Does anyone remember an old post here on BG before it was called "The New Standard"?
In that post, the player found out that the security token generated number can stay active
up to 30 minutes. That means if you happened to get a keylogger auto-downloaded onto your computer through a banner ad with a malicious script, and not using any protection on your PC for these sort of things, yes, you can
still get your account compromised with a security token in place.
It's why never, never, ever have a false sense of security when it comes to these things. Never tell yourself that it won't happen to you. Live with a little paranoia in your life, but not so much that it'll take over it but just enough to protect you.
So, in a way, I'm not too surprised this has happened, but I am also both worried and concerned that more events like this are going to happen soon. RMT are getting quite sophisticated now. They can pretend to be GMs by taking advantage of the line breaking space in tells to placing malicious code in banner ads.
If you are using Internet Explorer and don't want to use Firefox for whatever reason you religiously follow to a "T", then I highly recommend you install this:
IE7 Pro.
It does what Ad Block and NoScript does for Firefox. It doesn't work for any version of IE that's version 6 or lower. It only works for IE7 and higher, including 8.
If you use Opera, you have to manually block the ads and HTML (or other code) per website or per page. It isn't done automatically for you, unless you blacklist the items in question first before you visit a website.
I'm sorry this happened, but it's better to be over-prepared and protect your computer.
Keep up-to-date anti-virus, anti-spyware, and anti-malware software on your computer. Install a software firewall like Comodo Internet Suite or ZoneAlarm.
Another good thing to have is this: KeyScrambler. It encrypts your keystrokes at the kernel level. You can get it here:
QFX Download. Free version encrypts your keystrokes in IE and Firefox. Paid versions can encrypt your keystrokes in other programs.