Curse

Fril Estelin · Jun 13, 2008, 07:02 AM // 07:02

Security Tips for the Guild Wars (GW) player
version 1.0 (05/11/2009)

By Fril Estelin, on Guild Wars Guru

Released under Creative Commons Attribution-Share Alike 3.0 United States:
http://creativecommons.org/licenses/by-sa/3.0/

This is a simple and straightforward mini-guide to security so that you and all GW players can enjoy a safer Guild Wars experience. Please contact the author if you spot mistakes and have comments or suggestions.

Note: This guide does not take as an assumption that it is solely the GW players' responsibility to take care of security issues in GW, Anet/NCsoft still has a responsibility to make the game secure, but they can't be left alone in this fight against hackers, scammers and other malicious people. My intention is to help people, not scare or create another debate on the issue.

Note 2: Many thanks to the Guru-ers that directly or indirectly contributed to this guide.

1) The Current Security Threat and How to Be Safe

Scammers, hackers and other malicious people are trying every day to get an advantage by exploiting vulnerabilities and weaknesses of MMORPG users and software. It is important that everyone understands basic security principles, apply them at their level and spread the word around. Never forget that your security depends on the security of others too, and helping someone else being more secure may prevent problems from happening in the future, and thus impacting you and others indirectly.

Modern hackers use computing techniques to break into your computer, but they also use social engineering techniques where they gather information by making users believe something that is false via the use of clever communication techniques. For example, they try to make people believe that they have a genuine problem or request by saying something like "drop your Elite weapon so that I can take a picture of it", and then use the Ebon Escape skill to shadow step to the person and steal the item. They will also try to be seen as legitimate authority by saying "I am a GW Game Master so do as I say", while someone knowledgeable would know that a GW "Game Master" (or developer/designer/community manager) would never use his power to gain an advantage over GW players. You can consult a quite complete list of these scams here:
http://www.guildwiki.org/Common_scams

On the other hand, be careful not to distrust everyone simply because a few people are malicious! Not only would this greatly diminish your GW experience by separating you from a lot of honest GW players, but this can actually be used against you (e.g., to force you to quit GW). Try to be cautious but not paranoid (which usually creates a false sense of security). You need to be vigilant but not obsessed with security! And balance your actions according to the risk. For example, no need to bother buyers or sellers for trades of items worth a few gold pieces, but look carefully at the trade window for trades of items worth a few platinums.

Always remember that "thinking" will save you from dangerous and unexpected circumstances. Sometimes emotions carry you away and you forget to think with your mind, but instead react with your heart. Malicious people are always trying to improve their techniques and find new ways to attack. Inattention or ignorance facilitates the job of scammers and hackers. It is healthy to warn people about scamming attempts and other kind of attacks, but you should also be careful not to frighten people as it would bring more harm than good. Feel free to communicate and ask questions on fansites and among your guild, but always in a calm way.

Security is always as strong as the weakest "link" of the chain. Antivirus and firewall are only two "links" among others (see section 3 below). Other "links" include for example: passwords, software update status, personal data (e.g., credit card or social security numbers, real or in-game name and address) protection. So, having the best security software will not save you if your passwords are weak (see section 2 below).

2) The Weakest Link in the Security Chain

The weakest link is usually for most users their password. It is either too weak (i.e. it can be guessed easily, e.g., your in-game name) or not well protected (it is given to friends and family, or other users selling their in-game services).

If you shared your password with anyone, even mum, dad, your best friend or your husband/wife, you are at risk. These people may not reveal it consciously, but it may be stolen from them at one point by malicious people. For example, someone may pretend to be you or an ArenaNet/NCsoft representative, and ask them to reveal your password. Similarly, guildies or GW players selling their in-game services should not know your password under any circumstances.

ArenaNet or NCsoft staff would never, ever ask you for your password, under any circumstance and for any reason whatsoever, because they have other legitimate means to access information about your account (without compromising your security). Only someone not from ArenaNet or NCsoft would ask you your password. And remember that sharing your password will, in case of problems, make the work of identifying the problem impossible, because the problem happened outside of the system that ArenaNet and NCsoft control. And never, ever use the same password for 2 different systems (e.g., email, GW account, GW Guru account, forums etc.), because a breach of security in one account means that the other account is affected too, thus opening more doors to the hacker.

