Fobbing off cyberthieves via virtual worlds

As more business and social life has moved onto the Web, criminals thriving on an underground economy of credit card thefts, bank fraud and other scams rob computer users of an estimated $100 billion a year, according to a conservative estimate by the Organization for Security and Cooperation in Europe. A Russian company that sells fake antivirus software that actually takes over a computer pays its illicit distributors as much as $5 million a year.

With vast resources from stolen credit card and other financial information, the cyberattackers are handily winning a technology arms race.

“Right now the bad guys are improving more quickly than the good guys,” said Patrick Lincoln, director of the computer science laboratory at SRI International, a science and technology research group.

My World of Warcraft account is now more secure than my bank account. It is harder to steal 5,000 fake Warcraft gold from me than $5,000 real US dollars. Why? Because unlike my bank, my computer game supports two factor authentication.

About six months ago Blizzard started selling the Blizzard Authenticator to its US customers for the nominal price of $6.50. It's a little keychain fob that generates random number codes that change frequently. Logging in to WoW requires both a password and the current code.