Prevent Unauthorized Access

How to protect your account from unauthorized access

Unauthorized access means that somebody else, not you, has gained access to your account without you knowing it. Generally, account hacking is perceived as a rather difficult and technologically intensive process. However, in majority of cases users themselves give out vital and confidential information to hackers.

In this article we will explain you how unauthorized access happens and how to protect your accounts. We hope that after having read this article you will take all recommended measures to protect your accounts.

Content: 

Rule 1: Never give out your login name and password to anybody

This rule is generally posted in the most prominent and easily accessible place; it seems too clear and straightforward to be taken into account seriously. However, according to statistics the most common case of unauthorized account access is when an attacker somehow finds out login and password of an account holder. Intruders usually pretend to be game managers, victim’s relatives or friends. They also offer handsome amounts of in-game gold and credits in order to gain access to confidential information, asking users to share their login and password in order to claim ‘gazillion gold’ prizes.

Remember, if somebody, even if it’s a Wargaming CEO, asks you for a password of your account, do not share it under any circumstances! We would also appreciate if you inform our Support Service Team about cases when potential attackers are trying to find out your confidential information. This will help us to rid World of Tanks from another rascal stealing accounts.

Rule 2: Update your Internet browser to the latest version

We may have you a little surprised you with this rule. Why update a browser, if the game runs from a client? Let us explain. Web browser is just like any other software and it is made by people, so it may contain bugs or have vulnerabilities. Typically, developers are pretty quick to eliminate them and release an updated version. However, if you do not update regularly, your web browser may stay vulnerable to external attacks and evildoers could steal data from your account.

Normally, your web browser can automatically download and install updates, or offer to install them. However, the safest way is to check periodically your browser web site for the latest version. We would recommend you to use one of the browsers listed below, but please note that we are not able to provide technical support related to any problems with these products:

Rule 3: Turn on phishing filter in your browser

Perhaps, phishing is a term unfamiliar to you, but we'll explain everything. Phishing is a kind of fishing for thieves, but a fake web site is bait and trusting users are fish.

In order to steal your confidential information thieves create phishing sites whose main goal is to get you to reveal your login and password. For example, they may use a web site 1-to-1 similar to the real game site; the address will not be worldoftanks.eu, but something very close, e.g. wordoftanks.eu or worldotanks.eu. A fake site interface would seem very familiar to the one you are used to, but by punching your data on this site you would most definitely lose your account.

Another example of a phishing site is so-called cheat or script collectors to hack a server. Usually, on this site you would see a very basic design and a bit of text where a web site creator brags how he has cracked the game server. He also ‘generously’ offers to charge any account ‘up to gills’ with gold. The only thing he needs is your username and password in order to complete ‘a transaction.’

Activating phishing filter in your browser will help you to leave would-be fishermen high and dry and not to fall for the bait. When attempting to open such a web site your browser will notify you that this site is fake and prevent it from loading, and, thus, taking care of your safety. Please learn how to enable the filter in your browser:

If you are using Internet Explorer 8:

  1. Launch Internet Explorer.
  2. Click on Safety, choose SmartScreen Filter, and then opt for Turn on SmartScreen Filter. If in menu you see notification Turn off SmartScreen Filter, it means that the filter is already activated.
  3. When a pop-up menu opens, make sure that Turn on SmartScreen Filter is activated and then press OK.

If you are using Internet Explorer 9:

  1. Launch Internet Explorer.
  2. Click on Tools, choose SmartScreen Filter, and then opt for Turn on SmartScreen Filter. If in menu you see notification Turn off SmartScreen Filter, it means that the filter is already activated.
  3. When a pop-up menu opens, make sure that Turn on SmartScreen Filter is activated and then press OK.

If you are using Mozilla Firefox (v 2.0 or higher):

  1. Launch Mozilla Firefox
  2. Click on Tools, choose Options, and then opt for Security.
  3. Make sure that all three options are activated (check boxes):
    • Warn me when sites try to install add-ons.
    • Block reported attack sites.
    • Block reported web forgeries.

If you are using Opera (v 9.1 or higher):

  1. Launch Opera
  2. Click on Settings, choose Preferences and then Advanced, opt for Security.
  3. Make sure that Enable Fraud Detection is activatede.

If you are using Google Chrome:

  1. Launch Google Chrome
  2. Click on Options, and then opt for Advanced.
  3. Click on Enable phishing and malware protection.

Rule 4: Regularly update operational system on your computer

Similarly, if your browser needs updating so does operational system on your computer. Latest updates help to patch up holes in security features and improve overall system performance.

Below you will find instruction on how to update operational system on your computer:

If you are using Windows 7:

  1.  Press Start
  2. Launch Windows Update program.
  3. Follow step-by-step instructions listed in the program.

Additional information on Windows 7 updates may be found here:
http://windows.microsoft.com/en-gb/windows7/learn-how-to-install-windows-7-service-pack-1-sp1

If you are using Windows Vista: 

Windows Vista Service Pack 2 is the latest available update and it provides additional important improvements to Windows Vista. In order to install SP2, you must first have Windows Vista Service Pack 1 installed.

To learn if SP2 is already installed:

Click the Start button, right-click Computer, and then click Properties.

If Service Pack 2 is listed in the Windows edition section, SP2 is already installed on your computer and you don't need to follow the instructions below.

To install SP2 using Windows Update
  1. Make sure you are connected to the Internet.
  2. In the left pane, click Check for updates.
  1. Click the Start button, click All Programs, and then click Windows Update.
  1. Click View available updates. In the list of updates, select Service Pack for Microsoft‌ Windows (KB948465), and then click Install. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Additional information on Windows Vista updates may be found here:
http://windows.microsoft.com/en-gb/windows-vista/Learn-how-to-install-Windows-Vista-Service-Pack-2-SP2

If you are using Windows XP: 

Set up Automatic Updates

With the Automatic Updates feature, Windows XP can automatically download and install the most important updates for you (including most security updates). Automatic updating can help protect your computer from new and emerging security threats. However, many updates require some user feedback before they can be installed.