A strong password should ideally contain letters both in lower and upper case, numbers, special signs (@#$%^&*) if allowed, and be at least 8-symbols long. A password should NOT be a word you can look in a dictionary, a name or a date. Even a "phrase acronym" (where you take the first letter of each word in a given sentence, e.g., "Hello It'S Me The Mad King Thorn" would be HISMTMKT) is not so good, but better than the previous ones. Some people use the following trick to make passwords stronger: use a word you remember well and change one or two letters to something that looks "visually" the same, i.e., "e" is replaced with "3", "A" with "4", or "O" (capital letter o) with "0" (zero). Find your own way to create strong passwords, so that no one can really guess it by following simple rules. Create your own rules (e.g., use long passwords from a sentence, invent new words, etc.).

Here are a few password strength testers and more information on passwords:

Password testers:
Articles about passwords:
- http://www.microsoft.com/protect/you...rd/create.mspx
- http://www.sophos.com/pressoffice/ne...ordadvice.html

You can create strong passwords and manage them using a small Password Manager utility software such as PasswordSafe (you can find other similar software on the web). This application protects all your passwords with one "master password" (choose this one wisely, make it strong and make sure no one but you knows it) and encrypts the password list. It can even be put on a USB memory dongle if you want to have your passwords with you all the time.

3) The Security of your Software

Always have an antivirus and firewall active, at all times and without exception, even when playing GW and other online games. NCsoft and ArenaNet advise the gamers who want a lightweight antivirus solution to use Sana Security:
http://eu.plaync.com/eu/about/pressr...sana_security/
There exists other similar antivirus software targeted at users playing games.

You should also make sure that Windows and all the applications running when you play GW are up-to-date. Activate the Automatic Update feature or check regularly the Windows Update website. And regularly check that your applications are updated, as they may be the open door that a hacker will use to get into your computer and data. The frequency of updates depends on how frequently the application is used, it's typically every few hours for an anti-virus, every few days for used applications, every few weeks for other applications, monthly for Windows (Microsoft always releases its Windows updates on the second Tuesday of the month).

You should also have an anti-spyware software running continuously, or regularly scan your computer using the common anti-spyware tools (every few weeks):

Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam.php
Spybot S&D: http://www.safer-networking.org/en/download/index.html
Lavasoft AD-aware: http://www.lavasoftusa.com/products/ad_aware_free.php

It is also good security practice to regularly clean your system of all temporary and not essential files using a tool such as CCleaner (every few weeks):
http://www.ccleaner.com/download

Mozilla Firefox also has a "Clean Private Data..." command in the Help menu that can be used every time Firefox is closed by going into the Options, then Privacy and at the bottom in the "Private Data" category you will find the "Always clear my private data when I close Firefox" (which can be tweaked with the button next to the option).

The issue of which browser between Internet Explorer and Mozilla Firefox is more secure has been the subject of a very long debate for years. This guide will not make any statement about this important issue but will highlight its importance instead: make sure that the browser you use is up-to-date (for Internet Explorer check this page: http://www.microsoft.com/windows/Int...r/default.aspx; Firefox updates itself from version 3 and above, but you can also use the command "Check for updates" in the Help meny). You can add another level of security by checking the browser settings (for Internet Explorer use the "Internet Options" command in the Tools menu; for Firefox the "Options" command in the Tools menu), and in particular the "privacy" settings.

Be careful about the third party programs that you install when running GW. Some may contain malicious components, for example an add-on such as texmod that was downloaded from a website different from the official one (the official version of texmod is clear of known viruses and trojans). Read Anet's page about mods on the official GW wiki:
http://wiki.guildwars.com/wiki/Guide...-game_graphics

The general rule is to install only software that you can "trust". Although the exact meaning of this is difficult to explain, this means for example that you read a review of the software in a professional magazine or a reliable website, that a knowledgeable friend or acquaintance recommended it to you, or that it's a paying application with good customer support (and not from an obscure company that no one has ever heard of). If in doubt, always feel free to ask your friends, guildies and on GW Guru.

4) Email security

Your computer security is not enough, as you use your computer to do many other things, one of which is reading and writing emails on one or several email accounts. You also use email addresses as account name, for example for your accounts in GW, on the NCsoft website or on this forum. It is advisable to not use the same email address for accounts that can be linked or are closely related to each other, because a hacker that would be able to penetrate one may then gain access to some information about your other accounts.

