Account Protection

Playing on Battle.net is fun and free (at least for now), but it's not without risk. Other players sometimes want to kill your characters, but they always want to steal your items. High level characters and good equipment sell for cash money through online RMT, and though you're probably not interested in selling or buying items or characters, plenty of other people are. Even if they're not in it for the profit motive, lots of people online are just mean and cruel and bored, and will screw you over and steal your account if they can, just for kicks.

This page contains advice on how to avoid having your account stolen, most of it preserved from the Diabloii.net warnings archives.

The vast, vast majority of Diablo II accounts that are stolen are ripped off through a key logger. Key loggers are virus-like programs that hide on your computer and activate when a program (such as Diablo II) starts up. The key logger then records all keyboard and mouse input, reading your account info and the password you type in. That info is then transmitted to a website or email the hacker has specified, and the next time you try to log onto your account the password is changed, or else all of your characters are stripped of their useful items.

The key thing to remember about this is that almost every player who gets ripped off brought it on themselves, by downloading a third party program. Maphack, some sort of trainer or alleged hack, or even something innocuous and non-cheating like an inventory organizer. It doesn't matter what you download; the program is simply a trojan horse for the key logger program, which rides piggy back and hides itself in your system.

Never download any unknown programs from uncertain sources. If you do, you are setting yourself up to be ripped off and broken hearted. Antivirus software, firewalls, and other system scanners can help to catch trojans and viruses, but they don't always work, lots of people don't have those programs, and lots of people don't observe proper computer security measures. Even though most of them know they should.

Worse than your Diablo II accounts, by downloading unknown programs you're looking to grant full backdoor access to your computer to some hacker. They can use your "zombie" machine to help launch DoS attacks and other malicious activities, and key loggers work for much more than computer games. You could have your credit card information stolen when you shop online, your personal infomation sniffed off of your hard drive, or just get your hard drive corrupted or reformatted. Sounds like fun!

Though viruses and trojan horses and key loggers are the worst and most common form of account theft, there are other things to watch out for as well.

These are all easy to avoid, just don't type your password. Ever, for any reason. Anyone who asks for it is trying to steal it, and Blizzard will never ask for it. They have no need to, they can access any account by name, with their admin powers, after all. There are countless scams that try to fool people into giving up their account. And new ones are invented every day.

Common scams are to use emote and pick clever names for character or account, ones that sound official. Blizzard has banned dozens of names over time, and added lots of them to the illegal names list. You can't make a character named "Blizzard", or "Battle.net", or "Realm" or other things that were used to try and trick players with password scams.

Common tricks are saying there's a way to see your hidden ranking, or move your character to another realm, or that if you don't your character will be deleted, or that you can get the next D2 patch early, or register for an upcoming Blizzard Beta, or win a free item, etc. Anything you can think of, someone has run a scam about.

Another trick is where the scammer says they are quitting D2, and will give away their account, and asks you what you'd like them to change their password to. They are hoping you'll be stupid enough to give them your own password, and will try to log onto your account with the password you say.

Another scam is to say that your password won't show up if you type it. The scammer will insist this is true, that Bnet has a security measure to stop it, and they'll type "***********" to prove it. Gullible people will believe it, or want to check it, and will type their password. We've never heard of anyone actually falling for this, but it's been reported numerous times, and if scammers are trying it that much, it's probably working on someone.

An old scam that still tricks some people is to make you set your password as your "do not disturb" (DND) message. This is a game command that sets up a message for anyone who whispers you. Many players aren't familiar with this option on Battle.net, and gulliable ones will fall for the scam, and put their account name/pass into their DND, and of course the scammer whispers you to check.

Again, it's very easy to not fall for any of these, just remember that Blizzard will never ask for your password, that your password has no function other than when you first log on, and anyone who asks for it is trying to steal it.

• 

  Various attempted Account stealing scams.

• 

  Various attempted Account stealing scams.

• 

  Various attempted Account stealing scams.

• 

  Various attempted Account stealing scams.

Besides the direct theft attempts on Battle.net, we often see websites set up to steal accounts. These are usually quick little crap sites set up on geocities or cjb or other free hosts, and generally offer some sort of cheating trick, saying they will show you how to dupe items, or will make duped items appear in your stash, or will give away a Grandfather a week, etc. And all they need is your account name and password, along with other info to make the scam sound more believable. Obviously these are just scams, ways to steal your account.

Social engineering can be a scam, or just poor judgment on your part. Don't tell anyone your password. Some guilds require that you give up your password to join, people you know will give you a password to one of their accounts, one with probably just one low level char on it, and ask for yours in return, etc. If you trust someone, then make your own decision, but always consider that they might be out to screw you, or that in 3 months you might have a falling out and they'd change your password.

Also consider how computer literate that person is, if they are likely to fall for one of the scams mentioned on this page, or get a Back Orifice on their machine, they could lose all of their account passwords, and yours as well.

It's obviously not a good idea to tell anyone your password for any reason, but if it's a good friend and you trust them, then it might be worth it to share accounts. You can play their high level Javazon, they can play your Sorceress, you can share mules, etc, saving you both time and repetition of characters. Just be aware of the risks.