To enable Automatic Updates
  1. Use Microsoft Internet Explorer to visit Microsoft Update.
  2. On the right side of the page, Internet Explorer displays the current status of Automatic Updates:
  • If Automatic Updates is turned on, your computer is protected. Windows XP will automatically install updates. You don’t need to follow the rest of these steps.
  • If Automatic Updates is turned off, click Turn on Automatic Updates.
  1. In the Automatic Updates window, click OK.  

Additional information on Windows XP updates may be found here:
http://windows.microsoft.com/en-GB/windows/products/windows-xp

Caution: 

  • Support for Windows Vista Service Pack 1 (SP1) ended on July 12, 2011.
  • Support for Windows XP with Service Pack 2 (SP2) ended on July 13, 2010.*

If you're running one of these versions after support ends, you won't get security updates for Windows.

* Note: There's no SP3 for the 64-bit version of Windows XP. If you’re running the 64-bit version of Windows XP with SP2, you have the latest service pack and will continue to be eligible for support and receive updates until April 8, 2014.

More information on Windows XP updates may be found here:
http://windows.microsoft.com/en-GB/windows/help/end-support

 

Rule 5: Make sure that your registered e-mail address is secure

Your e-mail is vital in protecting your account. E-mail is used to help you regain control of your account in case of break-ins, forgotten passwords, and in other cases. Even if you protect your account, unsecure e-mail can negate all your efforts. Hence,  the recommendation list for your e-mail:

  • Try not to use an e-mail to which accounts of other services are registered. The less is known about an e-mail where you registered your account the better.
  • Do not use your game password as the e-mail password.
  • Regularly change your e-mail password.
  • Regularly check your mail settings. Forwarding of your incoming mail to someone else's address, or security question, set by evildoers, will allow attackers to gain access to your account time and time again.
  • Do not store notifications of game password changes. It is best to delete such messages after reading.

More information about Email Account Security may be found here: http://worldoftanks.com/game/guide/en/account_security/recovering-stolen-account

Rule 6: Make sure that your PC is free of malicious software

In addition to a variety of attempts to steal your password, attackers may also make use of viruses. Computer viruses are are special programs designed to perform certain actions on users’ computer without their knowledge. For example, viruses may identify and steal login and password from your account. Thus, being careful and following the rules listed above, your username and password can still be stolen without you knowing it.

To avoid these malicious manipulations, you must use antivirus software and antispyware programs. This will allow you to be sure that on your PC there are no programs that can steal your data.

Most antivirus and antispyware programs should be periodically updated. This is due to the fact that over time the web gets flooded with new viruses. Developers release updates of antivirus software to let anti-virus programs detect all known up-to-date viruses. That's why before you start checking your computer, be sure to use the latest version of antivirus software.

Antivirus programs

Antivirus programs scan PC memory and hard drives for viruses and then remove them. The following list shows the most popular antivirus programs:

Antispyware programs

Antispyware programs scan hard drives and memory of your computer for malicious programs, which without your knowledge gather information on how a computer operates. Such programs may be causing various technical failures: "freezes," spontaneous closures of programs and games, Internet connection problems, etc.

Rule 7: Regularly change your passwords

We understand that it is very inconvenient to invent new passwords and remember them, especially if your password is not a pet’s name but a set of uppercase and lowercase letters mixed with numbers. However, if you stick to these easy steps, you will protect yourself from a sea of troubles:

  • Do not use the same password for different services. If an attacker discovers your password, not only will your account in World of Tanks suffer, but all your other services as well.
  • Use complicated, i.e. strong passwords. If you are using a simple password (such as any English language word), then this account easier to hack through password dictionary crypts. For example, if your password is ‘apple,’ a special software will pick it up very quickly, starting with a search of the letter ‘A.’ On the other hand, it will take a whole year or even more to crack a very strong password such as KLhfd44Odsjf8443htlmsasd.
  • Last but not least, if somehow evildoers get to know your password, regular password changes will help you to get out of harm’s way.

Rule 8: Avoiding online scams

Sometimes you come across quite tempting offers on the internet, saying “World of Tanks gold at 50% discount (70%, 80%, and etc.), account hacking and gold selling”, and etc.

First of all, we would like to draw your attention to a significant point:

All in-game billing procedures and operations (gold and credits crediting, vehicles upgrading and etc.) take place on the game servers, not on a player’s PC. In other words, it’s impossible to make billing or technical changes to a World of Tanks account by-passing the game server.

You can change the interface of your garage, the exterior of your vehicles, get millions of in-game gold or credits, but all these changes will be fake and will not affect the real account status.

Websites

The fraudulent offers are usually found on specially created websites. Their aim is to make you provide your in-game nickname and password. Some of them might also try to get your email access data. Undoubted, further changes to your account are possible to be performed by other people.

We remind you that you should insert your login data on the official portal of World of Tanks only, and never on offsite.

Malware

Another way used by cheaters is the active advertising and distribution of programs which “will help you to upgrade in-game vehicles in two clicks and will give any desirable amount of gold”. Firstly, fraudulent malware might provide unauthorized access to your account in a few seconds. Secondly, when you visit such websites you risk to be infected with a spying program that will give a cheater any available information from your PC.

  • Both ways of cheating are often supported with some videos or images, proving the “successful account changes”. Moreover, these proofs can be followed by massive positive feedback on “effective” use of these methods, which are created especially for you to talk you into using them.