Another aspect of email security is that hackers and scammers tend to circulate malicious programs hidden in email attachments, hoping that you will click on them and thus infect your computer. When you receive an email that may sound suspicious (not all of them are suspicious and many email providers already check all emails against known threat), do the following:

Always check first the email address; this should give you hints of where it comes from; if you see an email address such as [email protected] it is not a legitimate email address from someone at NCsoft because the domain name "nc-soft.com" is not legitimate (a hacker registerd this domain to send infecting emails or do some "phishing" to display webpages looking like NCsoft's ones but who are instead stealing private information); on the other hand the email [email protected] is legitimate because the domain name "play-nc.com" redirects to the official NCsoft website www.ncsoft.com (you can see this by typing it in your browser);
Next, check the web links in the email; this means not only looking at what you see in the email, but hovering over the link and looking at the destination url is shown (in Mozilla Firefox, this is shown in the status bar; for Internet Explorer users, you will have to right-click the link and select properties) which should correspond to the one shown in the content of the email; if it does not correspond, then you are sure it is a scam;
Lastly check the content of the email: are they asking for things they shouldn't be asking you, like a password or a credit card/bank account number? is the content written with quite a number of typos or English mistakes (a few typos is normal, whereas a certain number shows that the originator of the email is foreign)?

A legit and professional email will 99% of the time be well written, organised, clear and detailed, including a mention of security and scams (but you should still be cautious and do the above). If you are suspicious of an email, talk about it to friends or knowledgeable people. If you feel not confident enough to deal with the email issues, ask questions to friends or knowledgeable people. Don't stay in the dark, try to understand the problem so that you become better protected with this knowledge.

5) Last few things to do

Last, but not least, always remember to regularly back up your "sensible" data. No need to back up every single piece of data. Decide what needs to be saved depending on your personal use of the files. Work and administrative documents should be saved without a doubt, but you may or may not want to save game information.

Store "big" folders (such as the "C:\Windows" and "C:\Program Files") on a DVD (furthermore, it's very convenient for GW as you won't have to download again the whole game if you install it on a different computer, so back up the "C:\Program Files\Guild Wars\" folder for that), smaller ones on a CD and files you update frequently on a USB. For the latter files, you can find simple and usable utility programs such as Vice Versa. There are also a few reliable online back up services that you can use, that can additionally make your data available anywhere on the net (some people use their email accounts for that), e.g. DropBox.

You can also, once in a while, create Windows Restoration points.

6) A Word of Conclusion

Security is a process or an activity, but not a product. It's never perfect, but always need to be perfected. This means that buying an anti-virus or a firewall (though an absolute necessity nowadays) is not the end, but only one step towards the goal of securing your computer and game. The security threat evolves constantly as hackers exploit new vulnerabilities and develop new ways to scam people. This is why updating all your software is so important and will always be necessary.

Try (as much as you can but not more than that

) to raise awareness about security and trust around you, e.g., other people using your PC, members of your family, friends, guildies, Alliance members, colleagues. If the weakest link in the GW community becomes more secure, you automatically benefit because the work of hackers, scammers and other malicious people is harder. All security professionals know that the real weakest link in the chain of security elements is the human being. So help educate people and we will all make great progress.

In just a few words, remember: to be vigilant but not paranoid; to regularly check that you are up-to-date with your software and other security advices; to spread the word about security so that no one is at risk around you.

6) Further Reading

http://www.plaync.com/us/support/doc...ml?p_faqid=993

http://www.cert.org/homeusers/HomeComputerSecurity/

http://www.getsafeonline.org/

http://www.guildwarsguru.com/forum/s...php?t=10281974

Zamba · Jun 13, 2008, 07:40 AM // 07:40

This is a VERY good guide for people who want to keep their account safe.

I would consider this as a very helpful piece of information for new players.

Fril Estelin · Jun 13, 2008, 07:42 AM // 07:42

For a discussion, please use this thread:
http://www.guildwarsguru.com/forum/s...php?t=10281974

Only post here the suggested modifications to the original post. Many thanks!

obsidian ectoplasm · Jun 13, 2008, 07:45 AM // 07:45

Hey good guide ( even though i didnt really read much of it )

I was a victem of account thieft just wondering is there something like a keylogger scanner so i can make sure i dont have any

sorry if its said in this thread rememebr i didnt read it all i'm in a rush

Miska Bow · Jun 13, 2008, 09:13 AM // 09:13

Suggestion: Can a mod make this a sticky?

Rampager · Jun 13, 2008, 11:35 AM // 11:35

Quote:

Originally Posted by Fril Estelin

Be careful about the third party programs that you install when running GW. Some may contain malicious components, for example an add-on such as textmod that was downloaded from a website different from the official one (the official version of textmod is clear of known viruses and trojans). Read Anet's page about mods on the official GW wiki:

texmod not textmod

but yes very nice guide

Fril Estelin · Jun 13, 2008, 12:05 PM // 12:05

Quote:

Originally Posted by Rampager

texmod not textmod

but yes very nice guide

Good catch, thanks for the correction!