It should go without saying, but pick a password that's impossible to guess. Don't use your SS number, or your birth date, or your dog's name, etc. Most people will never have anyone even try to guess their account, but if you know your brother might be after you, or you know hackers online who might try something, then be extra careful. Pick a long password, with a mixture of letters and numbers.

For strongest password security, simply hit random keys. Literally type with one finger, and no rhyme or reason. "U87T5FVML1" or something like that. Totally impossible to guess, and hard to remember, but write it down, and after you use it a few times you'll have it memorized. If you must pick something easier to remember, use the name of your first girl/boy friend, with a date in the middle of it, or something that you can remember, but no one would guess.

Obviously the tactic of writing it down isn't that good an idea if your workspace isn't secure, or you think your roommates or siblings might rip you off. In that case, it's easy enough to throw them off. Put an extra letter or two in the middle the written version of your password, or always write an extra few characters when you write them down, and just know that the first and last (or whatever) are dummy letters.

The nastiest kind of password stealing is with a back door or Back Orifice program. These are hacks that scammers trick you into installing on your system, and then use to see what you type for your password. Lots of hacks say to run them just before you log on, and have a key logger built in that records your key strokes, and then transmits then automatically emails them to the hacker, or uses your browser to post them to a hacking board.

Good anti-virus software will find virtually all these types of programs, and if you never DL any hacks in the first place, you shouldn't have to worry. Some hacking sites have nastier programs that attack your system when you first connect, and exploit security defects in the MIE web browser to insert a hostile program on your system. If you have not gotten security upgrades to Windows and/or MIE, you are vulnerable to these. Click Start > Windows Upgrade on your tool bar to check for upgrades.

Besides that, all sorts of viruses are sent by emails, and will auto-install themselves through security lapses in MS Outlook Express. Microsoft products are notorious for their easy-to-hack and buggy code, so you really need to keep up on virus warnings, and set all of your security features to highest alert. A good firewall, such as Zone Alarm, can help a lot also.

We hear from people all the time who had their accounts stolen after using some hack. One example:

I have never tried any of the hacks, not even maphack, but during the last wave of hacks, I downloaded the maphack and another program off of one of those hack sites. I never ran them on battle.net, but I did unzip and scan it and executed one of the programs. It didn't really do anything or run like I thought it would, so I just deleted all that crap off my system and went back to being hack free.

Well, I found a Trojan horse program running on my computer, well, ZoneAlarm did. The program is called IDElibr32.exe It was located in my systemroot\winnt folder. Luckily I have ZoneAlarm to alert me that it tried to access the internet, because upon inspecting my winnt directory, there was an associated .dat file that was recording my keystrokes. The first thing in the file was my password, then some chat text and a whole bunch of garbage keystrokes, etc. The IDElibr32.exe program was trying to access an SMTP port on a remote ip. So, I guess the thing was trying to email back my keystrokes to some hacker.

This was my lesson learned for executing some hack program. Though I still have yet to use a hack on battle.net, I should never have even been curious about the whole duping/maphack craze.

Please make an announcement to people to look for IDElibr32.exe running on their systems, and encourage them to download and install ZoneAlarm....it's free!

Thanks,

Pete

Pete was lucky, since a good back door program will use your own browser or email client to transmit the key logger info, and your firewall program won't catch that, since you'll have already given the program authorization to access the internet. Anti virus software will almost always catch these things though.

Of the hundreds of "my account got hacked!" emails we've received over the months, probably 95% of them are explainable as someone who fell for a scam, or has a back orifice on their system. If you've had more than one account stolen, you almost certainly have a key logger on your machine, and you really need to clean up your security. You're vulnerable to hackers who would do a lot worse than just steal your D2 account.

The unexplained 5% are the troubling ones. These are from people who sound like they know what they are doing with computer security, who didn't fall for any hacks, never told anyone their password, and had one that was impossible to guess. And one day they went to log on and their password was changed, and when they got on and /whois their account, found it in use.

Sometimes the person who stole it will offer to give it back for some great items, or will taunt you with your own characters. Such people should have their fingers broken, but don't let them get to you, or the terrorists have already won.

We get mails from people with accounts stolen like this occasionally, but not so often that it's something to really worry about. How it happens isn't known, if the hacker gets super lucky guessing it, or if there is some super-rare B.net bug that lets anyone access your account, or if there is some hacking technique to enable password changing.

There can't be any easy way to do it, or we'd see far far more reports of it, but it does happen to people from time to time still. Unfortunately there's nothing to be done about it if it happens to you.

Not with any help from Blizzard. They don't offer any sort of account ownership or return policy, nor do they replace any items, for any reason, ever.

"Blizzard Entertainment is unable to restore equipment lost for any reason, including scams, hacks, etc."

This is a shame, but a necessary position, or else they'd be deluged with requests for item restoration, including tons of scammers who would try to steal accounts or items or characters by claiming that you stole it from them in the first place, and Blizzard would have to hire another dozen employees just to track down this sort of crap.

With no monthly fee for playing D2/D2X this will never happen. MMORPGs have much more customer service, since with players paying $10 or more a month, they can afford to hire more CS employees.

Sometimes an account thief will reply if you message them, and offer to sell you your account back. They will have stolen all of your equipment, but you could at least play your characters again. Whether or not you choose to deal with them is up to you, but keep in mind that they are obviously not an honest or reliable person, and if they've stolen from you once, they might well do it again.