For everyone's enlightenment and education, here's an email the support guy sent me:
__________________________________________________

Hello Aaron,
******************Please make sure you read through this ENTIRE EMAIL, as all of this information is VERY important.******************

My name is Michael, and I'm the Blizzard Representative that will be assisted you with your account today.

Below I have attached some information on how to recover this account and your items/gear/characters in it; as well, it includes some information on how to keep your account secure. I will admit--it's very wordy, but if you follow the instructions, it will help you from getting compromised in the future.

REGAINING ACCESS:

I have went ahead and removed that authenticator from the account for you.

I  reset your password to the account. You should be recieving that here shortly; it'll let you sign back into the account.

MISSING CHARACTERS, ITEMS, AND GOLD:

After a further review of your World of Warcraft account, we have found evidence of damages to one or more of the characters as a result of the recent compromise.

As a result, we have forwarded your ticket to the In-Game Support department for further investigation and troubleshooting. Please keep in mind that, due to the nature and complexity of these types of tickets, it may take several days for us to contact you with the conclusion of our investigation. We apologize for the delay and thank you for your patience and understanding in this time.

You do not need to worry about putting in a ticket yourself; this has all been taken care of for you.

COMPUTER AND ACCOUNT SECURITY:

Please follow the steps at http://us.battle.net/security/checklist.html to completely secure this computer and your account from future attacks. Please follow this simple check list to keep your account secured.

Also, there is an issue with certaing 3rd party websites. Websites with weak security (ie: 3rd party fan websites) make easy targets.  Basically this will bypass any security software you have since it's running through a script on the affected web page.   No user action or downloading would be required, which is why it's so dangerous. Just having the website up in the background when you go to login could potentially compromise the account information. So when you play, try to make sure you don't have any non-secure websites up.

Our own tech reps also know another possible issue. Do you use the Curse Client or WowMatrix?  These programs seem to be getting  everybody I've talked to keylogged.  Be very, very careful with programs that  install addons for you.  Rather, install the addons yourself.  Better safe  than sorry!

You can install the UI mods you wish to use. By default, all UI mods should be  installed in the Interface/AddOns folder. If you are not sure how to install  your UI mods please contact the publisher of your mods. Technical Support does  not offer assistance with UI mods.

BLIZZARD AUTHENTICATOR:

We have provided an optional layer of security for World of Warcraft. The Blizzard Authenticator is a small electronic device, designed to be attached to a keychain that generates a six digit security code at the press of a button. The code is a unique code that is only valid for a limited time to use along with the account name and password upon login. With each push of a button, the Blizzard Authenticator will generate a new code to be used upon login. The Blizzard Authenticator will be available for purchase at Blizzard's online store for $6.50 USD (http://blizzard.com/store/).

Each Blizzard Authenticator can be associated to several accounts, as it will be required to have the Blizzard Authenticator present in order to login. To associate your account with the Blizzard Authenticator, you will need to enter the serial number on the back of your Blizzard Authenticator at the Account Management screen (https://www.worldofwarcraft.com/account).

For more information about the Blizzard Authenticator Key Chain and the Battle.net Mobile Authenticator application, please visit: http://us.blizzard.com/support/article.xml?tag=BLIZZARDAUTH.

SCAMS AND PHISHING

We have recently seen an increase in these phishing attempts which pose a real threat for account security. As a friendly reminder, many scams will ask you for your password, which is something Blizzard Entertainment will *NEVER* do.

You may wish to review the following links for more information on phishing emails:

- Information concerning email scams, examples of phishing emails, and what to do in the event you have received a phishing email can be found on the Customer Service Forum here: http://forums.worldofwarcraft.com/thread.html?topicId=965511383

- How to tell if the email you received is legitimate: http://us.blizzard.com/support/article/25133

- Information concerning scams, examples of website scams, and what to do in the event you have visited a fake website can be found on the Customer Service Forum here: http://forums.worldofwarcraft.com/thread.html?topicId=965511383

You may wish to add additional security to the account with the use of an authenticator.  Information about this device can be found here: http://us.blizzard.com/support/article/BLIZZARDAUTH
*{1828-13961}*

Regards,

Michael
Billing & Account Services Representative
Blizzard Entertainment
michaelq.support@blizzard.com