Hopefully it'll be stickied soon.

Chaos Theory Pvp · Jun 21, 2008, 04:31 PM // 16:31

Why not use your email for Guild Wars only, your account is effectively double password protected...

Fril Estelin · Jun 25, 2008, 09:35 AM // 09:35

Someone may ask: why should I care?

Well, read this:
http://blogs.technet.com/mmpc/archiv...-me-1-one.aspx

Gamers are jnowadays much more the target of Trojans that people rading their emails were the target of the Storm Worm. And you may think "but I've got nothing worth" hacking...well think otherwise, you're a potential few additional dollars in the hacker's account because Asian RMT companies want your account for their nefarious purposes.

ALWAYS run an anti-virus, even it slows down you computer when playing games. Avoid game cracks, cracked games and untrustworthy game add-ons. And most importantly, don't panic or become paranoid.

And prefer Firefox to Internet Explorer too ...

P.S.: interesting to read this other blog entry (yes, Microsoft hires ex-hackers converted to the good cause):
http://blogs.technet.com/mmpc/archiv...ependency.aspx

Quote:

Here I am at Microsoft, where I've spent a very pleasant nearly three months already, which seems to be one of the industry's best kept secrets. It's been a while since I last posted about the EOF/DoomRiderz/rRlf zine, and I'm still waiting for what is essentially the remaining formal virus-writing groups to release it. My previous post (Notes from the Underground) caused quite a stir among both the media (for example, here) and the groups themselves. The post was about how the traditional virus-writing groups are disappearing, as the members leave the scene, only to be replaced by criminals. The oldskool viruses are becoming a thing of the past, and money is the new motivation.

The image of the old groups disappearing certainly resonated within the media. It's not quite as glamorous as the end of the Vikings or the Samurai, but some people might find some similarities. On the other hand, there were several posts on the EOF forum of the "let's show them" type, all written of course by people who wouldn't be doing the coding themselves.[...]

P.P.S.: another interesting link to videos about various Security topics (mostly for application developpers):
http://msdn.microsoft.com/en-us/security/bb896640.aspx

Fril Estelin · Jul 03, 2008, 09:35 AM // 09:35

Don't forget to not only read through these advices (possibly suggesting additions in the discussion thread mentioned above), but spread the word around you.

http://www.fortiguardcenter.com/repo..._jun_2008.html
Online Games are the most targetted applications in Asia, where online gaming is widespread. (source) More reports here and there.

Do not become paranoid, but make sure you're behaving cautiously.

Fril Estelin · Jul 07, 2008, 10:30 AM // 10:30

A very impressive analysis of webbrowser insecurity:
http://www.techzoom.net/publications...eberg/index.en

Long story short extracted from here:

...at least 45.2%, or 637 million users, were not using the most secure Web browser version on any working day from January 2007 to June 2008. These browsers are an easy target for drive-by download attacks as they are potentially vulnerable to known exploits.

That number breaks down as 577 million users of Internet Explorer, 38 million of Firefox, 17 million of Safari, and 5 million of Opera.

This relate directly to Section 3 "The Security of your Software" of this guide. Update all your software regularly! Any software on your computer is a potential open door to a malicious person (but no need to live in a fortified house either

).

Edit: above article references this very nice and interesting blog entry:
http://www.ofcourseimright.com/?p=29
Good Fences Make Good Neighbors

Tarun · Jul 07, 2008, 04:31 PM // 16:31

Quote:

Originally Posted by obsidian ectoplasm

Hey good guide ( even though i didnt really read much of it )

I was a victem of account thieft just wondering is there something like a keylogger scanner so i can make sure i dont have any

sorry if its said in this thread rememebr i didnt read it all i'm in a rush

A virus scanner like avast, and an anti-spyware program like Malwarebytes Anti-Malware will do the trick.

illidan009 · Jul 20, 2008, 08:41 PM // 20:41

Just changed my pw according to the microsoft pw strength tester...it was"weak" but the new one is "strong". Very good guide. thanks alot!

Fril Estelin · Nov 05, 2009, 11:45 AM // 11:45

05/11/09: I've now update the guide to version 1.0, correcting a few typos, adding and fixing links, adding a paragraph on browser security and one section on email security.

Please send me an MP or resurrect the thread indicated at the end of the guide for any question or suggestion.

Mods please re-close the thread, ty!