes
AVG anti virus
hijackthis - learn how to use this!! there is many guides available on google.
One last thing! Don't login to battle.net on a public network, like free wifi at a cafe or restaurant. SSL encryption is not that secure, I can strip ANY SSL encryption on ANY public network. In a day I can have every customers banking information or other personal information if I wanted to.
I know this is a long read but I hope this information helps you in protecting your WoW account and your personal information.