I found this on a WoW discussion. Does it help? One thing I find VERY interesting. In this thread someone mentions "right after a patch I got hacked"
Same thing here. We just had the 2.3 patch and he had just finished patching and not 1 hour after doing so he was hacked.
In my looking around for information on this subject I did find a few good words of advice.
1. Keep "Remember me" checked so you don't have to re-enter your account username. Keyloggers can't get your username if you never have to enter it.
2. Don't let others use your computer to play. They would have to change the username, and you change it back to play, possibly keylogging it.
3. Don't type in your password, copy and paste it from a text file. keeping passwords on file is a no-no in itself, but just for WOW this will keep you from every keylogging the password.
4. Don't use Mods that require your password and don't launch WOW from any mod interface